[Postfixbuch-users] double-bounce/reject von Postfix und Amavis
Michael Nausch
michael at nausch.org
Mi Jul 8 13:46:59 CEST 2009
Griaseichallemidananda!
So nachdem das Thema die letzte Tage ja sachon ein paarmal
andiskutiert wurde, aber keiner so recht heruasbekommen hat, an was es
liegt/lag und auch die Freaks und Geeks hierzu relativ still waren,
erlaube ich mich mal das Thema (nochmals) aufzurollen.
Also zur Ausgangslage: *** Ich ahbe ein Problem *** (und nicht nur
ich, wie ich aus gut informierten Kreisen weiss)
O.K. worum geht's.
1) Peer macht das so wie es sein soll (war ja nicht naders zu erwarten
und er hat dies ja auch schon angedeutet.
Ich schickte eine eMail auf den Weg in Richtung "Postfixgod":
======================== schnippldieschnapp =========================
Received: from fwb.fwb.net (fwb.fwb.net [162.255.220.140]) by
webmail.mnet-online.de (Horde MIME library) with HTTP; Wed, 08 Jul 2009
10:45:28 +0200
Message-ID: <20090708104528.jv72e4521ws8oks4 at webmail.mnet-online.de>
Date: Wed, 08 Jul 2009 10:45:28 +0200
From: django at mnet-mail.de
To: p.heinlein at heinlein-support.de
Subject: Sicherheitsaktualisierung
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
Bcc: michi at nausch.org
HI Peer,
ich hoffe mal dass dieses eMail nicht angenommen wird, da diese gegen
Deine REGEXP-Regel laufen sollte:
/^Subject:.*Sicherheitsaktualisierung/ REJECT Header-Spamschutzregel
JPBERLIN-53
Wenn doch, sorry! ;)
======================== schnippldieschnapp =========================
Erwartungsgemäß verweigerte der Ziel-MX die Annahme der eMail:
Ich habe folgende Nachricht bekommen:
======================== schnippldieschnapp =========================
Return-Path: <>
Received: from murder (svr19.m-online.net [192.168.3.147])
by backend1 (Cyrus v2.2.12) with LMTPA;
Wed, 08 Jul 2009 10:47:06 +0200
X-Sieve: CMU Sieve 2.2
Received: from mail.m-online.net (localhost [127.0.0.1])
by frontend3.pop.m-online.net (Cyrus v2.2.13) with LMTPA;
Wed, 08 Jul 2009 10:46:49 +0200
Received: from scanner-2.m-online.net (unknown [192.168.8.166])
by mail.m-online.net (Postfix) with ESMTP id 6E4912001D3
for <django at mnet-mail.de>; Wed, 8 Jul 2009 10:46:49 +0200 (CEST)
Received: from mxin-1.m-online.net ([192.168.1.21])
by scanner-2.m-online.net (scanner-2.m-online.net [192.168.8.166])
(amavisd-new, port 10026)
with ESMTP id 05188-01-6 for <django at mnet-mail.de>;
Wed, 8 Jul 2009 10:47:07 +0200 (CEST)
Received: from mail-out.m-online.net (mail-out.m-online.net [212.18.0.9])
by mxin-2.m-online.net (Postfix) with ESMTP id 4C8EA4849DF
for <django at mnet-mail.de>; Wed, 8 Jul 2009 10:46:48 +0200 (CEST)
Received: by mail-out.m-online.net (Postfix)
id F05BF1C1569F; Wed, 8 Jul 2009 10:46:47 +0200 (CEST)
Date: Wed, 8 Jul 2009 10:46:47 +0200 (CEST)
From: MAILER-DAEMON at mail-out.m-online.net (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: django at mnet-mail.de
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="CDA931C156FC.1247042807/mail-out.m-online.net"
Content-Transfer-Encoding: 7bit
Message-Id: <20090708084647.F05BF1C1569F at mail-out.m-online.net>
X-Virus-Scanned: by amavisd-new at m-online.net
This is a MIME-encapsulated message.
