[Postfixbuch-users] address not listed for hostname
Tobias Koopmann
tobias at koopmann-mail.de
Di Mai 10 09:55:47 CEST 2011
Hallo zusammen,
ich habe ein kleines Problem mit Postfix und bin mit meinem latein am
Ende.
Folgendes Szenario.
Ganz kurz OT, aber zur Vollständigkeit:
Ich arbeite mit Roundcube(läuft nativ auf dem Postfix-System). Wenn ich
Roundcube anweise sich über localhost:25 mit Postfix zu verbinden, darf
es aufgrund mynetworks einfach relayen.
Ich möchte aber gerne, dass sich Roundcube über SASL mit dem aktuell
angemeldeten Benutzer authentifiziert.
Nun erhalte ich jedoch eine Warnung von postfix, dass die IP nicht für
meinen Hostnamen gelistet ist:
May 9 22:23:19 winnetou postfix/tlsmgr[6759]: open smtp TLS cache
btree:/var/lib/postfix/smtp_scache
May 9 22:23:19 winnetou postfix/tlsmgr[6759]: tlsmgr_cache_run_event:
start TLS smtp session cache cleanup
May 9 22:23:19 winnetou postfix/smtpd[6757]: warning:
2a01:4f8:63:11c2::2: address not listed for hostname
winnetou.kokelnet.de
May 9 22:23:19 winnetou postfix/smtpd[6757]: connect from
unknown[2a01:4f8:63:11c2::2]
May 9 22:23:19 winnetou postfix/smtpd[6757]: NOQUEUE:
client=unknown[2a01:4f8:63:11c2::2], sasl_method=LOGIN,
sasl_username=tobias at koopmann-mail.de
May 9 22:23:19 winnetou postfix/smtpd[6763]: connect from
localhost[127.0.0.1]
May 9 22:23:19 winnetou postfix/smtpd[6763]: B9B4C1ED7:
client=localhost[127.0.0.1]
May 9 22:23:19 winnetou postfix/cleanup[6764]: B9B4C1ED7:
message-id=<82d2730d141d920ecbf2ee04b0d81fdd at koopmann-mail.de>
May 9 22:23:19 winnetou postfix/qmgr[6739]: B9B4C1ED7:
from=<tobias at koopmann-mail.de>, size=1865, nrcpt=1 (queue active)
May 9 22:23:19 winnetou postfix/smtpd[6763]: disconnect from
localhost[127.0.0.1]
In /etc/hosts ist aber meiner Meinung nach alles ok:
127.0.0.1 localhost
88.198.36.2 winnetou.kokelnet.de winnetou
::1 ip6-localhost ip6-loopback
2a01:4f8:63:11c2::2 winnetou.kokelnet.de winnetou
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
und mein Server kann den DNS-Namen auch korrekt auflösen.
Ich verstehe nicht, warum Postfix sagt die IP wäre nicht gelistet für
meinen Hostnamen.
Ich hoffe, hier kann mir jemand weiterhelfen und alle dafür nötigen
Informationen stehen zur Verfügung.
Wenn nicht, sagt was ihr braucht, das ist kein Problem.
hier die Postfix-Config:
main.cf:
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
readme_directory = /usr/share/doc/postfix
delay_warning_time = 24h
myhostname = winnetou.kokelnet.de
mydomain = kokelnet.de
myorigin = $mydomain
mynetworks_style = host
alias_maps = proxy:btree:/etc/aliases
alias_database = proxy:btree:/etc/aliases
mydestination = localhost.$mydomain, $myhostname, lists.$mydomain
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
html_directory = /usr/share/doc/postfix/html
mail_owner = postfix
bounce_queue_lifetime = 5d
message_size_limit = 51200000
mailman_destination_recipient_limit = 1
default_database_type = btree
header_checks = pcre:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/kokelnet_cert.pem
smtpd_tls_key_file = /etc/ssl/private/kokelnet_private.pem
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_auth_only = yes
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtp_tls_session_cache_timeout = 3600s
smtp_tls_cert_file = /etc/ssl/certs/kokelnet_cert.pem
smtp_tls_key_file = /etc/ssl/private/kokelnet_private.pem
tls_random_source = dev:/dev/urandom
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
address_verify_map = btree:${data_directory}/verify
# Virtual mailbox settings
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_catchall_maps.cf
virtual_alias_maps =
proxy:btree:/var/lib/mailman/data/virtual-mailman,
proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_maps.cf
virtual_mailbox_limit =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn
his diskspace quota, please try again later.
