[Postfixbuch-users] reject_unverified_sender

Sa Dez 2 23:05:42 CET 2006

Andreas Winkelmann <ml at awinkelmann.de> schrieb:

> Am Saturday 02 December 2006 21:53 schrieb Andreas Meyer:
> 
> > Ich habe auf meinem relay Postfix auf Version 2.3.4 gebracht und in
> > smtpd_sender_restrictions warn_if_reject reject_unverified_sender
> > eingefügt.
> >
> > Jetzt habe ich folgendes im logfile:
> >
> > Dec  2 21:27:56 cherry postfix/smtpd[30345]: NOQUEUE: reject_warning: RCPT
> > from ilpostino.jpberlin.de[213.203.238.6]: 450 4.1.7
> > <postfixbuch-users-bounces at listi.jpberlin.de>: Sender address rejected:
> > unverified address: Address verification in progress;
> > from=<postfixbuch-users-bounces at listi.jpberlin.de> to=<anmeyer at anup.de>
> > proto=ESMTP helo=<ilpostino.jpberlin.de>
> >
> > Was habe ich falsch gemacht?
> 
> Postfix hat kein Ergebnis eines Testes an diese Adresse in der Datenbank und 
> hat einen Test an die Adresse beauftragt. Evtl. hat es einfach zu lange 
> gebraucht, oder Du hast die Timeout-Wert derart weit runter gestellt, dass 
> nicht mehr auf eine Antwort gewartet wurde und erstmal ein 4xx zum Client 
> geschickt wurde.
> 
> Zeig doch mal "postconf -n".

Ich habe nix gedreht an den Timeout-Werten.

alias_database = btree:/etc/aliases
alias_maps = btree:/etc/aliases
body_checks = regexp:/etc/postfix/body_checks_regexp,	      pcre:/etc/postfix/body_checks_pcre
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_database_type = btree
defer_transports = 
disable_vrfy_command = yes
hash_queue_names = deferred, defer active bounce flush incoming
header_checks = regexp:/etc/postfix/header_checks_regexp,                pcre:/etc/postfix/header_checks_pcre
html_directory = no
lmtp_sasl_auth_enable = yes
lmtp_sasl_password_maps = btree:/etc/postfix/lmtp_sasl_pass
mail_owner = postfix
mailbox_size_limit = 81920000
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
masquerade_exceptions = root
message_size_limit = 20480000
mime_header_checks = pcre:/etc/postfix/mime_header_checks.pcre
minimal_backoff_time = 400s
myhostname = cherry.anup.de
mynetworks = 192.168.20.60, 192.168.20.61, 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
queue_minfree = 40960000
queue_run_delay = 400s
readme_directory = no
relay_domains = anup.de, meyer.home, meyer.foo, xxxxx
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_mail_timeout = 600s
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = btree:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/certs/cacert.pem
smtp_tls_CApath = /etc/postfix/certs
smtp_tls_cert_file = /etc/postfix/certs/ccert-cherry-dmz.pem
smtp_tls_key_file = /etc/postfix/certs/ckey-cherry-dmz.pem
smtp_tls_loglevel = 1
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:/etc/postfix/smtp_scache
smtp_use_tls = yes
smtpd_client_restrictions = check_client_access btree:/etc/postfix/client_access,
smtpd_hard_error_limit = 10
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,    reject_invalid_hostname,    check_helo_access btree:/etc/postfix/helo_access,    check_helo_access regexp:/etc/postfix/helo_regexp
smtpd_recipient_limit = 100
smtpd_recipient_restrictions = reject_unauth_pipelining,    permit_sasl_authenticated,    permit_mynetworks,    reject_unauth_destination,    reject_unknown_recipient_domain,    warn_if_reject reject_unverified_recipient,    check_policy_service inet:127.0.0.1:10023,    reject_rbl_client relays.ordb.org,    reject_rbl_client bl.spamcop.net,    check_recipient_access btree:/etc/postfix/access_recipient,    check_recipient_access pcre:/etc/postfix/access_recipient_pcre
smtpd_restriction_classes = from_freemail_host			    fax-restrictions
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = anup.de
smtpd_sasl_security_options = noanonymous
smtpd_sender_login_maps = btree:/etc/postfix/sasl_needed
smtpd_sender_restrictions = permit_mynetworks,    reject_non_fqdn_sender,    check_sender_access btree:/etc/postfix/freemail_access,    check_sender_access btree:/etc/postfix/access_whitesender,    check_sender_access	btree:/etc/postfix/access_sender,    check_sender_access	regexp:/etc/postfix/access_sender_regexp,    reject_unknown_sender_domain,    reject_sender_login_mismatch
smtpd_soft_error_limit = 5
smtpd_tls_CAfile = /etc/postfix/certs/cacert.pem
smtpd_tls_CApath = /etc/postfix/certs
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/certs/cert.pem
smtpd_tls_key_file = /etc/postfix/certs/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = no
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
transport_maps = btree:/etc/postfix/transport-virt
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unknown_local_recipient_reject_code = 450

-- 
   Andreas Meyer

Mein öffentlicher GPG-Schlüssel unter:
http://gpg-keyserver.de/pks/lookup?search=anmeyer&fingerprint=on&op=index