amavis kommuniziert nicht mit Postfix

[rj45]

Guten Tag,
ich versuche gerade auf einem neuen Debian Etch System Postfix nach diesem Tutorial zu installieren. Ich habe nach der Installation schon mehrere Mail Server aufgesetzt was soweit auch immer funktioniert hat.

Doch diesmal habe ich eingie Probleme zuerst lies Amavis mich nicht connecten dann habe ich in der 50-User config etwas hinzugefügt dann ging es wieder.
Zum einen bekomme ich einen

Client host rejected: Access denied;
und zum anderen einen
450 4.4.1 Can't connect to 127.0.0.1 port 10025, () at (eval 46) line 145, <GEN22> line 224., MTA([127.0.0.1]:10025)

Hier mal die Mail log:

cat mail.log:

Code: Select all

Sep 24 08:53:39 domain postfix/master[6998]: daemon started -- version 2.3.8, configuration /etc/postfix
Sep 24 08:54:04 domain postfix/qmgr[7003]: B9C20420C289: from=<info@anonym.de>, size=1310, nrcpt=1 (queue active)
Sep 24 08:54:04 domain postfix/qmgr[7003]: 35ABE420C1C2: from=<root@domain.de>, size=935, nrcpt=1 (queue active)
Sep 24 08:54:04 domain postfix/qmgr[7003]: E809D420C280: from=<root@domain.de>, size=4982, nrcpt=1 (queue active)
Sep 24 08:54:04 domain postfix/qmgr[7003]: E53D4420C1CA: from=<EVE_Online_khjlj-Technik=domain.de@newsletters.eve-online.com>, size=16629, nrcpt=1 (queue active)
Sep 24 08:54:04 domain postfix/smtpd[7032]: connect from domain.de[78.46.78.74]
Sep 24 08:54:04 domain postfix/smtpd[7032]: NOQUEUE: reject: CONNECT from domain.de[78.46.78.74]: 554 5.7.1 <domain.de[78.46.78.74]>: Client host rejected: Access denied; proto=SMTP
Sep 24 08:54:04 domain amavis[6832]: (06832-03) (!) FWD via SMTP: <root@domain.de> -> <john@example.com>, 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 224., MTA([127.0.0.1]:10025), id=06832-03
Sep 24 08:54:04 domain amavis[6832]: (06832-03) Blocked SPAM, <root@domain.de> -> <john@example.com>, quarantine: spam-txAm4l5oiNdB.gz, Message-ID: <GTUBE1.1010101@example.net>, mail_id: txAm4l5oiNdB, Hits: 1002.319, 224 ms
Sep 24 08:54:04 domain postfix/smtpd[7032]: lost connection after CONNECT from domain.de[78.46.78.74]
Sep 24 08:54:04 domain postfix/smtpd[7032]: disconnect from domain.de[78.46.78.74]
Sep 24 08:54:04 domain postfix/smtp[7028]: 35ABE420C1C2: to=<john@example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=66609, delays=66608/0.03/0/0.23, dsn=4.4.1, status=deferred (host 127.0.0.1[127.0.0.1] said: 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 224., MTA([127.0.0.1]:10025), id=06832-03 (in reply to end of DATA command))
Sep 24 08:54:04 domain postfix/smtpd[7032]: connect from domain.de[78.46.78.74]
Sep 24 08:54:04 domain postfix/smtpd[7032]: NOQUEUE: reject: CONNECT from domain.de[78.46.78.74]: 554 5.7.1 <domain.de[78.46.78.74]>: Client host rejected: Access denied; proto=SMTP
Sep 24 08:54:04 domain amavis[6832]: (06832-04) (!) FWD via SMTP: <root@domain.de> -> <root@domain.de>, 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 275., MTA([127.0.0.1]:10025), id=06832-04
Sep 24 08:54:04 domain postfix/smtpd[7032]: lost connection after CONNECT from domain.de[78.46.78.74]
Sep 24 08:54:04 domain postfix/smtpd[7032]: disconnect from domain.de[78.46.78.74]
Sep 24 08:54:04 domain amavis[6832]: (06832-04) Blocked TEMPFAIL, <root@domain.de> -> <root@domain.de>, Message-ID: <20080924042517.E809D420C280@domain.de>, mail_id: WqQ8r9y6KJvr, Hits: -0.001, 187 ms
Sep 24 08:54:04 domain postfix/smtp[7028]: E809D420C280: to=<root@domain.de>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=8943, delays=8942/0.28/0.01/0.19, dsn=4.4.1, status=deferred (host 127.0.0.1[127.0.0.1] said: 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 275., MTA([127.0.0.1]:10025), id=06832-04 (in reply to end of DATA command))
Sep 24 08:54:05 domain postfix/smtpd[7032]: connect from domain.de[78.46.78.74]
Sep 24 08:54:05 domain postfix/smtpd[7032]: NOQUEUE: reject: CONNECT from domain.de[78.46.78.74]: 554 5.7.1 <domain.de[78.46.78.74]>: Client host rejected: Access denied; proto=SMTP
Sep 24 08:54:05 domain postfix/smtpd[7032]: lost connection after CONNECT from domain.de[78.46.78.74]
Sep 24 08:54:05 domain postfix/smtpd[7032]: disconnect from domain.de[78.46.78.74]
Sep 24 08:54:05 domain amavis[6832]: (06832-04-2) (!) FWD via SMTP: <EVE_Online_khjlj-Technik=domain.de@newsletters.eve-online.com> -> <Technik@domain.de>, 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 430., MTA([127.0.0.1]:10025), id=06832-04-2
Sep 24 08:54:05 domain amavis[6832]: (06832-04-2) Blocked TEMPFAIL, [216.24.226.138] [216.24.226.138] <EVE_Online_khjlj-Technik=domain.de@newsletters.eve-online.com> -> <Technik@domain.de>, Message-ID: <1222190580355.130880.362054.105004558@mta1.newsletters.eve-online.com>, mail_id: Byvr4vg56UJ6, Hits: 0.171, 276 ms
Sep 24 08:54:05 domain postfix/smtp[7028]: E53D4420C1CA: to=<Technik@domain.de>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=2, delay=48588, delays=48588/0.5/0/0.28, dsn=4.4.1, status=deferred (host 127.0.0.1[127.0.0.1] said: 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 430., MTA([127.0.0.1]:10025), id=06832-04-2 (in reply to end of DATA command))
Sep 24 08:54:06 domain postfix/smtpd[7032]: connect from domain.de[78.46.78.74]
Sep 24 08:54:06 domain postfix/smtpd[7032]: NOQUEUE: reject: CONNECT from domain.de[78.46.78.74]: 554 5.7.1 <domain.de[78.46.78.74]>: Client host rejected: Access denied; proto=SMTP
Sep 24 08:54:06 domain postfix/smtpd[7032]: lost connection after CONNECT from domain.de[78.46.78.74]
Sep 24 08:54:06 domain postfix/smtpd[7032]: disconnect from domain.de[78.46.78.74]
Sep 24 08:54:06 domain amavis[6831]: (06831-03) (!) FWD via SMTP: <info@anonym.de> -> <technik@domain.de>, 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 456., MTA([127.0.0.1]:10025), id=06831-03
Sep 24 08:54:06 domain amavis[6831]: (06831-03) Blocked TEMPFAIL, [213.239.218.151] [91.15.144.152] <info@anonym.de> -> <technik@domain.de>, Message-ID: <48D9E380.6070705@anonym.de>, mail_id: vQQgdAL1Wp3Z, Hits: 0., 1578 ms
Sep 24 08:54:06 domain postfix/smtp[7027]: B9C20420C289: to=<technik@domain.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=93, delays=92/0.01/0/1.6, dsn=4.4.1, status=deferred (host 127.0.0.1[127.0.0.1] said: 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 46) line 145, <GEN22> line 456., MTA([127.0.0.1]:10025), id=06831-03 (in reply to end of DATA command))

