[Postfixbuch-users] smtpd_recipient_restriction wird auf eine Adresse nicht angewendet?
Stephan Budach
stephan.budach at jvm.de
Fr Mai 4 18:46:52 CEST 2007
Stephan Budach schrieb, Am 04.05.2007 18:32 Uhr:
> Sandy Drobic schrieb, Am 04.05.2007 16:53 Uhr:
>> Stephan Budach wrote:
>>
>>>>> Kann man denn überhaupt die smtpd_recipient_restrictions für
>>>>> einzelne Mail-Adresse umgehen?
>>
>>>> Nein, die Prüfung kann höchstens durch einen Check, der sehr schnell
>>>> OK oder REJECT als Ergebnis bringt, abgekürzt werden.
>>> Hmm, aber man müsste doch wenigstens die ">>> START Recipient address
>>> RESTRICTIONS <<<" Tags sehen, auch wenn dann dazwischen nicht viel
>>> käme, oder?
>>
>> Ja, die müssen auf jeden Fall vorhanden sein (wenn der smtpd auf verbose
>> logging gestellt wurde). Selbst ein leeres smtpd_recipient_restrictions,
>> was nicht möglich ist, würde den Start und das Ende der Prüfung loggen.
>>
>
> Ja, der smtpd ist auf verbose logging und bei allen anderen kommt ja
> auch etwas. Seien es unbekannte Empfänger oder bekannte Empfänger.
>
>>> Genau diese Tags fehlen nämölich im Log bei meiner E-Mail Adresse,
>>> während bei allen anderen offenbar die restrictions immer ausgeführt
>>> werden.
>>
>> Extrem seltsam. Hast du mal getestet, ob es am Logging liegt oder ob es
>> tatsächlich daran liegt, dass die restrictions nicht ausgeführt werden?
>
> Na ja, ich bekomme auf dieser Adresse seit einiger Zeit alle möglichen
> Spams rein... :-(
>
>>
>> Setze doch einfach mal an erster Stelle in deiner
>> smtpd_recipient_restrictions =
>> warn_if_reject check_recipient_access hash:/etc/postfix/recipient_test
>> permit_mynetworks,
>> reject_unauth_destination
>> ...
>>
>> /etc/postfix/recipient_test:
>> eigene-adresse at example.com reject
>>
>
> Das werde ich mal gleich ausprobieren...
>
>> postfix reload und sehen, ob eine Warnung im Log erscheint. Wenn nicht,
>> würde ich mal schauen, ob du vielleicht im Syslog was seltsam
>> konfiguriert
>> hast, was dies ausblendet.
>>
> Okay, im syslog habe ich jetzt noch nicht direkt nachgeschaut, mache ich
> aber auch noch.
>
> Gruss,
> Stephan
>
Ich habs getestet und es ist tatsächlich so - keine smtpd_recipient_restrictions für diese Adresse.
Ich poste mal das log - ist aber recht lang:
May 4 18:36:31 mosx postfix/smtpd[2230]: connect from mx.jvm.de[212.1.38.4]
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: mx.jvm.de: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: 212.1.38.4: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: mx.jvm.de: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: 212.1.38.4: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: match_hostname: mx.jvm.de ~? 127.0.0.1/32
May 4 18:36:31 mosx postfix/smtpd[2230]: match_hostaddr: 212.1.38.4 ~? 127.0.0.1/32
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: mx.jvm.de: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: 212.1.38.4: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: auto_clnt_open: connected to private/anvil
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr request = connect
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr ident = smtp:212.1.38.4
May 4 18:36:31 mosx postfix/smtpd[2230]: private/anvil: wanted attribute: status
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: status
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 0
May 4 18:36:31 mosx postfix/smtpd[2230]: private/anvil: wanted attribute: count
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: count
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 1
May 4 18:36:31 mosx postfix/smtpd[2230]: private/anvil: wanted attribute: rate
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: rate
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 1
May 4 18:36:31 mosx postfix/smtpd[2230]: private/anvil: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 220 mosx.stephanbudach.de ESMTP Postfix
May 4 18:36:31 mosx postfix/smtpd[2230]: < mx.jvm.de[212.1.38.4]: EHLO mx.jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-mosx.stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-PIPELINING
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-SIZE 26214400
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-VRFY
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-ETRN
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: mx.jvm.de: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: 212.1.38.4: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-AUTH PLAIN PLAIN PLAIN OTP OTP OTP NTLM NTLM NTLM LOGIN LOGIN LOGIN GSSAPI GSSAPI GSSAPI DIGEST-MD5 DIGEST-MD5 DIGEST-MD5 CRAM-MD5 CRAM-MD5 CRAM-MD5
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-ENHANCEDSTATUSCODES
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250-8BITMIME
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250 DSN
May 4 18:36:31 mosx postfix/smtpd[2230]: < mx.jvm.de[212.1.38.4]: MAIL FROM:<stephan.budach at jvm.de> SIZE=1430 BODY=8BITMIME
May 4 18:36:31 mosx postfix/smtpd[2230]: extract_addr: input: <stephan.budach at jvm.de>
May 4 18:36:31 mosx postfix/smtpd[2230]: smtpd_check_addr: addr=stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: connect to subsystem private/rewrite
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr request = rewrite
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr rule = local
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr address = stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 0
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: address
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: address
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: rewrite_clnt: local: stephan.budach at jvm.de -> stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr request = resolve
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr sender =
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr address = stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 0
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: transport
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: transport
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: smtp
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: nexthop
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: nexthop
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: webmail.hansenet.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: recipient
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: recipient
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 4096
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: resolve_clnt: `' -> `stephan.budach at jvm.de' -> transp=`smtp' host=`webmail.hansenet.de' rcpt=`stephan.budach at jvm.de' flags= class=default
May 4 18:36:31 mosx postfix/smtpd[2230]: ctable_locate: install entry key stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: extract_addr: in: <stephan.budach at jvm.de>, result: stephan.budach at jvm.de
May 4 18:36:31 mosx postfix/smtpd[2230]: fsspace: .: block size 4096, blocks free 12533881
May 4 18:36:31 mosx postfix/smtpd[2230]: smtpd_check_queue: blocks 4096 avail 12533881 min_free 0 msg_size_limit 26214400
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250 2.1.0 Ok
May 4 18:36:31 mosx postfix/smtpd[2230]: < mx.jvm.de[212.1.38.4]: RCPT TO:<budy at stephanbudach.de>
May 4 18:36:31 mosx postfix/smtpd[2230]: extract_addr: input: <budy at stephanbudach.de>
May 4 18:36:31 mosx postfix/smtpd[2230]: smtpd_check_addr: addr=budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr request = rewrite
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr rule = local
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr address = budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 0
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: address
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: address
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: rewrite_clnt: local: budy at stephanbudach.de -> budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr request = resolve
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr sender =
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr address = budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 0
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: transport
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: transport
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: lmtp
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: nexthop
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: nexthop
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: unix:/var/imap/socket/lmtp
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: recipient
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: recipient
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: flags
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 1024
May 4 18:36:31 mosx postfix/smtpd[2230]: private/rewrite socket: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: resolve_clnt: `' -> `budy at stephanbudach.de' -> transp=`lmtp' host=`unix:/var/imap/socket/lmtp' rcpt=`budy at stephanbudach.de' flags= class=virtual
May 4 18:36:31 mosx postfix/smtpd[2230]: ctable_locate: install entry key budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: extract_addr: in: <budy at stephanbudach.de>, result: budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: rewrite_clnt: cached: local: budy at stephanbudach.de -> budy at stephanbudach.de
May 4 18:36:31 mosx postfix/smtpd[2230]: smtpd_check_rewrite: trying: permit_inet_interfaces
May 4 18:36:31 mosx postfix/smtpd[2230]: permit_inet_interfaces: mx.jvm.de 212.1.38.4
May 4 18:36:31 mosx postfix/smtpd[2230]: before input_transp_cleanup: cleanup flags = enable_header_body_filter enable_automatic_bcc enable_address_mapping enable_milters
