Trotz Suche habe ich noch keine Lösung auf folgendes Prob gefunden:
amavisd versucht, die Mails an die lokale-Inet-IP (217.x.x.x) zu schicken anstatt auf 127.0.0.1, wie es sich gehören würde. Der Test mit telnet über lokale IP, Inet-IP und 127er zeigt dann auch, dass am Port 10024 nur über 127.0.0.1 angenommen wird - was ja auch korrekt ist.
Hat jemand eine Lösung?
Achso ... SuSE 9.0, amavisd-new, SA, postfix
Standard-Konfig von Suseconfig, alle Modifikationen ergaben keine Ã?nderungen
amavisd nutzt falsche IP
-
captaincrunch
- Userprojekt
- Posts: 7066
- Joined: 2002-10-09 14:30
- Location: Dorsten
- Contact:
Re: amavisd nutzt falsche IP
Was sagt denn die /etc/amavisd.conf dazu?
DebianHowTo
echo "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc
echo "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc
Re: amavisd nutzt falsche IP
da isser:
Code: Select all
use strict;
$MYHOME = '/var/spool/amavis';
$mydomain = 'karlshorst.zappasys.de';
$daemon_user = 'vscan';
$daemon_group = 'vscan';
$TEMPBASE = $MYHOME; # (must be set if other config vars use is)
$ENV{TMPDIR} = $TEMPBASE; # wise, but usually not necessary
$max_servers = 2; # number of pre-forked children (default 2)
$max_requests = 10; # retire a child after that many accepts (default 10)
$child_timeout=5*60; # abort child if it does not complete each task in n sec
@local_domains_acl = ( ".$mydomain" ); # $mydomain and its subdomains
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
$inet_socket_port = 10024; # accept SMTP on this local TCP port
$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface
@inet_acl = qw( 127.0.0.1 ); # allow SMTP access only from localhost IP
$DO_SYSLOG = 1; # (defaults to false)
$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log)
$log_level = 2; # (defaults to 0)
$log_templ = '[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #
<%o> -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';
$final_virus_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
$viruses_that_fake_sender_re = new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
qr'tanatos|lentin|bridex|mimail|trojan.dropper'i,
);
$virus_admin = "virusalert@$mydomain";
$mailfrom_notify_admin = "virusalert@$mydomain";
$mailfrom_notify_recip = "virusalert@$mydomain";
$mailfrom_notify_spamadmin = "spam.police@$mydomain";
$mailfrom_to_quarantine = undef; # original sender if undef, or set explicitly
$QUARANTINEDIR = '/var/spool/amavis/virusmails';
$virus_quarantine_to = 'virus-quarantine'; # traditional local quarantine
$spam_quarantine_to = undef;
$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef)
$X_HEADER_LINE = "by amavisd-new at $mydomain";
$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
$remove_existing_spam_headers = 1; # remove existing spam headers if
$keep_decoded_original_re = new_RE(
qr'^(ASCII|text|uuencoded|xxencoded|binhex)'i,
);
$banned_filename_re = new_RE(
qr'.[a-zA-Z][a-zA-Z0-9]{0,3}.(vbs|pif|scr|bat|com|exe|dll)$'i, # double extension
qr'..(vbs|pif|scr|bat|com)$'i, # banned extension - basic
);
$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting
$recipient_delimiter = '+'; # (default is '+')
$localpart_is_case_sensitive = 0; # (default is false)
$blacklist_sender_re = new_RE(
qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
qr'^(investments|lose_weight_today|market.alert|money2you|MyGreenCard)@'i,
qr'^(new.tld.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
qr'^(inkjetplanet|marketopt|MakeMoney)d*@'i,
);
map { $whitelist_sender{lc($_)}=1 } (qw(
cert-advisory-owner@cert.org
owner-alert@iss.net
slashdot@slashdot.org
bugtraq@securityfocus.com
NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
security-alerts@linuxsecurity.com
amavis-user-admin@lists.sourceforge.net
notification-return@lists.sophos.com
mailman-announce-admin@python.org
owner-postfix-users@postfix.org
owner-postfix-announce@postfix.org
owner-sendmail-announce@Lists.Sendmail.ORG
owner-technews@postel.ACM.ORG
lvs-users-admin@LinuxVirtualServer.org
ietf-123-owner@loki.ietf.org
cvs-commits-list-admin@gnome.org
rt-users-admin@lists.fsck.com
clp-request@comp.nus.edu.sg
surveys-errors@lists.nua.ie
emailNews@genomeweb.com
owner-textbreakingnews@CNNIMAIL12.CNN.COM
spamassassin-talk-admin@lists.sourceforge.net
yahoo-dev-null@yahoo-inc.com
returns.groups.yahoo.com
));
$MAXLEVELS = 14; # (default is undef, no limit)
$MAXFILES = 1500; # (default is undef, no limit)
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified)
$MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified)
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj']; # both can extract, same options
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
$cpio = 'cpio'; # comment out if cpio does not support GNU options
$sa_local_tests_only = 1; # (default: false)
$sa_mail_body_size_limit = 64*1024; # don't waste time on SA if mail is larger
$sa_tag_level_deflt = 3.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disables)
@av_scanners = (
);
@av_scanners_backup = (
);
1;
Re: amavisd nutzt falsche IP
Bei mir gehts jetzt. :-D :-D :-D :-D
Habe alle localhost-Einträge sowie alle [localhost] in der master.cf in 127.0.0.1 umgewandelt.
Und noch eine Sache, die mir dabei aufgefallen ist:
postfix merkt sich, an welchen Server die Mail geschickt werden sollte. D.h. auch nach dem Ã?ndern aller Einstellungen auf 127.0.0.1 wollte er immer noch auf 217.x.x.x schicken. Erst ein postsuper -r ALL hat das Problem behoben. (Die Mails erneut in die Queue geschoben, dauert aber ein paar Minuten)
Habe alle localhost-Einträge sowie alle [localhost] in der master.cf in 127.0.0.1 umgewandelt.
Und noch eine Sache, die mir dabei aufgefallen ist:
postfix merkt sich, an welchen Server die Mail geschickt werden sollte. D.h. auch nach dem Ã?ndern aller Einstellungen auf 127.0.0.1 wollte er immer noch auf 217.x.x.x schicken. Erst ein postsuper -r ALL hat das Problem behoben. (Die Mails erneut in die Queue geschoben, dauert aber ein paar Minuten)