[Postfixbuch-users] Postscreen und mehrere IP-Adressen

Hanns Mattes hanns at hannsmattes.de
Di Mai 24 00:00:12 CEST 2011


Jim Knuth <jk at jkart.de> schrieb:

>am 23.05.11 21:50 schrieb Hanns Mattes <hanns at hannsmattes.de>:
>
>> Damit renne ich in den Fehler "postfix/postscreen[21182]: warning:
>> cannot connect to service private/smtpd: Connection refused". Hatten wir
>> schon 'mal auf der Liste, aber irgendwie finde ich die Lösung nicht.
>
>ja, war bei mir. ;) Hatte mit chroot zu tun. Ergo:
>3. Option auf n setzen.

Das war's wohl nicht. Anbei eine Test-master.cf, mit der es nicht
geht. Sieht einer etwas, was ich mittlerweile nicht mehr sehe und sind
weitere Konfigurations-Infos nötig?

#
# Postfix master process configuration file.  For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
### Standard ###
213.239.197.36:smtp      inet  n       -       n       -       1       postscreen

213.239.197.36:smtpd     pass  -       -       n       -       -       smtpd
 							-o smtpd_proxy_filter=localhost:10024
 							-o content_filter=

dnsblog   		 unix  -       -       n       -       0       dnsblog
tlsproxy  		 unix  -       -       n       -       0       tlsproxy

# ### Einlieferung eigene Nutzer
88.198.91.238:smtp      inet  n       -       n       -       100     smtpd  
							-o smtpd_proxy_filter=localhost:10028
							-o smtpd_etrn_restrictions=reject
							-o smtpd_client_restrictions=permit_sasl_authenticated,reject
							-o smtpd_sasl_auth_enable=yes 
							-o content_filter=
88.198.91.238:smtps    inet  n       -       n       -       100       smtpd  
							-o smtpd_etrn_restrictions=reject
							-o smtpd_client_restrictions=permit_sasl_authenticated,reject
							-o smtpd_tls_wrappermode=yes 
							-o smtpd_proxy_filter=localhost:10028
							-o smtpd_sasl_auth_enable=yes
							-o content_filter=
88.198.91.238:submission   inet    n       -       n       -      50  smtpd 
							-o smtpd_etrn_restrictions=reject
							-o smtpd_client_restrictions=permit_sasl_authenticated,reject
							-o smtpd_sasl_auth_enable=yes 
							-o smtpd_proxy_filter=localhost:10028
							-o content_filter=


#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       y       60      1       pickup
#	  -o content_filter=smtp:[localhost]:10028
cleanup   unix  n       -       y       -       0       cleanup
qmgr      fifo  n       -       y       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       y       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
	-o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       y       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
localhost:10025 inet	n	-	y	-	-	smtpd
							-o content_filter=
							-o smtpd_proxy_filter=
							-o smtpd_authorized_xforward_hosts=127.0.0.0/8
							-o smtpd_client_restrictions=
							-o smtpd_helo_restrictions=
							-o smtpd_sender_restrictions=
							-o smtpd_recipient_restrictions=permit_mynetworks,reject
							-o smtpd_data_restrictions=
							-o mynetworks=127.0.0.0/8
							-o receive_override_options=no_unknown_recipient_checks
scache	  unix	-	-	n	-	1	scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -w 90 -d ${recipient}
cyrus	  unix	-	n	n	-	-	pipe
  user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp	  unix	-	n	n	-	-	pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail  unix  -       n       n       -       -       pipe
  flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
retry     unix  -       -       n       -       -       error
# gnarwl autoresponder
# gnarwl    unix  -       n       n       -       -       pipe
# flags=F  user=gnarwl argv=/usr/local/bin/gnarwl -a ${user}@${nexthop} -s ${sender}
gnarwl    unix  -       n       n       -       -       pipe
  flags=F  user=gnarwl argv=/usr/bin/gnarwl -a $(user) -s $sender 
# dovecot  unix  -       n       n       -       10       pipe
#   flags=DDRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
dovecot  unix  -       n       n       -       10       pipe
  flags=DDRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${user}@${domain} -n -m ${extension}
proxywrite unix -       -       n       -       1       proxymap


Ratlose Grüße

Hanns

-- 
A: Weil es die Lesbarkeit des Textes verschlechtert.
F: Warum ist TOFU so schlimm?
A: TOFU
F: Was ist das groesste Aergernis im Usenet?



Mehr Informationen über die Mailingliste Postfixbuch-users