--CDA931C156FC.1247042807/mail-out.m-online.net
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii
This is the mail system at host mail-out.m-online.net.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<p.heinlein at heinlein-support.de>: host mx0.jpberlin.de[213.203.238.10] said:
550 Error: Header-Spamschutzregel JPBERLIN-53 (in reply to end of DATA
command)
--CDA931C156FC.1247042807/mail-out.m-online.net
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; mail-out.m-online.net
X-Postfix-Queue-ID: CDA931C156FC
X-Postfix-Sender: rfc822; django at mnet-mail.de
Arrival-Date: Wed, 8 Jul 2009 10:45:29 +0200 (CEST)
Final-Recipient: rfc822; p.heinlein at heinlein-support.de
Original-Recipient: rfc822;p.heinlein at heinlein-support.de
Action: failed
Status: 5.0.0
Remote-MTA: dns; mx0.jpberlin.de
Diagnostic-Code: smtp; 550 Error: Header-Spamschutzregel JPBERLIN-53
--CDA931C156FC.1247042807/mail-out.m-online.net
Content-Description: Undelivered Message
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Received: from mail01.m-online.net (mail.m-online.net [192.168.3.149])
by mail-out.m-online.net (Postfix) with ESMTP id CDA931C156FC;
Wed, 8 Jul 2009 10:45:29 +0200 (CEST)
Received: from localhost (dynscan2.mnet-online.de [192.168.1.215])
by mail.m-online.net (Postfix) with ESMTP id 9BC6390273;
Wed, 8 Jul 2009 10:45:29 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.3.149])
by localhost (dynscan2.mnet-online.de [192.168.1.215]) (amavisd-new,
port 10024)
with ESMTP id AJJk0JDbFGHj; Wed, 8 Jul 2009 10:45:28 +0200 (CEST)
X-Auth-Info: rcnPvG8FZnWOR9t8UzM5qr/UxZ1e3r1u1esuaIO1uDc=
Received: from webmail.mnet-online.de (webmail.mnet-online.de [212.18.5.49])
by mail.mnet-online.de (Postfix) with ESMTP;
Wed, 8 Jul 2009 10:45:28 +0200 (CEST)
Received: from fwb.fwb.net (fwb.fwb.net [162.255.220.140]) by
webmail.mnet-online.de (Horde MIME library) with HTTP; Wed, 08 Jul 2009
10:45:28 +0200
Message-ID: <20090708104528.jv72e4521ws8oks4 at webmail.mnet-online.de>
Date: Wed, 08 Jul 2009 10:45:28 +0200
From: django at mnet-mail.de
To: p.heinlein at heinlein-support.de
Subject: Sicherheitsaktualisierung
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.1.5)
HI Peer,
ich hoffe mal dass dieses eMail nicht angenommen wird, da diese gegen
Deine REGEXP-Regel laufen sollte:
/^Subject:.*Sicherheitsaktualisierung/ REJECT Header-Spamschutzregel
JPBERLIN-53
Wenn doch, sorry! ;)
ciao,
Django
--CDA931C156FC.1247042807/mail-out.m-online.net--
======================== schnippldieschnapp =========================
Soweit so gut und alles klar.
So nun kommt das grosse ABER!
2) Selbe eMail habe ich nun an eine Adresse bei meinem Postfix geschickt:
======================== schnippldieschnapp =========================
Received: from fwb.fwb.net (fwb.fwb.net [162.255.220.140]) by
webmail.mnet-online.de (Horde MIME library) with HTTP; Wed, 08 Jul 2009
12:05:49 +0200
Message-ID: <20090708120549.g9dqsl2gqsgs8sk0 at webmail.mnet-online.de>
Date: Wed, 08 Jul 2009 12:05:49 +0200
From: django at mnet-mail.de
To: michael at nausch.org
Subject: Sicherheitsaktualisierung
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
HI Peer,
ich hoffe mal dass dieses eMail nicht angenommen wird, da diese gegen
Deine REGEXP-Regel
laufen sollte:
/^Subject:.*Sicherheitsaktualisierung/ REJECT
Header-Spamschutzregel JPBERLIN-53
Wenn doch, sorry! ;)
ciao,
Django
======================== schnippldieschnapp =========================
So nun passiert aber folgendes. In meinem Webmailer beim Provider habe
ich plötzlich _Z_W_E_I_ Rückmeldungen!
