Hallo,
folgendes ist konfiguriert, und funktioniert auch problemlos:
transport
Zwischenschalten möchte ich nun noch Amavis fürs Filtering.
Das System an sich greift auf eine MySQL basierte VUser realisierung zurück, wo natürlich für die Domain keine Benutzer eingerichtet sind.
postconf -n
Die DOC-Pfade spiegeln nicht die wirkliche Version wieder, update ich nur nie
Postfix 2.5.7 ist installiert.
master.cf
Wie bekomm ichs nun hin, den Amavis da zwischen zu schalten, ohne den Umweg über die DB? Ich steh da grad böse aufm Schlauch.
Edit:
content_filter=smtp-amavis:[127.0.0.1]:10024 in die main.cf rein, und gut .. soviel zum schlauch stehen. Allerdings geht nun zwangsweise ALLES durch amavis, was unschön ist. An einer Lösung, nur das durch Amavis zu schicken, was auch so per MySQL-Implementation eingestellt ist, wäre ich sehr interessiert
folgendes ist konfiguriert, und funktioniert auch problemlos:
transport
Code:
domain smtp:externeIP
Zwischenschalten möchte ich nun noch Amavis fürs Filtering.
Das System an sich greift auf eine MySQL basierte VUser realisierung zurück, wo natürlich für die Domain keine Benutzer eingerichtet sind.
postconf -n
Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 60
bounce_queue_lifetime = 6h
bounce_template_file = /etc/postfix/bounce.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_process_limit = 200
default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} - see http://$rbl_domain or http://postmaster.easyklix2.de/rbl/$rbl_what/$rbl_domain
header_checks = pcre:/etc/postfix/header_checks.pcre
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.4.5/html
inet_interfaces = all
mail_owner = postfix
mailbox_size_limit = 1073741824
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maximal_queue_lifetime = 4d
message_size_limit = 134217728
myhostname = HOST
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
proxy_read_maps = $local_recipient_maps, $mydestination, $virtual_alias_maps, $virtual_uid_maps, $virtual_gid_maps, $virtual_alias_domains, $virtual_mailbox_maps, $virtual_mailbox_domains, $relay_recipient_maps, $relay_domains, $canonical_maps, $sender_canonical_maps, $recipient_canonical_maps, $relocated_maps, $mynetworks
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.5/readme
relay_domains = DOMAIN
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_connect_timeout = 10
smtp_helo_timeout = 60
smtpd_client_connection_count_limit = 25
smtpd_client_connection_rate_limit = 120
smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_multi_recipient_bounce, reject_unauth_pipelining
smtpd_hard_error_limit = 5
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unlisted_recipient, check_policy_service unix:private/whitelist, check_recipient_access mysql:/etc/postfix/virtual_blacklist_maps.cf, check_recipient_access mysql:/etc/postfix/virtual_rfc_recipient_maps.cf, check_policy_service inet:127.0.0.1:10031, check_recipient_access mysql:/etc/postfix/virtual_amavis_maps.cf, reject_unauth_destination
smtpd_reject_unlisted_sender = no
smtpd_restriction_classes = check_blacklist, check_rfc_recipient
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_soft_error_limit = 10
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = proxy:mysql:/etc/postfix/virtual_alias_maps.cf
virtual_gid_maps = proxy:mysql:/etc/postfix/virtual_gid_maps.cf
virtual_mailbox_base = /
virtual_mailbox_domains = proxy:mysql:/etc/postfix/virtual_domains_maps.cf
virtual_mailbox_limit = 1073741824
virtual_mailbox_maps = mysql:/etc/postfix/virtual_mailbox_maps.cf
virtual_minimum_uid = 100
virtual_transport = maildrop
virtual_uid_maps = proxy:mysql:/etc/postfix/virtual_uid_maps.cf
Die DOC-Pfade spiegeln nicht die wirkliche Version wieder, update ich nur nie
master.cf
Code:
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - 200 smtpd
submission inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o receive_override_options=no_address_mappings
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients=
scache unix - - n - 1 scache
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=mail argv=/usr/bin/maildrop -d ${recipient}
#
# whitelist checks
#
whitelist unix - n n - - spawn
user=nobody argv=/usr/libexec/postfix/whitelist
#
# Autoresponder
#
autoreply unix - n n - - pipe
flags=F user=nobody argv=/usr/libexec/postfix/autoresponder $sender $recipient
Wie bekomm ichs nun hin, den Amavis da zwischen zu schalten, ohne den Umweg über die DB? Ich steh da grad böse aufm Schlauch.
Edit:
content_filter=smtp-amavis:[127.0.0.1]:10024 in die main.cf rein, und gut .. soviel zum schlauch stehen. Allerdings geht nun zwangsweise ALLES durch amavis, was unschön ist. An einer Lösung, nur das durch Amavis zu schicken, was auch so per MySQL-Implementation eingestellt ist, wäre ich sehr interessiert
Last edited by a moderator: