[Postfixbuch-users] connect from local host
christian zimmermann
christian at looony.de
Di Feb 21 13:27:27 CET 2006
Robert Felber wrote:
>On Tue, Feb 21, 2006 at 11:13:14AM +0100, Robert Felber wrote:
>
>
>>>>295854 TCP 127.0.0.1:49695->127.0.0.1:10025 (ESTABLISHED)
>>>>Tue Feb 21 10:51:08 2006: smtpd 13648 postfix 10u IPv4
>>>>295858 TCP 127.0.0.1:10025->127.0.0.1:49695 (ESTABLISHED)
>>>>
>>>>sieht mir nicht so aus als wäre der übeltäter dabei. Die connects alle
>>>>10 secunden waren weiterhin zu sehen.
>>>>
>>>>
>
>poste bitte mal deine master.cf
>
>
>
>
Also hier das debug log und die entsprechenden timestamps aus mail
debug.log:
Tue Feb 21 12:41:00 2006: amavisd 16546 vscan 10w IPv4
454279 TCP 127.0.0.1:47318->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 12:42:32 2006: amavisd 16711 vscan 10w IPv4
463088 TCP 127.0.0.1:47353->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 12:42:55 2006: master 2940 root 75u IPv4
465284 TCP 127.0.0.1:47357->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 12:47:35 2006: amavisd 23413 vscan 11r IPv4
492435 TCP 127.0.0.1:43387->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 12:50:25 2006: master 2940 root 75u IPv4
509078 TCP 127.0.0.1:41062->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 12:53:15 2006: master 2940 root 75u IPv4
525425 TCP 127.0.0.1:37818->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 13:04:13 2006: amavisd 16546 vscan 10w IPv4
588826 TCP 127.0.0.1:43941->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 13:08:43 2006: amavisd 16858 vscan 10w IPv4
614585 TCP 127.0.0.1:43823->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 13:09:29 2006: amavisd 16546 vscan 10w IPv4
619310 TCP 127.0.0.1:43835->127.0.0.1:10025 (ESTABLISHED)
Tue Feb 21 13:10:50 2006: amavisd 20898 vscan 10u IPv4
627554 TCP 127.0.0.1:43848->127.0.0.1:10025 (ESTABLISHED)
mail:
Feb 21 12:41:00 mail postfix/qmgr[2954]: 0A730DF5E: removed
Feb 21 12:41:00 mail postfix/smtp[24140]: 275B9DF73:
to=<xxxx at mail.vitaphone.de>, relay=192.168.96.7[192.168.96.7], delay=0,
status=sent (250 Message accepted for delivery)
Feb 21 12:41:00 mail postfix/qmgr[2954]: 275B9DF73: removed
Feb 21 12:42:32 mail postfix/smtpd[22995]: connect from localhost[127.0.0.1]
Feb 21 12:42:32 mail postfix/smtpd[22995]: 474CDDF5E:
client=localhost[127.0.0.1]
Feb 21 12:42:32 mail postfix/cleanup[22269]: 474CDDF5E:
message-id=<E1FBVtv-0005lJ-00 at smtp1.mecom.DE>
Feb 21 12:42:32 mail postfix/qmgr[2954]: 474CDDF5E:
from=<robot at mecom.de>, size=1813, nrcpt=1 (queue active)
Feb 21 12:42:32 mail postfix/smtpd[22995]: disconnect from
localhost[127.0.0.1]
Feb 21 12:42:32 mail postfix/smtp[22271]: 7A0BFDF61:
to=<xxx at vitanet.de>, relay=127.0.0.1[127.0.0.1], delay=33, status=sent
(250 2.6.0 Ok, id=16711-06, from MTA([127.0.0.1]:10025): 250 Ok: q
ueued as 474CDDF5E)
Feb 21 12:42:32 mail postfix/qmgr[2954]: 7A0BFDF61: removed
Feb 21 12:42:32 mail postfix/smtp[24140]: 474CDDF5E:
to=<xxx at vitanet.de>, relay=192.168.96.7[192.168.96.7], delay=0,
status=sent (250 Message accepted for delivery)
Feb 21 12:42:32 mail postfix/qmgr[2954]: 474CDDF5E: removed
Feb 21 12:42:35 mail postfix/smtpd[19621]: connect from localhost[127.0.0.1]
Feb 21 12:42:35 mail postfix/smtpd[19621]: lost connection after CONNECT
from localhost[127.0.0.1]
Feb 21 12:42:35 mail postfix/smtpd[19621]: disconnect from
localhost[127.0.0.1]
eb 21 12:42:55 mail postfix/smtpd[22995]: connect from localhost[127.0.0.1]
Feb 21 12:42:55 mail postfix/smtpd[22995]: lost connection after CONNECT
from localhost[127.0.0.1]
Feb 21 12:42:55 mail postfix/smtpd[22995]: disconnect from
localhost[127.0.0.1]
Feb 21 12:47:35 mail postfix/smtpd[22995]: connect from localhost[127.0.0.1]
Feb 21 12:47:35 mail postfix/smtpd[22995]: lost connection after CONNECT
from localhost[127.0.0.1]
Feb 21 12:47:35 mail postfix/smtpd[22995]: disconnect from
localhost[127.0.0.1]
Feb 21 12:47:35 mail postfix/smtpd[19621]: connect from localhost[127.0.0.1]
Feb 21 12:47:35 mail postfix/smtpd[19621]: A5E3FDF7B:
client=localhost[127.0.0.1]
Feb 21 12:47:35 mail postfix/cleanup[26451]: A5E3FDF7B:
message-id=<E1FBVym-0005wf-00 at smtp1.mecom.DE>
Feb 21 12:47:35 mail postfix/smtpd[19621]: disconnect from
localhost[127.0.0.1]
Feb 21 12:47:35 mail postfix/smtp[26452]: 13891DF5E:
to=<xxx at vitanet.de>, relay=127.0.0.1[127.0.0.1], delay=36, status=sent
(250 2.6.0 Ok, id=23413-01, from MTA([127.0.0.1]:10025): 250 Ok: q
ueued as A5E3FDF7B)
Feb 21 12:50:25 mail postfix/smtpd[19621]: connect from localhost[127.0.0.1]
Feb 21 12:50:25 mail postfix/smtpd[19621]: lost connection after CONNECT
from localhost[127.0.0.1]
Feb 21 12:50:25 mail postfix/smtpd[19621]: disconnect from
localhost[127.0.0.1]
so und zu guter letzt die master.cf#
==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - 10 smtpd
smtp-amavis unix - - n - 10 smtp -o
smtpd_data_done_timeout=1800 -o disable_dns_lookups=yes
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o
smtpd_etrn_restrictions=reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
localhost:10025 inet n - n 10 - smtpd -o
content_filter=
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m
${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc
${sender} ${recipient}
scache unix - - n - 1 scache
discard unix - - n - - discard
tlsmgr unix - - n 1000? 1 tlsmgr
Christian
Mehr Informationen über die Mailingliste Postfixbuch-users