1. RÜCKMELDUNG
======================== schnippldieschnapp =========================
Return-Path: <>
Received: from murder (svr19.m-online.net [192.168.3.147])
by backend1 (Cyrus v2.2.12) with LMTPA;
Wed, 08 Jul 2009 12:06:23 +0200
X-Sieve: CMU Sieve 2.2
Received: from mail.m-online.net (localhost [127.0.0.1])
by frontend3.pop.m-online.net (Cyrus v2.2.13) with LMTPA;
Wed, 08 Jul 2009 12:06:05 +0200
Received: from scanner-3.m-online.net (scanner-3.m-online.net [192.168.1.20])
by mail.m-online.net (Postfix) with ESMTP id F054C2001A6
for <django at mnet-mail.de>; Wed, 8 Jul 2009 12:06:05 +0200 (CEST)
Received: from mxin-3.m-online.net ([192.168.1.19])
by scanner-3.m-online.net (scanner-3.m-online.net [192.168.1.20])
(amavisd-new, port 10026)
with ESMTP id 13290-04-11 for <django at mnet-mail.de>;
Wed, 8 Jul 2009 12:06:04 +0200 (CEST)
Received: from mx1.nausch.org (mx1.nausch.org [88.217.187.21])
by mxin-3.m-online.net (Postfix) with ESMTP id 1BA9546C0B5
for <django at mnet-mail.de>; Wed, 8 Jul 2009 12:06:03 +0200 (CEST)
Received: from localhost (localhost.localdomain [127.0.0.1])
by mx1.nausch.org (Postfix) with ESMTP id A18501158662
for <django at mnet-mail.de>; Wed, 8 Jul 2009 12:06:03 +0200 (CEST)
Content-Type: multipart/report; report-type=delivery-status;
boundary="----------=_1247047563-2318-0"
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
Subject: Undeliverable mail, MTA-BLOCKED
Message-ID: <DSNiB7rvNzHpZAf at amavis.nausch.org>
From: "Content-filter at amavis.nausch.org" <postmaster at nausch.org>
To: <django at mnet-mail.de>
Date: Wed, 8 Jul 2009 12:05:59 +0200 (CEST)
X-Virus-Scanned: by amavisd-new at m-online.net
This is a multi-part message in MIME format...
------------=_1247047563-2318-0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
The message WAS NOT relayed to:
<michael at nausch.org>: [127.0.0.1] said:
550 5.7.1 Header-Subject-Spamschutzregel Subj-1071
This nondelivery report was generated by the program amavisd-new at host
amavis.nausch.org. Our internal reference code for your message is
02318-05/iB7rvNzHpZAf
Return-Path: <django at mnet-mail.de>
Message-ID: <20090708120549.g9dqsl2gqsgs8sk0 at webmail.mnet-online.de>
Subject: Sicherheitsaktualisierung
------------=_1247047563-2318-0
Content-Type: message/delivery-status; name="dsn_status"
Content-Disposition: inline; filename="dsn_status"
Content-Transfer-Encoding: 7bit
Content-Description: Delivery error report
Reporting-MTA: dns; amavis.nausch.org
Received-From-MTA: smtp; mx1.nausch.org ([127.0.0.1])
Arrival-Date: Wed, 8 Jul 2009 12:05:59 +0200 (CEST)
Final-Recipient: rfc822;michael at nausch.org
Action: failed
Status: 5.7.1
Remote-MTA: dns; 127.0.0.1
Diagnostic-Code: smtp; 550 5.7.1 Header-Subject-Spamschutzregel Subj-1071
Last-Attempt-Date: Wed, 8 Jul 2009 12:05:59 +0200 (CEST)
Final-Log-ID: 02318-05/iB7rvNzHpZAf
------------=_1247047563-2318-0
Content-Type: text/rfc822-headers; name="header"
Content-Disposition: inline; filename="header"
Content-Transfer-Encoding: 7bit
Content-Description: Message headers
Return-Path: <django at mnet-mail.de>
X-policyd-weight: using cached result; rate:hard: -5.5
Received: from mx1.tachtler.net (mx1.tachtler.net [88.217.171.167])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mx1.nausch.org (Postfix) with ESMTP
