postfix log

Postfix, QMail, Sendmail, Dovecot, Cyrus, Courier, Anti-Spam
r00ty
Posts: 747
Joined: 2003-03-17 15:32

postfix log

Post by r00ty » 2003-07-31 14:28

Hallo !

Was sollte mir dieser Eintrag in meinem Postfix log sagen (1und1 - suse8.1 - smtp-auth & TLS)

Code: Select all

Jul 31 14:18:57 p15114099 postfix/smtpd[5058]: connect from unknown[61.11.81.247]
Jul 31 14:18:59 p15114099 postfix/smtpd[5058]: 95DB142003F: client=unknown[61.11.81.247]
Jul 31 14:19:03 p15114099 postfix/cleanup[5059]: 95DB142003F: message-id=<20030731121859.95DB142003F@p01234567.pureserver.info>
Jul 31 14:19:04 p15114099 postfix/qmgr[26926]: 95DB142003F: from=<C`Huse@doubleoptinmailing.com>, size=1629, nrcpt=1 (queue active)
Jul 31 14:19:05 p15114099 postfix/smtp[5067]: 95DB142003F: to=<inzida@web.de>, relay=mx-ha01.web.de[217.72.192.149], delay=6, status=sent (250 OK id=19iCOe-0001Gj-00)
Jul 31 14:19:05 p15114099 postfix/smtpd[5058]: disconnect from unknown[61.11.81.247]
das p01234567 ist meine Nummer (natürlich geändert)
schickt da jetzt doch jemand Mails über meinen Server ?
oder nicht ? Ich blick einfach den Eintrag nicht

dodolin
RSAC
Posts: 4009
Joined: 2003-01-21 01:59
Location: Sinsheim/Karlsruhe

Re: postfix log

Post by dodolin » 2003-07-31 15:08

Jul 31 14:18:57 p15114099 postfix/smtpd[5058]: connect from unknown[61.11.81.247]
Die IP 61.11.81.247 hat eine Verbindung zu deinem SMTP-Port aufgenommen. Er kann die IP nicht zu einem Hostnamen auflösen:

Code: Select all

[dominik@sklave dominik]$ host 61.11.81.247
Host 247.81.11.61.in-addr.arpa not found: 3(NXDOMAIN)
Jul 31 14:18:59 p15114099 postfix/smtpd[5058]: 95DB142003F: client=unknown[61.11.81.247]
Obige IP hat eine Mail eingeliefert, die die interne Bearbeitungsnummer 95DB... von deinem MTA erhalten hat.
Jul 31 14:19:03 p15114099 postfix/cleanup[5059]: 95DB142003F: message-id=<20030731121859.95DB142003F@p01234567.pureserver.info>
Die Mail mit der Bearbeitungsnummer 95DB... hatte keine Message-ID und bekommt deshalb von deinem Postfix eine verpasst. Das vor dem Punkt im Lokalpart ist das Datum, danach die Bearbeitungsnummer und dein Hostname.
Jul 31 14:19:04 p15114099 postfix/qmgr[26926]: 95DB142003F: from=<C`Huse@doubleoptinmailing.com>, size=1629, nrcpt=1 (queue active)
Jul 31 14:19:05 p15114099 postfix/smtp[5067]: 95DB142003F: to=<inzida@web.de>, relay=mx-ha01.web.de[217.72.192.149], delay=6, status=sent (250 OK id=19iCOe-0001Gj-00)
Die Mail hatte den Envelop-Sender <C`Huse@doubleoptinmailing.com> und ging an den Empfänger <inzida@web.de>. Dein Postfix hat sie versendet. :-(
schickt da jetzt doch jemand Mails über meinen Server ?
IMHO ja. Also bitte zuallererst mal deinen Postfix komplett abschalten. Danke.

r00ty
Posts: 747
Joined: 2003-03-17 15:32

Re: postfix log

Post by r00ty » 2003-07-31 15:35

okay, postfix ist (mal wieder) gestoppt

hier meine Config - unten drunter ein paar Kommentare:

Code: Select all

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
default_privs = autoresp
myhostname = p01234567.pureserver.info
mydomain = meinedomain.tld
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain $mydomain
mynetworks_style = host
local_recipient_maps = $alias_maps unix:passwd.byname
in_flow_delay = 0
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mail_spool_directory = /var/mail
fast_flush_domains = $relay_domains
smtpd_banner = $myhostname ESMTP $mail_name
debug_peer_level = 2
debugger_command =
	 PATH=/usr/bin:/usr/X11R6/bin
	 xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/sbin/sendmail
mailq_path = /usr/bin/mailq
setgid_group = maildrop
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES

#ordb
maps_rbl_domains = relays.ordb.org proxies.relays.monkeys.com formmail.relays.monkeys.com proxy.relays.osirusoft.com socks.relays.osirusoft.com 

#suseconfig:
canonical_maps = hash:/etc/postfix/canonical
virtual_maps = hash:/etc/postfix/virtual, hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
inet_interfaces = all
masquerade_domains = meinedomain.tld
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions = 
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_maps_rbl, reject_unauth_destination

#SMTPD Auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

#TLS Support
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/key.pem
smtpd_tls_cert_file = /etc/postfix/cert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
mir ist aufgefallen, dass ich bei
fast_flush_domains = $relay_domains
$relay_domains undefiniert ist - das sollte eigentlich nichts ausmachen...
p.s.: was ist denn fast_flush_domains ?
config sagt:

Code: Select all

# FAST ETRN SERVICE
#
# Postfix maintains per-destination logfiles with information about
# deferred mail, so that mail can be flushed quickly with the SMTP
# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".
# 
# By default, Postfix maintains deferred mail logfile information
# only for destinations that Postfix is willing to relay to (as
# specified in the relay_domains parameter). For other destinations,
# Postfix attempts to deliver ALL queued mail after receiving the
# SMTP "ETRN domain.tld" command, or after execution of "sendmail
# -qRdomain.tld". This can be slow when a lot of mail is queued.
# 
# The fast_flush_domains parameter controls what destinations are
# eligible for this "fast ETRN/sendmail -qR" service.
Das macht mich nicht wirklich schlau, aber das hat glaub nix mit meinem Problem zu tun...

ich bin jetzt ein paar Mal über die Config drüber, aber ich hab keinen blassen schimmer wie die das anstellen über meinen Server zu schicken

r00ty
Posts: 747
Joined: 2003-03-17 15:32

Re: postfix log

Post by r00ty » 2003-07-31 22:01

ums mal wieder nach oben zu bringen.....
keiner ne Idee ?

mr. fry
Posts: 39
Joined: 2003-06-19 01:50
Location: /chroot

Re: postfix log

Post by mr. fry » 2003-08-10 11:54

Hallo,

ich hab's mal mit meiner main.cf verglichen....

Unterschiede:

Code: Select all

mydestination = $myhostname, localhost.$mydomain, $mydomain, smtp.$mydomain

Code: Select all

newaliases_path = /usr/bin/newaliases

Code: Select all

smtpd_recipient_restrictions = permit_mynetworks,check_relay_domains
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination
...das wird es wohl sein...