[Postfixbuch-users] content filter
Andreas Winkelmann
ml at awinkelmann.de
Mi Jul 18 22:05:31 CEST 2007
On Wednesday 18 July 2007 21:56, Roland M. Kruggel wrote:
> > >>>> ich bin dabei einen content-filter zu schreiben. Im Prinzip
> > >>>> wird es ein stark erweitertes altermime.
> > >>>>
> > >>>> Ich habe postfix konfiguriert und das aufruf-script
> > >>>> installiert. Leider funktioniert es nicht so wie ich es
> > >>>> wünsche.
> > >>>>
> > >>>> Mein Script wird zwar aufgerufen, die Mail wird auch in das
> > >>>> filter-verzeichnis geschrieben und an postfix zurückgeliefert,
> > >>>> allerdings 19! mal. Danach bricht postfix mit den
> > >>>> Fehler '<rkruggel at gmx.de>: too many hops' ab.
> > >>>>
> > >>>>
> > >>>> Hier meine Konfiguration:
> > >>>>
> > >>>> /etc/master.cf
> > >>>> disclaimer1 unix - n n - -
> > >>>> pipe flags=Rq user=filter argv=/etc/postfix/disclaimer1.sh -f
> > >>>> $(sender) -- $(recipient)
> > >>>>
> > >>>>
> > >>>> /etc/main.cf (auszug)
> > >>>> smtpd_client_restrictions =
> > >>>> check_client_access pcre:/etc/postfix/maps/disclaimercheck
> >
> > Hier ist ein check_client_access erwähnt.
>
> Mein Fehler. s/client/sender/
>
> > >>>> /etc/postfix/maps/disclaimercheck
> > >>>> /.*@gmx\.de/i FILTER disclaimer1:dummy
> > >>>> /.*@bbf7\.de/i FILTER disclaimer1:dummy
> >
> > Hier sind Emailadressen aufgeführt, die für einen
> > Check_client_access keine Bedeutung haben.
> >
> > > Jul 18 20:56:28 mail1 postfix/smtpd[805]: NOQUEUE: filter: RCPT
> > > from p50912304.dip0.t-ipconnect.de[80.145.35.4]:
> > > <rkruggel at bbf7.de>: Sender address triggers FILTER
> > > disclaimer1:dummy;
> > > from=<rkruggel at bbf7.de> to=<rkruggel at gmx.de> proto=ESMTP
> > > helo=<sigma.local.netz>
> >
> > Hier ist die Aktion eines check_sender_access. Hast du dich oben
> > verschrieben?
>
> Ja. Sorry. Ich hatte es vorrübergehen wieder geändert. Sonst konnte
> ich keine Mails versenden. ist check_sender_access.
>
> > Dagegen hilft "postconf -n"
> > Zeige auch mal die master.cf (ohne kommentare)
>
> mail1:/etc/postfix# postconf -n
Aha.
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> biff = no
> body_checks = pcre:/etc/postfix/maps/body_checks
> bounce_template_file = /etc/postfix/bounce-templates/bounce.de-DE.cf
> broken_sasl_auth_clients = yes
> canonical_maps = hash:/etc/postfix/maps/canonical
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
Ein globaler content_filter.
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 1
> debug_peer_list =
> disable_dns_lookups = no
> disable_vrfy_command = yes
> header_checks = pcre:/etc/postfix/maps/header_checks
> helpful_warnings = yes
> home_mailbox = Maildir/
> local_destination_concurrency_limit = 2
> local_recipient_maps = $alias_maps
> hash:/etc/postfix/maps/local_recipient
> mail_name = Postfix
> mail_owner = postfix
> mailbox_command = /usr/bin/procmail
> mailbox_size_limit = 0
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> message_size_limit = 15728640
> mime_header_checks = pcre:/etc/postfix/maps/mime_header_checks
> mydestination = $myhostname localhost.$mydomain $mydomain
> localhost lists.$mydomain alma.$mydomain sigma.$mydomain
> xen-ssh.$mydomain xen-app-c1.$mydomain xen-app-c2.$mydomain
> xen-db1.$mydomain xen-db2.$mydomain
> mydomain = bbf7.de
> myhostname = mail1.bbf7.de
> mynetworks = 212.144.119.46, 127.0.0.0/8
> myorigin = $mydomain
> newaliases_path = /usr/sbin/sendmail
> readme_directory = /usr/share/doc/packages/postfix/README_FILES
> recipient_canonical_maps = hash:/etc/postfix/maps/canonical_recipient
> recipient_delimiter = +
> relay_domains = $mydestination
> relayhost =
> relocated_maps = hash:/etc/postfix/maps/relocated
> sample_directory = /etc/postfix
> sender_canonical_maps = pcre:/etc/postfix/maps/canonical_sender
> sendmail_path = /usr/sbin/sendmail
> setgid_group = postdrop
> smtp_sasl_auth_enable = no
> smtp_tls_CAfile = /etc/postfix/certs/CAcert.pem
> smtp_tls_cert_file = /etc/postfix/certs/cert.pem
> smtp_tls_key_file = /etc/postfix/certs/key.pem
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP
> smtpd_client_restrictions = check_sender_access
> pcre:/etc/postfix/maps/disclaimercheck
Ebenfalls global.
