[Postfixbuch-users] Spamassassin scannt reinkommende Emails zweimal
Sandy Drobic
postfixbuch-users at drobic.de
Mi Feb 17 15:41:39 CET 2010
On 16.02.2010 19:15, Stefan Bielenberg wrote:
> Am 16.02.2010 14:47, schrieb Sandy Drobic:
>> postconf -n
>> /etc/postfix/master.cf (ohne Kommentare)
>> die Logzeilen, wenn die Mail durchläuft
>
> Ich hoffe es hilft weiter...
Ich denke schon.
> In der oben genannten Reihenfolge:
>
> ----------------------------------
>
> [root at mail ~]# postconf -n
> alias_database = hash:/etc/postfix/aliases
> alias_maps = hash:/etc/postfix/aliases
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
Dies dürfte der Verursacher des Problems sein. Damit wird für jeden in der
master.cf angelegten Transport hier global der content_filter gesetzt. Dies
kann manchmal tückisch sein, deshalb bevorzuge ich es, den content_filter als
Parameter explizit bei den Transporten in master.cf zu setzen, wo ich einen
content_filter wünsche.
Bitte beachte, dass auch Transporte wie pickup so einen content_filter erhalten.
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> inet_interfaces = all
> mail_owner = postfix
> mailbox_size_limit = 104857600
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> message_size_limit = 20971520
> mydestination = $mydomain $myhostname localhost localhost.$mydomain
> mydomain = example.net
> myhostname = smtp.example.net
> mynetworks = 127.0.0.0/8
> myorigin = $mydomain
> newaliases_path = /usr/bin/newaliases.postfix
> notify_classes = resource, software, policy
> queue_directory = /var/spool/postfix
> queue_minfree = 524288000
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> smtp_always_send_ehlo = yes
> smtp_sasl_auth_enable = yes
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtp_sasl_security_options = noanonymous
> smtp_tls_CAfile = /etc/certificates/cacert.pem
> smtp_tls_cert_file = /etc/certificates/SMTPcert.pem
> smtp_tls_key_file = /etc/certificates/SMTPpriv_key.pem
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP $mail_name
> smtpd_helo_required = yes
> smtpd_helo_restrictions =
> smtpd_recipient_restrictions =
> permit_mynetworks
> permit_tls_clientcerts
> permit_sasl_authenticated
> reject_unauth_destination
> reject_unlisted_recipient
> reject_non_fqdn_recipient
> reject_unknown_recipient_domain
> check_sender_access hash:/etc/postfix/sender_access_list
> reject_non_fqdn_sender
> reject_unknown_sender_domain
> reject_unlisted_sender
> check_helo_access hash:/etc/postfix/helo_access_list
> reject_non_fqdn_hostname
> reject_invalid_hostname
> reject_multi_recipient_bounce
> reject_unauth_pipelining
> check_policy_service inet:127.0.0.1:12525
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
> smtpd_sender_restrictions =
> smtpd_tls_CAfile = /etc/certificates/cacert.pem
> smtpd_tls_CApath = /etc/certificates/cacerts
> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/certificates/SMTPcert.pem
> smtpd_tls_key_file = /etc/certificates/SMTPpriv_key.pem
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache
> smtpd_use_tls = yes
> soft_bounce = no
> transport_maps = hash:/etc/postfix/transport
> unknown_address_reject_code = 554
> unknown_hostname_reject_code = 554
> unknown_local_recipient_reject_code = 550
> unverified_sender_reject_code = 554
> virtual_alias_domains = /etc/postfix/local_domains
> virtual_alias_maps = hash:/etc/postfix/virtual
>
> ----------------------------------------------
>
> smtp inet n - n - - smtpd
Versuche es einfach mal umgekehrt:
Nimm den globalen content_filter in der main.cf raus und nimm den
content_filter hier herein:
