[Novalug] new email server breaks when adding amavis

Jay Hart jhart at kevla.org
Thu Jan 11 23:40:03 EST 2007 

I would think if you left that blank you might could be setup for use as a
spam relay?

Jay

> I have not specified that setting at all (not in my main.cf).  The
> default for that setting is what you have defined in your file.
>
> Ken
>
> Jay Hart wrote:
>> Ken,
>>
>> I'll have to check most of what you ask, but it will be tomorrow before I
>> have
>> some answers. I would the SW versions sound about right.
>>
>> What options are you using for smtpd_recipient_restrictions?
>>
>> Jay
>>
>>> I'm assuming you mean amavisd-new.
>>>
>>> I am running the exact same configuration but on Gentoo.
>>>
>>> mail-mta/postfix-2.2.10
>>> mail-filter/amavisd-new-2.4.4
>>> mail-client/squirrelmail-1.4.9a
>>> net-mail/courier-imap-4.0.1
>>> app-antivirus/clamav-0.88.7-r2
>>>
>>> Also-
>>> mail-filter/spamassassin-3.1.7
>>> app-antivirus/f-prot-4.6.5
>>> app-antivirus/bitdefender-console
>>>
>>> Amavis is really supposed to detect what you have installed on startup
>>> and leverage it.  It will also assign a priority to the antivirus
>>> packages and use the additional ones as a backup.
>>>
>>> Is there any tell tale signs inside your LOG files for amavis? Also, did
>>> you start the daemon, its not just a binary that you call, it's a daemon.
>>>
>>> Also, I found that I needed to run clam/freshclam as the amavis UID in
>>> order for it to be able to have proper permissions:
>>>
>>> # ps -ef | grep amavis
>>> amavis   22645     1  0 Jan08 ?        00:00:00 /usr/sbin/clamd
>>> amavis   22647     1  0 Jan08 ?        00:00:00 /usr/bin/freshclam -d
>>> amavis   22835     1  0 Jan08 ?        00:00:11 amavisd (master)
>>> amavis    9678 22835  0 16:50 ?        00:00:23 amavisd (ch11-avail)
>>> amavis    9748 22835  0 17:00 ?        00:00:35 amavisd (ch17-avail)
>>> amavis   10652 22835  0 21:07 ?        00:00:07 amavisd (ch3-avail)
>>> amavis   10919 22835  0 22:10 ?        00:00:05 amavisd (ch2-avail)
>>> postfix  11243 22931  0 23:02 ?        00:00:00 smtp -n smtp-amavis \
>>>  -t unix -u -o smtp_data_done_timeout 1200 -o disable_dns_lookups yes
>>>
>>> Ken
>>>
>>> Jay Hart wrote:
>>>> Additional information:
>>>>
>>>> email:/home/jhart # postconf -n
>>>> alias_maps = hash:/etc/aliases
>>>> biff = no
>>>> broken_sasl_auth_clients = yes
>>>> canonical_maps = hash:/etc/postfix/canonical
>>>> command_directory = /usr/sbin
>>>> config_directory = /etc/postfix
>>>> content_filter = smtp-amavis:[127.0.0.1]:10024
>>>> daemon_directory = /usr/lib/postfix
>>>> debug_peer_level = 2
>>>> defer_transports
>>>> disable_dns_lookups = no
>>>> disable_mime_output_conversion = no
>>>> home_mailbox = Maildir/
>>>> html_directory = /usr/share/doc/packages/postfix/html
>>>> inet_interfaces = all
>>>> inet_protocols = all
>>>> mail_owner = postfix
>>>> mail_spool_directory = /var/mail
>>>> mailbox_command =
>>>> mailbox_size_limit = 0
>>>> mailbox_transport =
>>>> mailq_path = /usr/bin/mailq
>>>> manpage_directory = /usr/share/man
>>>> masquerade_classes = envelope_sender, header_sender, header_recipient
>>>> masquerade_domains =
>>>> masquerade_exceptions = root
>>>> message_size_limit = 10240000
>>>> mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost
>>>> mydomain = kevla.org
>>>> myhostname = email.$mydomain
>>>>
>>>> newaliases_path = /usr/bin/newaliases
>>>> queue_directory = /var/spool/postfix
>>>> readme_directory = /usr/share/doc/packages/postfix/README_FILES
>>>> relayhost = smtp.stickdog.com
>>>> relocated_maps = hash:/etc/postfix/relocated
>>>> sample_directory = /usr/share/doc/packages/postfix/samples
>>>> sender_canonical_maps = hash:/etc/postfix/sender_canonical
>>>> sendmail_path = /usr/sbin/sendmail
>>>> setgid_group = maildrop
>>>> smtp_sasl_auth_enable = no
>>>> smtp_tls_note_starttls_offer = yes
>>>> smtp_use_tls = yes
>>>> smtpd_client_restrictions =
>>>> smtpd_helo_required = no
>>>> smtpd_helo_restrictions =
>>>> smtpd_recipient_restrictions = permit_mynetworks,
>>>> reject_unauth_destination
>>>> smtpd_sasl_auth_enable = yes
>>>> smtpd_sasl_local_domain =
>>>> smtpd_sasl_security_options = noanonymous
>>>> smtpd_sender_restrictions = hash:/etc/postfix/access
>>>> smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
>>>> smtpd_tls_auth_only = no
>>>> smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
>>>> smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
>>>> smtpd_tls_loglevel = 1
>>>> smtpd_tls_received_header = yes
>>>> smtpd_tls_session_cache_timeout = 3600s
>>>> smtpd_use_tls = yes
>>>> strict_8bitmime = no
>>>> strict_rfc821_envelopes = no
>>>> tls_random_source = dev:/dev/urandom
>>>> transport_maps = hash:/etc/postfix/transport
>>>> unknown_local_recipient_reject_code = 550
>>>> virtual_alias_domains = hash:/etc/postfix/virtual
>>>> virtual_alias_maps = hash:/etc/postfix/virtual
>>>>
>>>>> postfix, squirrelmail, courier-imap, amavis, clamav running on Suse 10.2
>>>>>
>>>>> Got a couple of issues:
>>>>>
>>>>> 1. I'm wondering if the second line (ask_deamon) should not have the
>>>>> 127.0.0.1:3310 option.
>>>>>
>>>>> # ### http://www.clamav.net/
>>>>>  ['ClamAV-clamd',
>>>>>    \&ask_daemon, ["CONTSCAN {}\n", "127.0.0.1:3310"], -<not sure this
>>>>> line
>>>>> correct
>>>>>    qr/\bOK$/, qr/\bFOUND$/,
>>>>>    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
>>>>>
>>>>> I think it should be something like:
>>>>> \&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd-socket"]
>>>>>
>>>>> (These settings are from the amavis.conf file)
>>>>>
>>>>> 2. general error messages
>>>>> I haven't figured out how to resolve:
>>>>>
>>>>> Jan 11 21:35:59 email postfix/smtpd[4423]: fatal: parameter
>>>>> "smtpd_recipient_restrictions": specify at least one working instance of:
>>>>> check_relay_domains, reject_unauth_destination, reject, defer or
>>>>> defer_if_permit
>>>>> Jan 11 21:36:00 email postfix/master[3810]: warning: process
>>>>> /usr/lib/postfix/smtpd pid 4423 exit status 1
>>>>> Jan 11 21:36:00 email postfix/master[3810]: warning:
>>>>> /usr/lib/postfix/smtpd:
>>>>> bad command startup -- throttling
>>>>>
>>>>> First line is valid, here is my line from /etc/postfix/main.cf
>>>>> smtpd_recipient_restrictions = permit_mynetworks,
>>>>> reject_unauth_destination
>>>>>
>>>>> Next two errors might be a result of the first one. I think if the smtpd
>>>>> issue
>>>>> is resolved, this might work.
>>>>>
>>>>> I can send out amd receive email if I do not try to enable amavis.  My
>>>>> amavis
>>>>> config is basically identical to my working email server, so I am a lost
>>>>> as
>>>>> to
>>>>> what is causing my problems. I'm wondering if the first issue above is
>>>>> the
>>>>> root cause of amavis breaking email, so I can't send or receive.
>>>>>
>>>>> Any and all help appreciated.
>>>>>
>>>>> Jay Hart
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Novalug mailing list
>>>>> Novalug at calypso.tux.org
>>>>> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>>>>
>>>>
>>>> _______________________________________________
>>>> Novalug mailing list
>>>> Novalug at calypso.tux.org
>>>> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>>
>>
>>
>
>

More information about the Novalug mailing list