[Postfixbuch-users] Mails in Mailqueue wg. Spam
francwalter at gmx.net
francwalter at gmx.net
Mo Feb 28 00:22:04 CET 2011
> Postconf -n + master.cf ohne Kommentare und bitte nicht als Anhang sondern
> einfach in der Mail
postconf -n ergibt:
# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases,hash:/var/lib/mailman/data/aliases
append_dot_mydomain = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 20480000
mydestination = lists.example.org, www.example.org, localhost
myhostname = example.org
myorigin = /etc/mailname
readme_directory = no
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_hard_error_limit = 10
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_unauth_pipelining check_recipient_access hash:/etc/postfix/roleaccount_exceptions check_client_access hash:/etc/postfix/rbl_client_exceptions check_policy_service inet:127.0.0.1:60000
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_soft_error_limit = 8
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/apache2/ssl/servercert.pem
smtpd_tls_key_file = /etc/apache2/ssl/serverkey.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
soft_bounce = no
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000
master.cf:
smtp inet n - - - - smtpd
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
pickup fifo n - - 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o smtp_fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
smtp-amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
> Du hast aber nicht nachgeschaut wer die Mail bei dir eingeliefert hat. Wo
> ist das Log vom ursprünglichen Sender?
Ich kann keinen anderen Absender als den finden, an den der Bounce geht. Hier aus dem mail.log das erste Vorkommen dieser Mail:
Feb 27 16:38:01 www postfix/smtpd[1548]: connect from unknown[111.224.250.129]
Feb 27 16:38:03 www postgrey[7278]: action=pass, reason=triplet found, client_name=unknown, client_address=111.224.250.129, sender=admin at example2.org, recipient=office at example.org
Feb 27 16:38:03 www postfix/smtpd[1548]: E3F7D3C9FC00E: client=unknown[111.224.250.129]
Feb 27 16:38:05 www postfix/cleanup[1647]: E3F7D3C9FC00E: message-id=<387F6CD5.65A138DD at example2.org>
Feb 27 16:38:05 www postfix/qmgr[29871]: E3F7D3C9FC00E: from=<admin at example2.org>, size=2172, nrcpt=1 (queue active)
Feb 27 16:38:06 www postfix/smtpd[1548]: disconnect from unknown[111.224.250.129]
Feb 27 16:38:12 www amavis[27678]: (27678-16) Blocked SPAM, [111.224.250.129] [111.224.250.129] <admin at example2.org> -> <office at example.org>, quarantine: u/spam-uSBMYmLxm3GV.gz, Message-ID: <387F6CD5.65A138DD at example2.org>, mail_id: uSBMYmLxm3GV, Hits: 121.454, size: 2172, 6425 ms
Feb 27 16:38:12 www postfix/smtp[1648]: E3F7D3C9FC00E: to=<office at example.org>, relay=127.0.0.1[127.0.0.1]:10024, delay=8.9, delays=2.5/0.01/0/6.4, dsn=5.7.0, status=bounced (host 127.0.0.1[127.0.0.1] said: 554 5.7.0 Reject, id=27678-16 - SPAM (in reply to end of DATA command))
Feb 27 16:38:12 www postfix/cleanup[1647]: 07ED93C9FC012: message-id=<20110227153812.07ED93C9FC012 at example.org>
Feb 27 16:38:12 www postfix/bounce[1658]: E3F7D3C9FC00E: sender non-delivery notification: 07ED93C9FC012
Feb 27 16:38:12 www postfix/qmgr[29871]: 07ED93C9FC012: from=<>, size=3971, nrcpt=1 (queue active)
Feb 27 16:38:12 www postfix/qmgr[29871]: E3F7D3C9FC00E: removed
Feb 27 16:38:12 www postfix/smtp[1661]: connect to example2.org[111.224.250.132]:25: Connection refused
Feb 27 16:38:12 www postfix/smtp[1661]: 07ED93C9FC012: to=<admin at example2.org>, relay=none, delay=0.73, delays=0.02/0.01/0.7/0, dsn=4.4.1, status=deferred (connect to example2.org[111.224.250.132]:25: Connection refused)
example.org ist meine domain und example2.org ist in Wirklichkeit a d v e r t i s e - b z . c n
Ich hab diese domain schon mal im Klartext an jemand gemailt, also innerhalb des Logfiles, mit der Folge, dass mein Mail sofort im Spam gelandet war.
Mehr Informationen über die Mailingliste Postfixbuch-users