smtp inet n - n - - smtpd
content_filter=smtp-amavis:[127.0.0.1]:10024
> smtps inet n - n - - smtpd
> -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
> submission inet n - n - - smtpd
> -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
content_filter=smtp-amavis:[127.0.0.1]:10024
# Hier natürlich auch dazu.
> #628 inet n - n - - qmqpd
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> #qmgr fifo n - n 300 1 oqmgr
> tlsmgr fifo - - n 300 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - - smtp
> relay unix - - n - - smtp
> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq unix n - n - - showq
> error unix - - n - - error
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
>
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>
> old-cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
> cyrus unix - n n - - pipe
> user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
> $recipient
>
> 127.0.0.1:10025 inet n - n - - smtpd
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o smtpd_delay_reject=no
> -o smtpd_helo_restrictions=
> -o smtpd_client_restrictions=permit_mynetworks,reject
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o mynetworks_style=host
> -o mynetworks=127.0.0.0/8
> -o strict_rfc821_envelopes=yes
> -o smtpd_error_sleep_time=0
> -o smtpd_soft_error_limit=1001
> -o smtpd_hard_error_limit=1000
> -o smtpd_client_connection_count_limit=0
> -o smtpd_client_connection_rate_limit=0
> -o
> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
>
> smtp-amavis unix - - y - 2 smtp
> -o smtp_data_done_timeout=1200
> -o myhostname=smtp.example.net
> -o smtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> -o max_use=20
>
> ----------------------------------------------
>
> Feb 16 13:28:09 smtp postfix/smtpd[19881]: connect from
> static-162-84-43-16.slsbmd.east.verizon.net[162.84.43.16]
> Feb 16 13:28:09 smtp postfix/policyd-weight[9907]: decided action=DUNNO
> mail for postmaster at example.net; <client=162.84.43.16>
> <helo=static-162-84-43-16.slsbmd.
> east.verizon.net> <from=polytheistsezq93 at riskymail4free.com>
> <to=postmaster at example.net>; delay: 0s
> Feb 16 13:28:09 smtp postfix/smtpd[19881]: 8D46578A043A:
> client=static-162-84-43-16.slsbmd.east.verizon.net[162.84.43.16]
> Feb 16 13:28:09 smtp postfix/cleanup[19889]: 8D46578A043A:
> message-id=<000d01caaf03$7e395650$6400a8c0 at polytheistsezq93>
> Feb 16 13:28:09 smtp postfix/qmgr[17775]: 8D46578A043A:
> from=<polytheistsezq93 at riskymail4free.com>, size=832, nrcpt=1 (queue active)
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) ESMTP::10024
> /var/amavis/tmp/amavis-20100216T122854-01556:
> <polytheistsezq93 at riskymail4free.com> -> <postmaster
> @example.net> SIZE=832 Received: from smtp.example.net ([127.0.0.1]) by
> localhost (smtp.example.net [127.0.0.1]) (amavisd-new, port 10024) with
> ESMTP for <postmast
> er at example.net>; Tue, 16 Feb 2010 13:28:10 +0100 (CET)
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) Checking: QJSQsaC2vANb
> [162.84.43.16] <polytheistsezq93 at riskymail4free.com> ->
> <postmaster at example.net>
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) p001 1 Content-Type:
> text/plain, size: 94 B, name:
> Feb 16 13:28:10 smtp postfix/smtpd[19881]: disconnect from
> static-162-84-43-16.slsbmd.east.verizon.net[162.84.43.16]
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) SPAM-TAG,
> <polytheistsezq93 at riskymail4free.com> -> <postmaster at example.net>, Yes,
> score=6.705 tagged_above=-999 r
> equired=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=0.561,
> HELO_DYNAMIC_IPADDR=2.643, STOX_REPLY_TYPE=0.001]
