Seltsame Mails in Root/maildir


Die Frage ist eher, warum Dein Postfix so einen Terror veranstaltet, wenn eine Mail kommt, wo der Empfänger unbekannt ist. Mit einem 5xx ablehnen und vergessen wäre m.E. die sinnvollere Maßnahme.

Genau das ist eben dieses was mir auch den Kopf zermartert.:o
 
Die Frage ist eher, warum Dein Postfix so einen Terror veranstaltet, wenn eine Mail kommt, wo der Empfänger unbekannt ist.
Weil Postfix immer noch falsch konfiguriert ist. Während des EHLO wird die Fähigkeit zur Verschlüsselung nach STARTTLS annonciert; tatsächlich kann dieser Dienst wegen Konfigurations-/Installationsfehlern nicht verwendet werden. Offensichtlich verwendet der SPAMMER TLS (vielleicht, weil das bei manchen SPAM-Filtern eindruck macht??) und löst dadurch das Verhalten aus.

Also einfach TLS abstellen oder nach einem der zahlreichen HOWTOs einrichten.

Genau das ist eben dieses was mir auch den Kopf zermartert.
Steht doch alles deutlich in den Log-Dateien ;)
 
Hmm Howtos hab ich keine gefunden.:(

Was soll ich denn genau machen? Im Log steht dieses:

Code:
Dec 19 10:20:38 golf720 postfix/smtpd[1536]: warning: cannot get certificate from file /etc/postfix/ssl/smtpd.crt
Dec 19 10:20:38 golf720 postfix/smtpd[1536]: warning: TLS library problem: 1536:error:02001002:system library:fopen:No such file or directory:bss_file.c:352:fopen('/etc/postfix/ssl/smtpd.crt','r'):
Dec 19 10:20:38 golf720 postfix/smtpd[1536]: warning: TLS library problem: 1536:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
Dec 19 10:20:38 golf720 postfix/smtpd[1536]: warning: TLS library problem: 1536:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:720:
Dec 19 10:20:38 golf720 postfix/smtpd[1536]: cannot load RSA certificate and key data

Und Mails die über den Bounce ins Root gesendet werden dazu steht das im Log:

Code:
Dec 19 10:15:49 golf720 postfix/smtpd[1359]: warning: 151.1.157.31: hostname host31-157-1-151.nice.net verification failed: Name or service not known
Dec 19 10:15:49 golf720 postfix/smtpd[1359]: connect from unknown[151.1.157.31]
Dec 19 10:15:49 golf720 postfix/smtpd[1359]: NOQUEUE: reject: RCPT from unknown[151.1.157.31]: 450 4.7.1 Client host rejected: cannot find your hostname, [151.1.157.31]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<satmedia.carisma-italia.com>
Dec 19 10:15:49 golf720 postfix/cleanup[1366]: BB15F1FA41CF: message-id=<[email protected]>
Dec 19 10:15:49 golf720 postfix/qmgr[7740]: BB15F1FA41CF: from=<[email protected]>, size=1033, nrcpt=1 (queue active)
Dec 19 10:15:49 golf720 postfix/smtpd[1359]: disconnect from unknown[151.1.157.31]
Dec 19 10:15:50 golf720 postfix/local[1367]: BB15F1FA41CF: to=<[email protected]>, orig_to=<postmaster>, relay=local, delay=0.34, delays=0.19/0/0/0.15, dsn=2.0.0, status=sent (delivered to maildir)
Dec 19 10:15:50 golf720 postfix/qmgr[7740]: BB15F1FA41CF: removed

Auch Spamassassin meckert ein bisschen rum.

Code:
Dec 17 15:49:48 golf720 spamd[21227]: spamd: child 21229 killed successfully 
Dec 17 15:49:48 golf720 spamd[21227]: spamd: child 21228 killed successfully 
Dec 17 15:49:49 golf720 spamd[21227]: config: failed to parse line, skipping, in "/etc/mail/spamassassin/local.cf": use_dcc 1 
Dec 17 15:49:49 golf720 spamd[21227]: config: failed to parse, now a plugin, skipping, in "/etc/mail/spamassassin/local.cf": ok_languages all 
Dec 17 15:49:49 golf720 spamd[21227]: logger: removing stderr method 
Dec 17 15:49:49 golf720 spamd[7784]: rules: meta test FM_DDDD_TIMES_2 has dependency 'FH_HOST_EQ_D_D_D_D' with a zero score 
Dec 17 15:49:49 golf720 spamd[7784]: rules: meta test FM_SEX_HOSTDDDD has dependency 'FH_HOST_EQ_D_D_D_D' with a zero score 
Dec 17 15:49:49 golf720 spamd[7784]: rules: meta test HS_PHARMA_1 has dependency 'HS_SUBJ_ONLINE_PHARMACEUTICAL' with a zero score 
Dec 17 15:49:49 golf720 spamd[7784]: spamd: server started on port 783/tcp (running version 3.2.3) 
Dec 17 15:49:49 golf720 spamd[7784]: spamd: server pid: 7784 
Dec 17 15:49:49 golf720 spamd[7784]: spamd: server successfully spawned child process, pid 7785 
Dec 17 15:49:49 golf720 spamd[7784]: spamd: server successfully spawned child process, pid 7786 
Dec 17 15:49:49 golf720 spamd[7784]: prefork: child states: II

Das sind die einzigsten Fehler bzw Warnungen die noch im Log stehen
 
Hier noch mal meine aktuelle Postfix main.cf:

Code:
readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
bounce_queue_lifetime = 48h
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
#virtual_alias_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
program_directory = /usr/lib/postfix
masquerade_domains = no
mydestination = mydestination = $myhostname, localhost.$mydomain
myhostname = mail.host-xxx.xxx
disable_dns_lookups = no
mailbox_command = 
mailbox_transport =
smtpd_sender_restrictions = hash:/etc/postfix/access
strict_rfc821_envelopes = no
#smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks check_relay_domains permit_inet_interfaces reject_unknown_client
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated permit_inet_interfaces reject_unknown_client permit_sasl_authenticated reject_unlisted_recipient reject_unauth_destination
smtp_sasl_auth_enable = no
smtp_use_tls = yes
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
smtpd_sasl_local_domain = 
smtpd_tls_auth_only = no 
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
mynetworks_style = host
home_mailbox = Maildir/
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes

### PARALLELS CONFIXX POSTFIX ENTRY ###

virtual_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains

### /PARALLELS CONFIXX POSTFIX ENTRY ###
maximal_queue_lifetime = 48h
queue_run_delay = 1000s
minimal_backoff_time = 1000s
ipc_idle = 100s
default_destination_concurrency_limit = 5
default_destination_recipient_limit = 25
 

Back
Top