> smtpd_helo_required = yes
> smtpd_helo_restrictions = permit_mynetworks
> reject_invalid_hostname reject_non_fqdn_hostname
> smtpd_recipient_restrictions = permit_mynetworks
> permit_sasl_authenticated reject_invalid_helo_hostname
> reject_unknown_helo_hostname reject_non_fqdn_hostname
> reject_non_fqdn_sender reject_non_fqdn_recipient
> reject_unauth_destination reject_unauth_pipelining
> reject_unknown_sender_domain reject_unknown_recipient_domain
> reject_unknown_hostname check_recipient_access
> hash:/etc/postfix/maps/access_recipient check_policy_service
> inet:127.0.0.1:60000 permit_mx_backup permit
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions = permit_mynetworks
> permit_sasl_authenticated reject_unauth_destination
> check_sender_access pcre:/etc/postfix/maps/access_sender
> reject_non_fqdn_sender reject_unknown_sender_domain permit
> smtpd_tls_CAfile = /etc/postfix/certs/CAcert.pem
> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/postfix/certs/cert.pem
> smtpd_tls_key_file = /etc/postfix/certs/key.pem
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> strict_rfc821_envelopes = yes
> tls_random_source = dev:/dev/urandom
> transport_maps = hash:/etc/postfix/maps/transport
> unknown_address_reject_code = 550
> unknown_hostname_reject_code = 556
> unknown_local_recipient_reject_code = 550
>
>
>
>
> mail1:/etc/postfix# /bin/grep -v '#' master.cf
> smtp inet n - n - - smtpd
> -o receive_override_options=no_address_mappings
> smtps inet n - y - - smtpd
> -o smtpd_tls_wrappermode=yes
> -o smtpd_sasl_auth_enable=yes
> submission inet n - y - - smtpd
> -o smtpd_enforce_tls=yes
> -o smtpd_sasl_auth_enable=yes
> pickup fifo n - n 60 1 pickup
> cleanup unix n - - - 0 cleanup
> qmgr fifo n - - 300 1 qmgr
> rewrite unix - - - - -
> trivial-rewrite
> bounce unix - - - - 0 bounce
> defer unix - - - - 0 bounce
> trace unix - - - - 0 bounce
> verify unix - - - - 1 verify
> flush unix n - - 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - - - - smtp
> relay unix - - - - - smtp
> showq unix n - - - - showq
> error unix - - - - - error
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m "${extension}"
> ${user}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop
> ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=bsmtp
> argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
> scalemail-backend unix - n n - 2 pipe
> flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> ${nexthop} ${user} ${extension}
>
> smtp-amavis unix - - n - 8 smtp
> -o smtp_data_done_timeout=1200
> -o smtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> -o max_use=20
>
>
> localhost:10025 inet n - n - - smtpd
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o
> smtpd_recipient_restrictions=permit_mynetworks,reject_unauth_destination
> -o mynetworks=127.0.0.0/8
> -o
> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
Ok also:
smtpd(25) -> disclaimer -> sendmail/pickup -> content_filter(amavis) ->
smtpd(10025) -> disclaimer -> sendmail/pickup -> content_filter(amavis) ->
smtpd(10025) -> disclaimer....
> mailman unix - n n - - pipe
> flags=FR user=list
> argv=/var/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
> ${user}
>
> tlsmgr unix - - - 1000? 1 tlsmgr
> scache unix - - - - 1 scache
> discard unix - - - - - discard
>
> disclaimer1 unix - n n - - pipe
> flags=Rq user=filter argv=/etc/postfix/disclaimer1.sh -f
> $(sender) -- $(recipient)
--
Andreas
Mehr Informationen über die Mailingliste Postfixbuch-users