> Feb 16 13:28:10 smtp postfix/smtpd[19906]: connect from
> localhost.localdomain[127.0.0.1]
> Feb 16 13:28:10 smtp postfix/smtpd[19906]: 468E778A43E4:
> client=localhost.localdomain[127.0.0.1]
> Feb 16 13:28:10 smtp postfix/cleanup[19889]: 468E778A43E4:
> message-id=<000d01caaf03$7e395650$6400a8c0 at polytheistsezq93>
> Feb 16 13:28:10 smtp postfix/qmgr[17775]: 468E778A43E4:
> from=<polytheistsezq93 at riskymail4free.com>, size=1556, nrcpt=1 (queue
> active)
> Feb 16 13:28:10 smtp postfix/smtpd[19906]: disconnect from
> localhost.localdomain[127.0.0.1]
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) FWD via SMTP:
> <polytheistsezq93 at riskymail4free.com> -> <postmaster at example.net>,
> BODY=8BITMIME 250 2.6.0 Ok, id=0
> 1556-12, from MTA([127.0.0.1]:10025): 250 Ok: queued as 468E778A43E4
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) Passed,
> <polytheistsezq93 at riskymail4free.com> -> <postmaster at example.net>,
> Message-ID: <000d01caaf03$7e395650$640
> 0a8c0 at polytheistsezq93>, Hits: 6.705
> Feb 16 13:28:10 smtp postfix/smtp[19900]: 8D46578A043A:
> to=<postmaster at example.net>, orig_to=<postmaster at example.net>,
> relay=127.0.0.1[127.0.0.1], delay=1, status
> =sent (250 2.6.0 Ok, id=01556-12, from MTA([127.0.0.1]:10025): 250 Ok:
> queued as 468E778A43E4)
> Feb 16 13:28:10 smtp postfix/qmgr[17775]: 8D46578A043A: removed
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) TIMING [total 348 ms] -
> SMTP greeting: 2 (1%)1, SMTP EHLO: 1 (0%)1, SMTP pre-MAIL: 1 (0%)1, SMTP
> pre-DATA-flush
> : 3 (1%)2, SMTP DATA: 37 (11%)13, check_init: 1 (0%)13, digest_hdr: 0
> (0%)13, digest_body: 0 (0%)13, gen_mail_id: 0 (0%)13, mime_decode: 9
> (3%)16, get-file-t
> ype1: 28 (8%)24, decompose_part: 1 (0%)24, parts_decode: 0 (0%)24,
> check_header: 2 (0%)24, AV-scan-1: 4 (1%)25, spam-wb-list: 2 (1%)26, SA
> msg read: 0 (0%)26
> , SA parse: 3 (1%)27, SA check: 147 (42%)69, SA finish: 3 (1%)70,
> update_cache: 2 (1%)71, decide_mail_destiny: 1 (0%)71, fwd-connect: 34
> (10%)81, fwd-mail-fr
> om: 3 (1%)82, fwd-rcpt-to: 2 (0%)82, fwd-data-cmd: 0 (0%)82,
> write-header: 1 (0%)83, fwd-data-contents: 0 (0%)83, fwd-data-end: 45
> (13%)96, fwd-rundown: 2 (1
> %)96, prepare-dsn: 1 (0%)96, main_log_entry: 4 (1%)98, update_snmp: 5
> (1%)99, SMTP pre-response: 0 (0%)99, SMTP response: 2 (1%)100,
> unlink-1-files: 0 (0%)10
> 0, rundown: 1 (0%)100
> Feb 16 13:28:10 smtp amavis[1556]: (01556-12) extra modules loaded:
> Mail/SpamAssassin/Locales.pm, Mail/SpamAssassin/Plugin/Bayes.pm,
> Mail/SpamAssassin/Plugin
> /BodyEval.pm, Mail/SpamAssassin/Plugin/Check.pm,
> Mail/SpamAssassin/Plugin/DNSEval.pm,
> Mail/SpamAssassin/Plugin/HTMLEval.pm, Mail/SpamAssassin/Plugin/HTTPSMis
> match.pm, Mail/SpamAssassin/Plugin/HeaderEval.pm,
> Mail/SpamAssassin/Plugin/ImageInfo.pm,
> Mail/SpamAssassin/Plugin/MIMEEval.pm, Mail/SpamAssassin/Plugin/Relay
> Eval.pm, Mail/SpamAssassin/Plugin/URIEval.pm,
> Mail/SpamAssassin/Plugin/VBounce.pm, Mail/SpamAssassin/Plugin/WLBLEval.pm
> Feb 16 13:28:12 smtp postfix/local[19907]: 468E778A43E4:
> to=<sbielenberg at example.net>, orig_to=<postmaster at example.net>,
> relay=local, delay=2, status=sent (deliv
> ered to command: exec /usr/bin/procmail)
> Feb 16 13:28:12 smtp postfix/qmgr[17775]: 468E778A43E4: removed
>
>
>
> --
> _______________________________________________
> Postfixbuch-users -- http://www.postfixbuch.de
> Heinlein Professional Linux Support GmbH
>
> Postfixbuch-users at listen.jpberlin.de
> https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users
Mehr Informationen über die Mailingliste Postfixbuch-users