for <michael at nausch.org>; Wed, 8 Jul 2009 12:05:59 +0200 (CEST)
X-Virus-Scanned: amavisd-new at tachtler.net
Received: from mx1.tachtler.net ([127.0.0.1])
by localhost (amavis.tachtler.net [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id za5BvE1QvK5C for <michael at nausch.org>;
Wed, 8 Jul 2009 12:05:57 +0200 (CEST)
X-policyd-weight: using cached result; rate:hard: -8.5
Received: from mail-out.m-online.net (mail-out.m-online.net [212.18.0.9])
by mx1.tachtler.net (Postfix) with ESMTP
for <michael at nausch.org>; Wed, 8 Jul 2009 12:05:54 +0200 (CEST)
Received: from mail01.m-online.net (mail.m-online.net [192.168.3.149])
by mail-out.m-online.net (Postfix) with ESMTP id 7C9071C152DB
for <michael at nausch.org>; Wed, 8 Jul 2009 12:05:53 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.3.149])
by localhost (dynscan2.mnet-online.de [192.168.1.215]) (amavisd-new,
port 10024)
with ESMTP id fx2aOBoJdvio for <michael at nausch.org>;
Wed, 8 Jul 2009 12:05:49 +0200 (CEST)
X-Auth-Info: PxeoctQ2sJqI/RRrUM2eCWO+aC+W5PSha0ojGXN6wSI=
Received: from webmail.mnet-online.de (webmail.mnet-online.de [212.18.5.49])
by mail.mnet-online.de (Postfix) with ESMTP
for <michael at nausch.org>; Wed, 8 Jul 2009 12:05:49 +0200 (CEST)
Received: from fwb.fwb.net (fwb.fwb.net [162.255.220.140]) by
webmail.mnet-online.de (Horde MIME library) with HTTP; Wed, 08 Jul 2009
12:05:49 +0200
Message-ID: <20090708120549.g9dqsl2gqsgs8sk0 at webmail.mnet-online.de>
Date: Wed, 08 Jul 2009 12:05:49 +0200
From: django at mnet-mail.de
To: michael at nausch.org
Subject: Sicherheitsaktualisierung
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.1.5)
------------=_1247047563-2318-0--
======================== schnippldieschnapp =========================
2. RÜCKMELDUNG
======================== schnippldieschnapp =========================
Return-Path: <>
Received: from murder (svr19.m-online.net [192.168.3.147])
by backend1 (Cyrus v2.2.12) with LMTPA;
Wed, 08 Jul 2009 12:06:25 +0200
X-Sieve: CMU Sieve 2.2
Received: from mail.m-online.net (localhost [127.0.0.1])
by frontend3.pop.m-online.net (Cyrus v2.2.13) with LMTPA;
Wed, 08 Jul 2009 12:06:08 +0200
Received: from scanner-3.m-online.net (scanner-3.m-online.net [192.168.1.20])
by mail.m-online.net (Postfix) with ESMTP id 39910200090
for <django at mnet-mail.de>; Wed, 8 Jul 2009 12:06:08 +0200 (CEST)
Received: from mxin-3.m-online.net ([192.168.1.19])
by scanner-3.m-online.net (scanner-3.m-online.net [192.168.1.20])
(amavisd-new, port 10026)
with ESMTP id 13030-02-25 for <django at mnet-mail.de>;
Wed, 8 Jul 2009 12:06:04 +0200 (CEST)
Received: from mx1.tachtler.net (mx1.tachtler.net [88.217.171.167])
by mxin-3.m-online.net (Postfix) with ESMTP id 346AA46C0AE
for <django at mnet-mail.de>; Wed, 8 Jul 2009 12:06:04 +0200 (CEST)
Received: by mx1.tachtler.net (Postfix)
id DECC5416A9; Wed, 8 Jul 2009 12:06:03 +0200 (CEST)
Date: Wed, 8 Jul 2009 12:06:03 +0200 (CEST)
From: MAILER-DAEMON at tachtler.net (Mail Delivery System)
Subject: Rueckgabe nicht zustellbarer Nachricht an Absender
To: django at mnet-mail.de
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="E5003416A7.1247047563/mx1.tachtler.net"
Content-Transfer-Encoding: 7bit
Message-Id: <20090708100603.DECC5416A9 at mx1.tachtler.net>
X-Virus-Scanned: by amavisd-new at m-online.net
This is a MIME-encapsulated message.
