<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-15">
</head>
<body bgcolor="#ffffff" text="#000000">
Hallo,<br>
<br>
ich habe meine Virtuellen User in virtual_alias_domains,
virtual_alias_maps und aliasse in virtual_alias_maps stehen. <br>
Sende ich eine Mail nach (DRAUSSEN) also an eine DOmain die nicht eine
meiner Virtuellen DOmains ist ist es kein SPAM, sende ich aber eine Mail<br>
von Virtdomain an Virtdomain auf meinem Server sagt Amavis das dazu im
Mailheader etc.:<br>
<br>
<pre id="line1">X-Spam-Status: Yes, score=6.18 required=3.5 tests=[RCVD_IN_PBL=3.558,
RCVD_IN_RP_RNBL=1.284, RDNS_DYNAMIC=0.363, S25R_1=0.001,
SPF_SOFTFAIL=0.972, TO_NO_BRKTS_DYNIP=0.001, TVD_SPACE_RATIO=0.001]
autolearn=no
</pre>
Bei Spamassassin steht hier ->
<a class="moz-txt-link-freetext" href="http://wiki.apache.org/spamassassin/Rules/RCVD_IN_PBL">http://wiki.apache.org/spamassassin/Rules/RCVD_IN_PBL</a><br>
das der Absender angeblich in der PBL von SPAMHAUS steht. EIn check auf
spamhaus.org ergibt aber false!!!<br>
<br>
Was macht mein amavis denn hier?<br>
<br>
Hier meine configs:<br>
postconf -n:<br>
<pre wrap=""><small>alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10030
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/delete_10031_header
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = localhost, $myhostname
myhostname = mx02.insentic.de
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
receive_override_options = no_address_mappings
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_error_sleep_time = 5s
smtpd_etrn_restrictions = permit_mynetworks
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_recipient_access hash:/etc/postfix/access reject_unknown_recipient_domain reject_unknown_sender_domain reject_unverified_recipient reject_non_fqdn_recipient reject_non_fqdn_sender reject_invalid_hostname reject_rbl_client combined.njabl.org reject_rbl_client bl.spamcop.net reject_rhsbl_sender dsn.rfc-ignorant.org reject_rhsbl_sender bogusmx.rfc-ignorant.org reject_rhsbl_sender rhsbl.sorbs.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_soft_error_limit = 10
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/pki/postfix/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/postfix/private/postfix.pem
smtpd_use_tls = yes
soft_bounce = yes
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf</small>
<small>virtual_transport = dovecot</small>
und die amavisd.conf:
<small>use strict;
$max_servers = 5; # num of pre-forked children (2..30 is common), -m
$daemon_user = "amavis"; # (no default; customary: vscan or amavis), -u
$daemon_group = "amavis"; # (no default; customary: vscan or amavis), -g
$mydomain = 'mx02.domain.tld'; # a convenient default for other settings
$MYHOME = '/var/amavis'; # a convenient default for other settings, -H
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc.
$QUARANTINEDIR = "/var/virusmails";
$quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine
$db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D
$log_level = 2; # verbosity 0..5, -d
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_facility = 'mail'; # Syslog facility as a string
# e.g.: mail, daemon, user, local0, ... local7
$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
# choose from: emerg, alert, crit, err, warning, notice, info, debug
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$nanny_details_level = 2; # nanny verbosity: 1: traditional, 2: detailed
$enable_dkim_verification = 1; # enable DKIM signatures verification
$enable_dkim_signing = 1; # load DKIM signing code, keys defined by dkim_key
@local_domains_maps = ( [".$mydomain"] ); # list of all local domains
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter
# option(s) -p overrides $inet_socket_port and $unix_socketname
$inet_socket_port = 10030; # listen on this local TCP port(s)
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
originating => 1, # is true in MYNETS by default, but let's make it explicit
os_fingerprint_method => undef, # don't query p0f for internal clients
};
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users
originating => 1, # declare that mail was submitted by our smtp client
allow_disclaimers => 1, # enables disclaimer insertion if available
# notify administrator of locally originating malware
virus_admin_maps => ["virusalert\@$mydomain"],
spam_admin_maps => ["virusalert\@$mydomain"],
warnbadhsender => 1,
# forward to a smtpd service providing DKIM signing service
forward_method => 'smtp:[127.0.0.1]:10027',
# force MTA conversion to 7-bit (e.g. before DKIM signing)
smtpd_discard_ehlo_keywords => ['8BITMIME'],
bypass_banned_checks_maps => [1], # allow sending any file names and types
terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option
};
$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with $unix_socketname
$policy_bank{'AM.PDP-SOCK'} = {
protocol => 'AM.PDP',
auth_required_release => 0, # do not require secret_id for amavisd-release
};
$sa_tag_level_deflt = undef; #2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 3.5; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From
$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam
$bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces
$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
@lookup_sql_dsn = (
['DBI:mysql:database=db;host=127.0.0.1;port=3306',
'user',
'pass']);
$sql_select_policy = 'SELECT name FROM mta_virtual_domains WHERE CONCAT("@",name) IN (%k)';
$virus_admin = "root\@$mydomain"; # notifications recip.
$insert_received_line = 0;
$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain<a class="moz-txt-link-rfc2396E" href="mailto:;#notificationssender$mailfrom_to_quarantine='';#nullreturnpath;usesoriginalsenderifundef@addr_extension_virus_maps=('virus');@addr_extension_banned_maps=('banned');@addr_extension_spam_maps=('spam');@addr_extension_bad_header_maps=('badh');$path='/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';$MAXLEVELS=14;$MAXFILES=1500;$MIN_EXPANSION_QUOTA=100*1024;#bytes(defaultundef,notenforced)$MAX_EXPANSION_QUOTA=300*1024*1024;#bytes(defaultundef,notenforced)$sa_spam_subject_tag='[SPAM]';$defang_virus=1;#MIME-wrappassedinfectedmail$defang_banned=1;#MIME-wrappassedmailcontainingbannedname$defang_by_ccat{+CC_BADH.">"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
@addr_extension_virus_maps = ('virus');
@addr_extension_banned_maps = ('banned');
@addr_extension_spam_maps = ('spam');
@addr_extension_bad_header_maps = ('badh');
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$sa_spam_subject_tag = '[SPAM] ';
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$defang_by_ccat{+CC_BADH."</a>,3"} = 1; # NUL or CR character in header
$defang_by_ccat{+CC_BADH.",5"} = 1; # header line longer than 998 characters
$defang_by_ccat{+CC_BADH.",6"} = 1; # header field syntax error
$myhostname = 'mx02.insentic.de'; # must be a fully-qualified domain name!
$notify_method = 'smtp:[127.0.0.1]:10031';
$forward_method = 'smtp:[127.0.0.1]:10031'; # set to undef with milter!
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS;
$bad_header_quarantine_method = u<small>ndef;</small>
$spam_quarantine_to = undef;
</small>Weiss jemand warum er mir da diesen Fehler in den SPAM TAG schreibt?
Und warum er das nur macht, wenn ich zwischen den virtuell gehosteten Domains versende?
</pre>
Gruß,<br>
Marcel<br>
<pre class="moz-signature" cols="72">--
Marcel Hartmann (webdeveloper && project manager)
<a class="moz-txt-link-abbreviated" href="mailto:mail@marcel-hartmann.com">mail@marcel-hartmann.com</a> // <a class="moz-txt-link-abbreviated" href="http://www.marcel-hartmann.com">www.marcel-hartmann.com</a></pre>
</body>
</html>