May 4 18:36:31 mosx postfix/smtpd[2230]: after input_transp_cleanup: cleanup flags = enable_header_body_filter enable_automatic_bcc enable_address_mapping
May 4 18:36:31 mosx postfix/smtpd[2230]: connect to subsystem public/cleanup
May 4 18:36:31 mosx postfix/smtpd[2230]: public/cleanup socket: wanted attribute: queue_id
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: queue_id
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 6240E9CB07
May 4 18:36:31 mosx postfix/smtpd[2230]: public/cleanup socket: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr flags = 50
May 4 18:36:31 mosx postfix/smtpd[2230]: 6240E9CB07: client=mx.jvm.de[212.1.38.4]
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250 2.1.5 Ok
May 4 18:36:31 mosx postfix/smtpd[2230]: < mx.jvm.de[212.1.38.4]: DATA
May 4 18:36:31 mosx postfix/smtpd[2230]: >>> START Data command RESTRICTIONS <<<
May 4 18:36:31 mosx postfix/smtpd[2230]: generic_checks: name=reject_multi_recipient_bounce
May 4 18:36:31 mosx postfix/smtpd[2230]: generic_checks: name=reject_multi_recipient_bounce status=0
May 4 18:36:31 mosx postfix/smtpd[2230]: >>> END Data command RESTRICTIONS <<<
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 354 End data with <CR><LF>.<CR><LF>
May 4 18:36:31 mosx postfix/smtpd[2230]: public/cleanup socket: wanted attribute: status
May 4 18:36:31 mosx postfix/cleanup[2234]: 6240E9CB07: message-id=<463B6105.5000204 at jvm.de>
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: status
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 0
May 4 18:36:31 mosx postfix/qmgr[2222]: 6240E9CB07: from=<stephan.budach at jvm.de>, size=1613, nrcpt=1 (queue active)
May 4 18:36:31 mosx postfix/smtpd[2230]: public/cleanup socket: wanted attribute: reason
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: reason
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: public/cleanup socket: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 250 2.0.0 Ok: queued as 6240E9CB07
May 4 18:36:31 mosx postfix/smtpd[2230]: < mx.jvm.de[212.1.38.4]: QUIT
May 4 18:36:31 mosx postfix/smtpd[2230]: > mx.jvm.de[212.1.38.4]: 221 2.0.0 Bye
May 4 18:36:31 mosx postfix/smtpd[2230]: match_hostname: mx.jvm.de ~? 127.0.0.1/32
May 4 18:36:31 mosx postfix/smtpd[2230]: match_hostaddr: 212.1.38.4 ~? 127.0.0.1/32
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: mx.jvm.de: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: match_list_match: 212.1.38.4: no match
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr request = disconnect
May 4 18:36:31 mosx postfix/smtpd[2230]: send attr ident = smtp:212.1.38.4
May 4 18:36:31 mosx postfix/smtpd[2230]: private/anvil: wanted attribute: status
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: status
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute value: 0
May 4 18:36:31 mosx postfix/smtpd[2230]: private/anvil: wanted attribute: (list terminator)
May 4 18:36:31 mosx postfix/smtpd[2230]: input attribute name: (end)
May 4 18:36:31 mosx postfix/smtpd[2230]: disconnect from mx.jvm.de[212.1.38.4]
May 4 18:36:31 mosx postfix/smtpd[2230]: master_notify: status 1
May 4 18:36:31 mosx postfix/smtpd[2230]: connection closed
May 4 18:36:31 mosx postfix/tlsmgr[2237]: warning: no entropy source specified with parameter tls_random_source
May 4 18:36:31 mosx postfix/tlsmgr[2237]: warning: encryption keys etc. may be predictable
May 4 18:36:35 mosx postfix/smtpd[2240]: connect from localhost[127.0.0.1]
May 4 18:36:35 mosx postfix/smtpd[2240]: BA9679CB2C: client=localhost[127.0.0.1]
May 4 18:36:35 mosx postfix/cleanup[2234]: BA9679CB2C: message-id=<463B6105.5000204 at jvm.de>
May 4 18:36:35 mosx postfix/smtpd[2240]: disconnect from localhost[127.0.0.1]
May 4 18:36:35 mosx postfix/qmgr[2222]: BA9679CB2C: from=<stephan.budach at jvm.de>, size=2223, nrcpt=1 (queue active)
May 4 18:36:35 mosx postfix/smtp[2235]: 6240E9CB07: to=<budy at stephanbudach.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.4, delays=0.09/0.09/0.01/4.2, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=02184-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as BA9679CB2C)
May 4 18:36:35 mosx postfix/qmgr[2222]: 6240E9CB07: removed
May 4 18:36:35 mosx postfix/lmtp[2241]: BA9679CB2C: to=<budy at stephanbudach.de>, relay=mosx.stephanbudach.de[/var/imap/socket/lmtp], delay=0.23, delays=0.01/0.03/0.05/0.14, dsn=2.1.5, status=sent (250 2.1.5 Ok)
May 4 18:36:35 mosx postfix/qmgr[2222]: BA9679CB2C: removed
Das einzige, was ich auch im syslog sehe sind die beiden Zeilen vom tlsmgr, aber ich denke nicht, dass die das sind.
Ratlos,
Stephan
--
Stephan Budach
Jung von Matt/it-services GmbH
Glashuettenstrasse 79
20357 Hamburg
Tel: +49 40-4321-1353
Fax: +49 40-4321-1114
Internet: http://www.jvm.de
Geschäftsführer: Frank Wilhelm, Ulrich Pallas
AG HH HRB 98380, Ust-ID-Nr: DE 189569691
Mehr Informationen über die Mailingliste Postfixbuch-users