virtual_overquota_bounce = yes
virtual_minimum_uid = 150
virtual_uid_maps = static:150
virtual_gid_maps = static:8
virtual_transport = dovecot
transport_maps = proxy:btree:/etc/postfix/transport
dovecot_destination_recipient_limit = 1
# SASL Authentication
smtpd_sasl_auth_enable = yes
#smtpd_sasl_exceptions_networks = $mynetworks
#smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_recipient_restrictions =
# Postmaster, abuse und andere Role-Accounts whitelisten
check_recipient_access btree:/etc/postfix/access_recipient-rfc,
# White- und Blacklisting
check_client_access cidr:/etc/postfix/access_client,
check_helo_access btree:/etc/postfix/access_helo,
check_sender_access btree:/etc/postfix/access_sender,
check_recipient_access btree:/etc/postfix/access_recipient,
# Keine unsauberen Mails annehmen!
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
# Eigene Nutzer erlauben!
permit_sasl_authenticated,
permit_mynetworks,
# RBL checken
reject_rbl_client zen.spamhaus.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client dnsbl.sorbs.net,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rhsbl_client blackhole.securitysage.com,
# Policyd-Weight
check_policy_service inet:127.0.0.1:12525,
# Greylisting checken!
check_policy_service inet:127.0.0.1:10023,
# Wir pruefen dynamisch auf existente Relay-Empfaenger
reject_unverified_recipient,
# Backup MX erlauben!
# permit_mx_backup,
# Alles andere Relaying verbieten!
reject_unauth_destination,
# Was bisher ueberlebt hat darf durch!
permit
default_rbl_reply = $rbl_code We're fighting against spam activities!
smtpd_delay_reject = yes
smtpd_helo_required = yes
# AMaViS Daemon
content_filter = smtp-amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
master.cf:
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
#
==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
#
==========================================================================
smtp inet n - - - - smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_proxy_timeout=200
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_proxy_filter=127.0.0.1:10024
dovecot unix - n n - - pipe
flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -f ${sender}
-d ${recipient}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
vacation unix - n n - - pipe
flags=DRhu user=vacation argv=/usr/bin/perl
/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
-o local_header_rewrite_clients=
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o smtp_fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
postconf -n:
address_verify_map = btree:${data_directory}/verify
alias_database = proxy:btree:/etc/aliases
alias_maps = proxy:btree:/etc/aliases
biff = no
body_checks = pcre:/etc/postfix/body_checks
bounce_queue_lifetime = 5d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
default_database_type = btree
default_rbl_reply = $rbl_code We're fighting against spam activities!
delay_warning_time = 24h
header_checks = pcre:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 0
message_size_limit = 51200000
mydestination = localhost.$mydomain, $myhostname, lists.$mydomain
mydomain = kokelnet.de
myhostname = winnetou.kokelnet.de
mynetworks_style = host
myorigin = $mydomain
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_cert_file = /etc/ssl/certs/kokelnet_cert.pem
smtp_tls_key_file = /etc/ssl/private/kokelnet_private.pem
smtp_tls_loglevel = 2
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_session_cache_timeout = 3600s
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions = check_recipient_access
btree:/etc/postfix/access_recipient-rfc, check_client_access
cidr:/etc/postfix/access_client, check_helo_access
btree:/etc/postfix/access_helo, check_sender_access
btree:/etc/postfix/access_sender, check_recipient_access
btree:/etc/postfix/access_recipient, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_sender_domain,
reject_unknown_recipient_domain, permit_sasl_authenticated,
permit_mynetworks, reject_rbl_client zen.spamhaus.org,
reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client
bl.spamcop.net, reject_rbl_client dnsbl.njabl.org,
reject_rbl_client dnsbl.sorbs.net, reject_rhsbl_sender
blackhole.securitysage.com, reject_rhsbl_client
blackhole.securitysage.com, check_policy_service inet:127.0.0.1:12525,
check_policy_service inet:127.0.0.1:10023,
reject_unverified_recipient, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/kokelnet_cert.pem
smtpd_tls_key_file = /etc/ssl/private/kokelnet_private.pem
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
transport_maps = proxy:btree:/etc/postfix/transport
virtual_alias_maps = proxy:btree:/var/lib/mailman/data/virtual-mailman,
proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_maps.cf
virtual_gid_maps = static:8
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_catchall_maps.cf
virtual_minimum_uid = 150
virtual_transport = dovecot
virtual_uid_maps = static:150
Mfg,
Tobias Koopmann
------------------------------------------------------------------
...and I will promise to go on as long as you want me to,
and I will dream along and help to make it real for you, too...
(the mirror & the lie - Motorpsycho)
------------------------------------------------------------------
Mehr Informationen über die Mailingliste Postfixbuch-users