--E5003416A7.1247047563/mx1.tachtler.net
Content-Description: Notification
Content-Type: text/plain; charset=iso-8859-1
Dies ist eine automatisch generierte Nachricht des Postfix E-Mail-Dienstes.
Dieser Dienst wird auf dem Server mx1.tachtler.net betrieben und teilt Ihnen
folgendes mit:
Ihre Nachricht konnte an einen oder mehrere Empfaenger nicht zugestellt
werden. Ein Problem-Bericht, sowie Ihre uspruengliche Nachricht wurden an
das Ende dieser Nachricht angehaengt.
Fuer weitere Hilfe kontaktieren Sie bitte den fuer Sie zustaendigen
<postmaster>.
Senden Sie dazu den an diese E-Mail angefuegten Problem-Bericht mit.
Den Inhalt Ihrer urspruenglichen Nachricht koennen Sie - zum Schutz Ihrer
Privatsphaere - entfernen; er ist fuer eine Fehler-Diagnose nicht zwingend
notwendig.
Der Postfix E-Mail-Dienst
INTERNATIONAL VERSION
This is the Postfix program at host mx1.tachtler.net.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
<michael at nausch.org>: host mx1.nausch.org[88.217.187.21] said: 550 5.7.1
Header-Subject-Spamschutzregel Subj-1071 (in reply to end of DATA command)
--E5003416A7.1247047563/mx1.tachtler.net
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; mx1.tachtler.net
X-Postfix-Queue-ID: E5003416A7
X-Postfix-Sender: rfc822; django at mnet-mail.de
Arrival-Date: Wed, 8 Jul 2009 12:05:58 +0200 (CEST)
Final-Recipient: rfc822; michael at nausch.org
Original-Recipient: rfc822;michael at nausch.org
Action: failed
Status: 5.7.1
Remote-MTA: dns; mx1.nausch.org
Diagnostic-Code: smtp; 550 5.7.1 Header-Subject-Spamschutzregel Subj-1071
--E5003416A7.1247047563/mx1.tachtler.net
Content-Description: Undelivered Message
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: amavisd-new at tachtler.net
Received: from mx1.tachtler.net ([127.0.0.1])
by localhost (amavis.tachtler.net [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id za5BvE1QvK5C for <michael at nausch.org>;
Wed, 8 Jul 2009 12:05:57 +0200 (CEST)
X-policyd-weight: using cached result; rate:hard: -8.5
Received: from mail-out.m-online.net (mail-out.m-online.net [212.18.0.9])
by mx1.tachtler.net (Postfix) with ESMTP
for <michael at nausch.org>; Wed, 8 Jul 2009 12:05:54 +0200 (CEST)
Received: from mail01.m-online.net (mail.m-online.net [192.168.3.149])
by mail-out.m-online.net (Postfix) with ESMTP id 7C9071C152DB
for <michael at nausch.org>; Wed, 8 Jul 2009 12:05:53 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.3.149])
by localhost (dynscan2.mnet-online.de [192.168.1.215]) (amavisd-new,
port 10024)
with ESMTP id fx2aOBoJdvio for <michael at nausch.org>;
Wed, 8 Jul 2009 12:05:49 +0200 (CEST)
X-Auth-Info: PxeoctQ2sJqI/RRrUM2eCWO+aC+W5PSha0ojGXN6wSI=
Received: from webmail.mnet-online.de (webmail.mnet-online.de [212.18.5.49])
by mail.mnet-online.de (Postfix) with ESMTP
for <michael at nausch.org>; Wed, 8 Jul 2009 12:05:49 +0200 (CEST)
Received: from fwb.fwb.net (fwb.fwb.net [162.255.220.140]) by
webmail.mnet-online.de (Horde MIME library) with HTTP; Wed, 08 Jul 2009
12:05:49 +0200
Message-ID: <20090708120549.g9dqsl2gqsgs8sk0 at webmail.mnet-online.de>
Date: Wed, 08 Jul 2009 12:05:49 +0200
From: django at mnet-mail.de
To: michael at nausch.org
Subject: Sicherheitsaktualisierung
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.1.5)
HI Peer,
ich hoffe mal dass dieses eMail nicht angenommen wird, da diese gegen
Deine REGEXP-Regel
laufen sollte:
/^Subject:.*Sicherheitsaktualisierung/ REJECT
Header-Spamschutzregel JPBERLIN-53
Wenn doch, sorry! ;)
ciao,
Django
--E5003416A7.1247047563/mx1.tachtler.net--
======================== schnippldieschnapp =========================
Ich hoffe mal, bis hierher können mir diejenigen folgen, die mir
(hoffentlich) helfen können und der Andere teil wird mir zustimmen,
dass:
a) dies so nicht sein sollte/darf und
b) das genauso auf dem eigenen System passiert.