Die 3 Emails die man oben sehen kann habe ich per `postque -f` nochmal versucht zuzustellen

Hiezu mal meine Postfix config:

main.cfg:

Code: Select all

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem
smtpd_tls_key_file = /etc/ssl/private/postfix.pem
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = domain.de
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = domain.de, localhost.de, localhost
relayhost =
mynetworks =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_tls_auth_only = yes
content_filter = smtp-amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

Master.cfg:

Code: Select all

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

############# MAIL #############

dovecot   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

smtp-amavis unix -      -       n     -       2  smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20

127.0.0.1:10025 inet n  -       -     -       -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
    -o local_header_rewrite_clients=

ein netstat -nap | grep 1002
zeigt mir folgendes

Code: Select all

tcp        0      0 127.0.0.1:10024         0.0.0.0:*               LISTEN     6830/amavisd (maste
tcp        0      0 127.0.0.1:10025         0.0.0.0:*               LISTEN     6998/master

Also da ich das Tutorial auf diesem Server mittlerweile 3 mal gemacht habe und mich versucht habe über diverse Google seiten zu schlängeln muss ich euch fragen da ich erstmal am ende bin... hoffe ihr habt eine Idee...

Grundsystem:
Debian etch
Postfix 2.3.8
amavis 1.1.5

[Joe User]

Dein Amavis ist in Zeile 145 broken...

[rj45]

Das Problem dabei ist wenn ich die Amavis config durchgehe im conf.d Ordner

Haben nur 2 Dateien überhaupt so viele Zeilen. DIe 15-av_scanner und die 20-debian_defaults

So in der 15-av_scanner sind dort nur Kommentare und in der 20-debian_defaults habe ich die ecke auskommentier aber ohne irgendeinen Effekt.

Habe ich ne Configdatei übersehen?

[Joe User]

Nicht die Config, sondern Amavis selbst...

[rj45]

HaHa habs geschaft unglaublich habe bei mynetworks unter main.cf und master.cf meinen domain namen dazu geschrieben erstaunlicherweise geht es.