[Postfixbuch-users] restriction_class für Greylisting

Thomas Schwenski postfixbuch at thomas-schwenski.de
Di Dez 4 15:45:02 CET 2007


Hallo Andreas,

 > Zeig "postconf -n" und vielleicht auch den Fehler aus dem Log.

Sollst Du haben.

mail:/home/guest# postconf -n
alias_maps =
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
message_size_limit = 25600000
myhostname = mail.example.com
mynetworks = localhost, 127.0.0.1
smtpd_banner = $myhostname ESMTP running Postfix on Debian/GNU
smtpd_recipient_restrictions = reject_unknown_sender_domain, 
reject_non_fqdn_sender,    reject_non_fqdn_recipient, 
permit_sasl_authenticated,    permit_mynetworks, 
reject_unknown_recipient_domain,    reject_unauth_destination, 
reject_unlisted_recipient,    check_policy_service inet:127.0.0.1:50004, 
    check_recipient_access mysql:/etc/postfix/mysql/greylisting_users.cf 
    permit
smtpd_restriction_classes = greylisting_users
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_forwardings.cf
virtual_gid_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailboxes_gids.cf
virtual_mailbox_base = /srv/mail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailboxes.cf
virtual_uid_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailboxes_uids.cf


Mein Problem gestaltet sich wie folgt.

## Restriction-Classes
smtpd_restriction_classes=
     greylisting_users

greylisting_users=
     check_policy_service inet:127.0.0.1:50005

## Restrictions
smtpd_recipient_restrictions=
     reject_unknown_sender_domain,
     reject_non_fqdn_sender,
     reject_non_fqdn_recipient,
     permit_sasl_authenticated,
     permit_mynetworks,
     reject_unknown_recipient_domain,
     reject_unauth_destination,
     reject_unlisted_recipient,
     check_policy_service inet:127.0.0.1:50004,
     check_recipient_access mysql:/etc/postfix/mysql/greylisting_users.cf
     permit

Startet und arbeitet unauffällig,
wohingegen die kleine Änderung in den smtpd_recipient_restrictions, die 
proxymap zum cachen der Mitglieder-Liste der restriction_class 
greylisting_users bewegen soll einen fatalen Fehler in den Logs hinterlässt:

mail:/home/guest# tail /var/log/mail.log
Nov 22 08:39:25 mail postfix/smtpd[2803]: input attribute value: 4
Nov 22 08:39:25 mail postfix/smtpd[2803]: private/proxymap socket: 
wanted attribute: flags
Nov 22 08:39:25 mail postfix/smtpd[2803]: input attribute name: flags
Nov 22 08:39:25 mail postfix/smtpd[2803]: input attribute value: 0
Nov 22 08:39:25 mail postfix/smtpd[2803]: private/proxymap socket: 
wanted attribute: (list terminator)
Nov 22 08:39:25 mail postfix/smtpd[2803]: input attribute name: (end)
Nov 22 08:39:25 mail postfix/smtpd[2803]: dict_proxy_open: connect to 
map=mysql:/etc/postfix/mysql/greylisting_users.cf status=4 server_flags=
Nov 22 08:39:25 mail postfix/smtpd[2803]: fatal: proxymap service is not 
configured for table "mysql:/etc/postfix/mysql/greylisting_users.cf"
Nov 22 08:39:26 mail postfix/master[2789]: warning: process 
/usr/lib/postfix/smtpd pid 2803 exit status 1
Nov 22 08:39:26 mail postfix/master[2789]: warning: 
/usr/lib/postfix/smtpd: bad command startup -- throttling


Die Konfiguration sieht dann so aus:

## Restriction-Classes
smtpd_restriction_classes=
     greylisting_users

greylisting_users=
     check_policy_service inet:127.0.0.1:50005

## Restrictions
smtpd_recipient_restrictions=
     reject_unknown_sender_domain,
     reject_non_fqdn_sender,
     reject_non_fqdn_recipient,
     permit_sasl_authenticated,
     permit_mynetworks,
     reject_unknown_recipient_domain,
     reject_unauth_destination,
     reject_unlisted_recipient,
     check_policy_service inet:127.0.0.1:50004,
     check_recipient_access 
proxy:mysql:/etc/postfix/mysql/greylisting_users.cf
     permit


Zusätzlich wird in der Konfiguration (main.cf) auch noch proxy_read_maps 
erfolgreich angepasst (mit postconf -n getestet).

proxy_read_maps=
     $local_recipient_maps
     $mydestination
     $virtual_alias_maps
     $virtual_alias_domains
     $virtual_mailbox_maps
     $virtual_mailbox_domains
     $relay_recipient_maps
     $relay_domains
     $canonical_maps
     $sender_canonical_maps
     $recipient_canonical_maps
     $relocated_maps
     $transport_maps
     $mynetworks
     mysql:/etc/postfix/mysql/greylisting_users.cf

Mit oder ohne Anpassung von proxy_read_maps tritt derselbe Fehler auf.

Und nun?

Thomas



Mehr Informationen über die Mailingliste Postfixbuch-users