So nun zu meiner Konfiguration:
======================== schnippldieschnapp =========================
[root at nss ~]# egrep -v '(^.*#|^$)' /etc/postfix/master.cf
smtp inet n - n - 20 smtpd
-o smtpd_proxy_filter=localhost:10024
-o content_filter=
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_proxy_filter=
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtp_client_restrictions=
-o smtp_helo_restrictions=
-o smtp_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtp_data_restrictions=
-o mynetworks=127.0.0.0/8
-o receive_override_options=no_unknown_recipient_checks
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
======================== schnippldieschnapp =========================
======================== schnippldieschnapp =========================
[root at nss ~]# postconf -n
address_verify_map = btree:/var/spool/postfix/data/verify
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
bounce_template_file = /etc/postfix/bounce.de-DE.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = pcre:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
masquerade_domains = nausch.org
mydestination = $myhostname, $mydomain, localhost, localhost.$mydomain
myhostname = mx1.nausch.org
mynetworks = 192.168.10.0/24, 127.0.0.0/8
mynetworks_style = subnet
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
parent_domain_matches_subdomains = debug_peer_list,
fast_flush_domains, mynetworks,
permit_mx_backup_networks, qmqpd_authorized_clients,
relay_domains
permit_mx_backup_networks = 88.217.171.167/32
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relay_domains = $mydestination
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_loglevel = 1
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 10
smtpd_client_recipient_rate_limit = 10
smtpd_discard_ehlo_keyword_address_maps = cidr:/etc/postfix/esmtp_access
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/access_recipient-rfc, check_client_access
hash:/etc/postfix/access_client, check_helo_access
hash:/etc/postfix/access_helo, check_sender_access
hash:/etc/postfix/access_sender, check_recipient_access
hash:/etc/postfix/access_recipient, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_sender_domain,
reject_unknown_recipient_domain, permit_sasl_authenticated,
permit_mynetworks, reject_rbl_client zen.spamhaus.org,
reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client
bl.spamcop.net, reject_rbl_client dnsbl.njabl.org,
reject_rhsbl_client multi.uribl.com, check_client_access
hash:/etc/postfix/policyd_weight_client_whitelistcheck_policy_service
inet:127.0.0.1:12525, check_policy_service unix:postgrey/socket,
reject_unverified_recipient, permit_mx_backup,
reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_tls_CAfile = /etc/pki/postfix/cacert-root.pem
smtpd_tls_cert_file = /etc/pki/postfix/cacert-crt.pem
smtpd_tls_key_file = /etc/pki/postfix/serverkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_use_tls = yes
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 577
virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps
======================== schnippldieschnapp =========================
======================== schnippldieschnapp =========================
[root at nss ~]# egrep -v '(^.*#|^$)' /etc/amavisd.conf
use strict;
$QUARANTINEDIR = "/var/virusmails";
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
};
$interface_policy{'10026'} = 'ORIGINATING';
virus_admin_maps => ["virusalert\@$mydomain"],
spam_admin_maps => ["virusalert\@$mydomain"],
warnbadhsender => 0,
forward_method => 'smtp:[127.0.0.1]:10027',
smtpd_discard_ehlo_keywords => ['8BITMIME'],
};
$policy_bank{'AM.PDP-SOCK'} = {
protocol => 'AM.PDP',
};
@addr_extension_virus_maps = ('virus');
@addr_extension_banned_maps = ('banned');
@addr_extension_spam_maps = ('spam');
@addr_extension_bad_header_maps = ('badh');
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$sa_spam_subject_tag = '***SPAM*** ';
$final_virus_destiny = D_REJECT;
$final_banned_destiny = D_REJECT;
$final_spam_destiny = D_REJECT;
$virus_quarantine_to = undef;
$banned_quarantine_to = undef;
$spam_quarantine_to = undef;
$bad_header_quarantine_to = undef;
@keep_decoded_original_maps = (new_RE(
