[Postfixbuch-users] (kein Betreff) -> postfix, Exchange / LDAP Anbindung
Stefan Behte
stefan.behte at gmx.net
Di Mai 8 15:00:46 CEST 2007
Hallo,
Hier der ldapsearch output:
s501 postfix # ldapsearch -LLL -b "DC=xxx,DC=com" -h exchange.xxx.com -x -D "CN=postfix,CN=Users,DC=xxx,DC=com" -w ***** "proxyAddresses=smtp:s.behte at xxx.com"
dn: CN=Stefan Behte,CN=Users,DC=xxx,DC=com
homeMDB: CN=Postfachspeicher (exchange),CN=Erste Speichergruppe,CN=InformationStor
e,CN=exchange,CN=Servers,CN=YYY,CN=Administrative Groups,CN=xxx,CN=Mic
rosoft Exchange,CN=Services,CN=Configuration,DC=xxx,DC=com
memberOf: CN=terminal,OU=Gruppen zzz,DC=xxx,DC=com
memberOf: CN=Mitarbeiter,OU=Verteiler,DC=xxx,DC=com
accountExpires: 9223372036854775807
badPasswordTime: 128230360453903750
badPwdCount: 0
codePage: 0
cn: Stefan Behte
countryCode: 0
displayName: Stefan Behte
mail: s.behte at xxx.com
givenName: Stefan
homeDirectory: \\aaaa\user\behte
homeDrive: U:
instanceType: 4
lastLogoff: 0
lastLogon: 128230376888903750
legacyExchangeDN: /O=xxx/OU=YYYY/cn=Recipients/cn=s.behte
lockoutTime: 0
logonCount: 896
distinguishedName: CN=Stefan Behte,CN=Users,DC=xxx,DC=com
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=xxx,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectGUID:: WsPIKYu36E......
objectSid:: AQUAAAAAAAUVAAA......
primaryGroupID: 513
profilePath: \\s551\profile\behte
proxyAddresses: smtp:sb at xxx.com
proxyAddresses: CCMAIL:Behte, Stefan at YYY
proxyAddresses: MS:xxx/YY/SBEHTE
proxyAddresses: SMTP:s.behte at xxx.com
proxyAddresses: X400:c=DE;a= ;p=xxx;o=YYY;s=Behte;g=Stefan;
pwdLastSet: 128175562812650000
name: Stefan Behte
sAMAccountName: s.behte
sAMAccountType: 805306368
scriptPath: logon
showInAddressBook: CN=Globale Standardadressliste,CN=All Global Address Lists,
CN=Address Lists Container,CN=xxx,CN=Microsoft Exchange,CN=Services,CN=Con
figuration,DC=xxx,DC=com
showInAddressBook: CN=All Users,CN=All Address Lists,CN=Address Lists Containe
r,CN=xxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxx,DC=c
om
sn: Behte
textEncodedORAddress: c=DE;a= ;p=xxx;o=YYY;s=Behte;g=Stefan;
userAccountControl: 512
userPrincipalName: s.behte at xxx.com
uSNChanged: 1083516
uSNCreated: 744618
whenChanged: 20070326135137.0Z
whenCreated: 20060918090258.0Z
mailNickname: s.behte
msExchUserAccountControl: 0
msExchALObjectVersion: 57
homeMTA: CN=Microsoft MTA,CN=exchange,CN=Servers,CN=YYY,CN=Administrative
Groups,CN=xxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxx
,DC=com
msExchHomeServerName: /O=xxx/OU=YYY/cn=Configuration/cn=Servers/cn=exchange
msExchMailboxGuid:: AtZH/u/ek0S6KAGYfi1/cw==
msExchMailboxSecurityDescriptor:: AQAEgHgAAACUAA....................
.......................... [etc.]
mDBUseDefaults: TRUE
msExchPoliciesIncluded: {5C1476A4-7679-421B-8D0F-7E5C6D449668},{26491CFC-9E50-
4857-861B-0CB8DF22B5D6}
# refldap://xxx.com/CN=Configuration,DC=xxx,DC=com
Die LDAP-Anfrage funktioniert ja auch, wie man beim postmap sehen kann.
Hier der Output, ich versuche eine Mail von sb at xxx.com an hasdfafafasfsfjaasfsfkldjdsf at xxx.com zu schicken (welche nicht existiert).
May 8 14:36:57 s501 postfix/smtpd[27432]: connect from unknown[192.168.0.x]
May 8 14:37:00 s501 postfix/smtpd[27432]: A8571347E3: client=unknown[192.168.0.x]
May 8 14:37:02 s501 postfix/cleanup[27435]: A8571347E3: message-id=<20070508123700.A8571347E3 at postfix.xxx.com>
May 8 14:37:02 s501 postfix/qmgr[27429]: A8571347E3: from=<sb at xxx.com>, size=353, nrcpt=1 (queue active)
May 8 14:37:02 s501 amavis[21685]: (21685-04) ESMTP::10024 /var/amavis/tmp/amavis-20070508T120104-21685: <sb at xxx.com> -> <hasdfafafasfsfjaasfsfkldjdsf at xxx.com> SIZE=353 Received: from postfix.xxx.com ([127.0.0.1]) by localhost (postfix.xxx.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <hasdfafafasfsfjaasfsfkldjdsf at xxx.com>; Tue, 8 May 2007 14:37:02 +0200 (CEST)
May 8 14:37:02 s501 amavis[21685]: (21685-04) Checking: iSWOeoRNjkLL <sb at xxx.com> -> <hasdfafafasfsfjaasfsfkldjdsf at xxx.com>
May 8 14:37:02 s501 amavis[21685]: (21685-04) cached d41d8cd98f00b204e9800998ecf8427e from <sb at xxx.com> (1,0)
May 8 14:37:02 s501 amavis[21685]: (21685-04) WARN: MIME::Parser error: unexpected end of header
May 8 14:37:02 s501 amavis[21685]: (21685-04) p001 1 Content-Type: text/plain, size: 0 B, name:
May 8 14:37:02 s501 amavis[21685]: (21685-04) local delivery: <> -> <bad-header-quarantine>, mbx=/var/amavis/quarantine/badh-iSWOeoRNjkLL
May 8 14:37:02 s501 amavis[21685]: (21685-04) SPAM-TAG, <sb at xxx.com> -> <hasdfafafasfsfjaasfsfkldjdsf at xxx.com>, No, score=5.722 tagged_above=2 required=6.31 tests=[ALL_TRUSTED=-1.44, AWL=-0.129, EMPTY_MESSAGE=0.607, MISSING_HB_SEP=2.5, MISSING_SUBJECT=1.285, TVD_SPACE_RATIO=2.899]
May 8 12:37:02 s501 postfix/smtpd[27439]: connect from unknown[127.0.0.1]
May 8 12:37:02 s501 postfix/smtpd[27439]: DC20F347F1: client=unknown[127.0.0.1]
May 8 14:37:02 s501 postfix/cleanup[27435]: DC20F347F1: message-id=<20070508123700.A8571347E3 at postfix.xxx.com>
May 8 14:37:02 s501 postfix/qmgr[27429]: DC20F347F1: from=<sb at xxx.com>, size=1190, nrcpt=1 (queue active)
May 8 12:37:02 s501 postfix/smtpd[27439]: disconnect from unknown[127.0.0.1]
May 8 14:37:02 s501 amavis[21685]: (21685-04) FWD via SMTP: <sb at xxx.com> -> <hasdfafafasfsfjaasfsfkldjdsf at xxx.com>, 250 2.6.0 Ok, id=21685-04, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as DC20F347F1
May 8 14:37:02 s501 amavis[21685]: (21685-04) Passed BAD-HEADER, [192.168.0.x] <sb at xxx.com> -> <hasdfafafasfsfjaasfsfkldjdsf at xxx.com>, quarantine: badh-iSWOeoRNjkLL, Message-ID: <20070508123700.A8571347E3 at postfix.xxx.com>, mail_id: iSWOeoRNjkLL, Hits: 5.722, size: 353, queued_as: DC20F347F1, 484 ms
May 8 12:37:02 s501 postfix/smtp[27436]: A8571347E3: to=<hasdfafafasfsfjaasfsfkldjdsf at xxx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=3/0/0/0.49, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as DC20F347F1)
May 8 14:37:02 s501 postfix/qmgr[27429]: A8571347E3: removed
