[Postfixbuch-users] Postscreen und mehrere IP-Adressen
Hanns Mattes
hanns at hannsmattes.de
Di Mai 24 00:00:12 CEST 2011
Jim Knuth <jk at jkart.de> schrieb:
>am 23.05.11 21:50 schrieb Hanns Mattes <hanns at hannsmattes.de>:
>
>> Damit renne ich in den Fehler "postfix/postscreen[21182]: warning:
>> cannot connect to service private/smtpd: Connection refused". Hatten wir
>> schon 'mal auf der Liste, aber irgendwie finde ich die Lösung nicht.
>
>ja, war bei mir. ;) Hatte mit chroot zu tun. Ergo:
>3. Option auf n setzen.
Das war's wohl nicht. Anbei eine Test-master.cf, mit der es nicht
geht. Sieht einer etwas, was ich mittlerweile nicht mehr sehe und sind
weitere Konfigurations-Infos nötig?
#
# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
### Standard ###
213.239.197.36:smtp inet n - n - 1 postscreen
213.239.197.36:smtpd pass - - n - - smtpd
-o smtpd_proxy_filter=localhost:10024
-o content_filter=
dnsblog unix - - n - 0 dnsblog
tlsproxy unix - - n - 0 tlsproxy
# ### Einlieferung eigene Nutzer
88.198.91.238:smtp inet n - n - 100 smtpd
-o smtpd_proxy_filter=localhost:10028
-o smtpd_etrn_restrictions=reject
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sasl_auth_enable=yes
-o content_filter=
88.198.91.238:smtps inet n - n - 100 smtpd
-o smtpd_etrn_restrictions=reject
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_tls_wrappermode=yes
-o smtpd_proxy_filter=localhost:10028
-o smtpd_sasl_auth_enable=yes
-o content_filter=
88.198.91.238:submission inet n - n - 50 smtpd
-o smtpd_etrn_restrictions=reject
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sasl_auth_enable=yes
-o smtpd_proxy_filter=localhost:10028
-o content_filter=
#628 inet n - n - - qmqpd
pickup fifo n - y 60 1 pickup
# -o content_filter=smtp:[localhost]:10028
cleanup unix n - y - 0 cleanup
qmgr fifo n - y 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - y - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - y - - showq
error unix - - y - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n y - - virtual
lmtp unix - - y - - lmtp
anvil unix - - n - 1 anvil
localhost:10025 inet n - y - - smtpd
-o content_filter=
-o smtpd_proxy_filter=
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=
-o mynetworks=127.0.0.0/8
-o receive_override_options=no_unknown_recipient_checks
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -w 90 -d ${recipient}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
retry unix - - n - - error
# gnarwl autoresponder
# gnarwl unix - n n - - pipe
# flags=F user=gnarwl argv=/usr/local/bin/gnarwl -a ${user}@${nexthop} -s ${sender}
gnarwl unix - n n - - pipe
flags=F user=gnarwl argv=/usr/bin/gnarwl -a $(user) -s $sender
# dovecot unix - n n - 10 pipe
# flags=DDRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
dovecot unix - n n - 10 pipe
flags=DDRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${user}@${domain} -n -m ${extension}
proxywrite unix - - n - 1 proxymap
Ratlose Grüße
Hanns
--
A: Weil es die Lesbarkeit des Textes verschlechtert.
F: Warum ist TOFU so schlimm?
A: TOFU
F: Was ist das groesste Aergernis im Usenet?
Mehr Informationen über die Mailingliste Postfixbuch-users