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
qr'\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i,
);
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
),
'nobody at cert.org' => -3.0,
'cert-advisory at us-cert.gov' => -3.0,
'owner-alert at iss.net' => -3.0,
'slashdot at slashdot.org' => -3.0,
'securityfocus.com' => -3.0,
'ntbugtraq at listserv.ntbugtraq.com' => -3.0,
'security-alerts at linuxsecurity.com' => -3.0,
'mailman-announce-admin at python.org' => -3.0,
'amavis-user-admin at lists.sourceforge.net'=> -3.0,
'amavis-user-bounces at lists.sourceforge.net' => -3.0,
'spamassassin.apache.org' => -3.0,
'notification-return at lists.sophos.com' => -3.0,
'owner-postfix-users at postfix.org' => -3.0,
'owner-postfix-announce at postfix.org' => -3.0,
'owner-sendmail-announce at lists.sendmail.org' => -3.0,
'sendmail-announce-request at lists.sendmail.org' => -3.0,
'donotreply at sendmail.org' => -3.0,
'ca+envelope at sendmail.org' => -3.0,
'noreply at freshmeat.net' => -3.0,
'owner-technews at postel.acm.org' => -3.0,
'ietf-123-owner at loki.ietf.org' => -3.0,
'cvs-commits-list-admin at gnome.org' => -3.0,
'rt-users-admin at lists.fsck.com' => -3.0,
'clp-request at comp.nus.edu.sg' => -3.0,
'surveys-errors at lists.nua.ie' => -3.0,
'emailnews at genomeweb.com' => -5.0,
'yahoo-dev-null at yahoo-inc.com' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'clusternews at linuxnetworx.com' => -3.0,
lc('lvs-users-admin at LinuxVirtualServer.org') => -3.0,
lc('owner-textbreakingnews at CNNIMAIL12.CNN.COM') => -5.0,
'sender at example.net' => 3.0,
'.example.net' => 1.0,
},
});
@decoders = (
['mail', \&do_mime_decode],
['asc', \&do_ascii],
['uue', \&do_ascii],
['hqx', \&do_ascii],
['ync', \&do_ascii],
['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
['gz', \&do_uncompress, 'gzip -d'],
['gz', \&do_gunzip],
['bz2', \&do_uncompress, 'bzip2 -d'],
['lzo', \&do_uncompress, 'lzop -d'],
['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ],
['deb', \&do_ar, 'ar'],
['zip', \&do_unzip],
['7z', \&do_7zip, ['7zr','7za','7z'] ],
['rar', \&do_unrar, ['rar','unrar'] ],
['arj', \&do_unarj, ['arj','unarj'] ],
['arc', \&do_arc, ['nomarch','arc'] ],
['zoo', \&do_zoo, ['zoo','unzoo'] ],
['lha', \&do_lha, 'lha'],
['cab', \&do_cabextract, 'cabextract'],
['tnef', \&do_tnef_ext, 'tnef'],
['tnef', \&do_tnef],
['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
);
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd.socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
['KasperskyLab AVP - aveclient',
['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
'/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'],
'-p /var/run/aveserver -s {}/*',
[0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/,
qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/,
],
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
qr/infected: (.+)/,
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
],
['KasperskyLab AVPDaemonClient',
[ '/opt/AVP/kavdaemon', 'kavdaemon',
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
'/opt/AVP/AvpTeamDream', 'AvpTeamDream',
'/opt/AVP/avpdc', 'avpdc' ],
"-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
['CentralCommand Vexira (new) vascan',
['vascan','/usr/lib/Vexira/vascan'],
"-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
"--log=/var/log/vascan.log {}",
[0,3], [1,2,5],
qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\
( [^\]\s']+ )\ \.\.\.\ / ],
['Avira AntiVir', ['antivir','vexira'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
['Command AntiVirus for Linux', 'csav',
'-all -archive -packed {}', [50], [51,52,53],
qr/Infection: (.+)/ ],
['Symantec CarrierScan via Symantec CommandLineScanner',
'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
qr/^Files Infected:\s+0$/, qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
['Symantec AntiVirus Scan Engine',
'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details
-verbose {}',
[0], qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
['F-Secure Antivirus for Linux servers',
['/opt/f-secure/fsav/bin/fsav', 'fsav'],
'--virus-action1=report --archive=yes --auto=yes '.