May 8 14:37:02 s501 amavis[21685]: (21685-04) TIMING [total 488 ms] - SMTP greeting: 0 (0%)0, SMTP EHLO: 0 (0%)0, SMTP pre-MAIL: 0 (0%)0, SMTP pre-DATA-flush: 4 (1%)1, SMTP DATA: 40 (8%)9, check_init: 0 (0%)9, digest_hdr: 0 (0%)9, digest_body: 0 (0%)9, gen_mail_id: 0 (0%)9, mime_decode: 4 (1%)10, parts_decode: 0 (0%)10, check_header: 0 (0%)10, spam-wb-list: 4 (1%)11, SA msg read: 0 (0%)11, SA parse: 0 (0%)11, SA check: 340 (70%)80, update_cache: 4 (1%)81, decide_mail_destiny: 0 (0%)81, write-header: 4 (1%)82, save-to-local-mailbox: 0 (0%)82, fwd-connect: 4 (1%)83, fwd-mail-pip: 0 (0%)83, fwd-rcpt-pip: 0 (0%)83, fwd-data-chkpnt: 0 (0%)83, write-header: 0 (0%)83, fwd-data-contents: 0 (0%)83, fwd-end-chkpnt: 72 (15%)98, prepare-dsn: 0 (0%)98, main_log_entry: 8 (2%)99, update_snmp: 0 (0%)99, SMTP pre-response: 4 (1%)100, SMTP response: 0 (0%)100, unlink-0-files: 0 (0%)100, rundown: 0 (0%)100
May 8 14:37:02 s501 amavis[21685]: (21685-04) extra modules loaded: Mail/SpamAssassin/Plugin/Botnet.pm
May 8 14:37:03 s501 postfix/smtp[27440]: DC20F347F1: to=<hasdfafafasfsfjaasfsfkldjdsf at xxx.com>, relay=192.168.2.11[192.168.2.11]:25, delay=0.17, delays=0.07/0/0.01/0.09, dsn=2.6.0, status=sent (250 2.6.0 <20070508123700.A8571347E3 at postfix.xxx.com> Queued mail for delivery)
May 8 14:37:03 s501 postfix/qmgr[27429]: DC20F347F1: removed
May 8 14:37:03 s501 postfix/smtpd[27432]: disconnect from unknown[192.168.0.x]
Den ganzen Amavis-Output habe ich drin gelassen, vielleicht ist irgendwas ersichtlicht!?
# postconf -n
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_recipient_limit = 25
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.4.1/html
in_flow_delay = 1s
inet_interfaces = all
local_recipient_maps =
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = babiel.com
myhostname = postfix.babiel.com
mynetworks = 192.168.2.0/24, 127.0.0.0/8, x.x.x.x/26
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.1/readme
relay_domains = hash:/etc/postfix/relay_domains
relay_recipient_maps = hash:/etc/postfix/example_recipients
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, reject_unknown_hostname, reject_non_fqdn_hostname
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/sender_access , check_policy_service inet:127.0.0.1:10030
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
Danke erstmal für die Antworten!
>Alternativ dazu kann man auch den verify Daemon von Postfix nutzen.
>smtpd_recipient_restrictions =
> ...
> reject_unverified_recipient,
> ...
>So funktioniert es bei uns am Relay ganz wunderbar, da wir kein Exchange
>oder LDAP benutzen.
>Viele Grüße
>Oliver
Guter Tipp, aber der Exchange kommt mit VRFY nicht klar, und der übergeordnete Registry Key zum Freischalten existiert nicht,
(http://support.microsoft.com/default.aspx?scid=kb;en-us;289521) es geht leider nicht. Falls sonst jemand weiß wie es geht, wär ich dankbar...
MfG
Stefan
--
"Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail
Mehr Informationen über die Mailingliste Postfixbuch-users