'--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8],
qr/(?:infection|Infected|Suspected|Riskware): (.+)/ ],
'-sec -nex {}', [0], [100],
qr/was infected by virus (.+)/ ],
['CAI eTrust Antivirus', 'etrust-wrapper',
'-arc -nex -spm h {}', [0], [101],
qr/is infected by virus: (.+)/ ],
['MkS_Vir for Linux (beta)', ['mks32','mks'],
'-s {}/*', [0], [1,2],
qr/--[ \t]*(.+)/ ],
['MkS_Vir daemon', 'mksscan',
'-s -q {}', [0], [1..7],
qr/^... (\S+)/ ],
['ESET NOD32 Linux Mail Server - command line interface',
['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'],
'--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/ ],
['ESET NOD32 for Linux File servers',
['/opt/eset/nod32/sbin/nod32','nod32'],
'--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '.
'-w -a --action=1 -b {}',
[0], [1,10], qr/^object=.*, virus="(.*?)",/ ],
['Norman Virus Control v5 / Linux', 'nvcc',
'-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
qr/(?i).* virus in .* -> \'(.+)\'/ ],
['Panda CommandLineSecure 9 for Linux',
['/opt/pavcl/usr/bin/pavcl','pavcl'],
'-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}',
qr/Number of files infected[ .]*: 0+(?!\d)/,
qr/Number of files infected[ .]*: 0*[1-9]/,
qr/Found virus :\s*(\S+)/ ],
['NAI McAfee AntiVirus (uvscan)', 'uvscan',
'--secure -rv --mime --summary --noboot - {}', [0], [13],
qr/(?x) Found (?:
\ the\ (.+)\ (?:virus|trojan) |
\ (?:virus|trojan)\ or\ variant\ ([^ ]+) |
:\ (.+)\ NOT\ a\ virus)/,
],
['VirusBuster', ['vbuster', 'vbengcl'],
"{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
qr/: '(.*)' - Virus/ ],
['CyberSoft VFind', 'vfind',
],
['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
'-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/ ],
['Ikarus AntiVirus for Linux', 'ikarus',
'{}', [0], [40], qr/Signature (.+) found/ ],
'--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/,
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
'--arc --mail {}', qr/^Infected files *:0+(?!\d)/,
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
['ArcaVir for Linux', ['arcacmd','arcacmd.static'],
'-v 1 -summary 0 -s {}', [0], [1,2],
qr/(?:VIR|WIR):[ \t]*(.+)/ ],
);
@av_scanners_backup = (
['ClamAV-clamscan', 'clamscan',
"--stdout --no-summary -r --tempdir=$TEMPBASE {}",
[0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
['F-PROT Antivirus for UNIX', ['fpscan'],
[0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3],
qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/ ],
['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/ ],
['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
'-za -a {}', [0], qr/Found virus/, qr/Found virus (.+) in/ ],
['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
'-path={} -al -go -ot -cn -upn -ok-',
[0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'],
['Kaspersky Antivirus v5.5',
['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner',
'/opt/kav/5.5/kav4unix/bin/kavscanner',
'/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'],
'-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25],
qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/ ,
],
);
======================== schnippldieschnapp =========================
So und nun "raus mit der Sprache"! ;)
Sag' mir mal einer, warum mein Setup sich so Schei**e verhält?! Ich
geb' auch 'n Bierchen und 'n ordendliches Steak auf'm Grill aus, für
denjenigen der die Lösung hat und verrät! (gibt's beides bei mir im
Garten!)
Pfiadseich,
Django
--
"Bonnie & Clyde der Postmaster-Szene!" approved by Postfix-God
http://wetterstation-pliening.info
http://dokuwiki.nausch.org
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : nicht verfügbar
Dateityp : application/pgp-signature
Dateigröße : 189 bytes
Beschreibung: Digitale PGP-Unterschrift
URL : <https://listi.jpberlin.de/pipermail/postfixbuch-users/attachments/20090708/ad0dd697/attachment.sig>
Mehr Informationen über die Mailingliste Postfixbuch-users