Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th December 2010, 21:43
colskinet colskinet is offline
Junior Member
 
Join Date: Aug 2008
Posts: 24
Thanks: 1
Thanked 1 Time in 1 Post
Default More Perfect SpamSnake 10.10 probs!

Hi all

Couple of probs.

1. Do I need to do the "Apply Relay Recipients" section for Exchange (page 4)? It only mentions Exchange 2000/2003, I am running Windows Server 2008R2 and Exchange 2010. I can't get the spamsnake to retrieve a list of usernames/passwords. I've changed all the usernames/passwords in the getadsmtp.pl file but it returns the error "error:The wrong password was supplied or the SASL credentials could not be processed"

2. Monitoring my mail.log is showing the following errors and no mail is getting through to the Baruwa web interface..

Code:
Dec 18 20:24:03 spamsnake postfix/smtpd[3970]: connect from ***.*****.**.uk[***.***.**.**]
Dec 18 20:24:04 spamsnake postfix/spawn[3978]: warning: command /usr/bin/perl exit status 2
Dec 18 20:24:04 spamsnake postfix/smtpd[3970]: warning: premature end-of-input on private/policy while reading input attribute name
Dec 18 20:24:05 spamsnake postfix/spawn[3978]: warning: command /usr/bin/perl exit status 2
Dec 18 20:24:05 spamsnake postfix/smtpd[3970]: warning: premature end-of-input on private/policy while reading input attribute name
Dec 18 20:24:05 spamsnake postfix/smtpd[3970]: warning: problem talking to server private/policy: Connection reset by peer
Dec 18 20:24:05 spamsnake postfix/smtpd[3970]: NOQUEUE: reject: RCPT from ***.****.**.**[***.***.**.**]: 451 4.3.5 Server configuration problem; from=<colin@**.**.**> to=<colin@**.**.**> proto=ESMTP helo=<***.***.**.**>
Dec 18 20:24:05 spamsnake postfix/smtpd[3970]: disconnect from **.***.**.**[***.***.**.**]
Dec 18 20:27:25 spamsnake postfix/anvil[3973]: statistics: max connection rate 1/60s for (smtp:***.***.**.**) at Dec 18 20:24:03
Dec 18 20:27:25 spamsnake postfix/anvil[3973]: statistics: max connection count 1 for (smtp:***.***.**.**) at Dec 18 20:24:03
Dec 18 20:27:25 spamsnake postfix/anvil[3973]: statistics: max cache size 1 at Dec 18 20:24:03
The only other stuff left for me to do is setup email disclaimers, Webmin, etc, nothing that appears vital to make this thing work!

Please help, I feel like I'm almost there but just need to sort these issues out!

Thanks in advance.

Colin
Reply With Quote
Sponsored Links
  #2  
Old 19th December 2010, 02:33
Rocky Rocky is offline
Senior Member
 
Join Date: Oct 2005
Posts: 553
Thanks: 14
Thanked 49 Times in 48 Posts
Default

Looks like the SPF entry is incorrect. Post your master.cf and main.cf.

I'm not sure if the script works with Exchange 2010, but you can use the look_ahead feature as an alternate. You cannot implement both, so it's either relay_recipient hash or look_ahead. If you plan to use relay_recipients hash, then you should disable look_ahead. Give this page a look: http://thelowedown.wordpress.com/200...y-to-exchange/ Otherwise, setup main.cf as described under the postfix section in the guide and enable look_ahead.

Read through the guide carefully, as some things are optional. That is up to you to install should you need those features.
__________________
Home of the SpamSnake

Last edited by Rocky; 19th December 2010 at 03:09.
Reply With Quote
  #3  
Old 19th December 2010, 12:32
colskinet colskinet is offline
Junior Member
 
Join Date: Aug 2008
Posts: 24
Thanks: 1
Thanked 1 Time in 1 Post
Default

Hi Rocky, thanks for the reply.

Here is my main.cf as requested

Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = ESMTP SpamSnake
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = spamsnake.colskinet.co.uk
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = colskinet.co.uk
mydestination =
relayhost =
mynetworks = 127.0.0.0/8, 192.168.1.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
message_size_limit = 10485760
local_transport = error:No local mail delivery
local_recipient_maps =
relay_domains = mysql:/etc/postfix/mysql-relay_domains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-relay_recipients.cf
transport_maps = mysql:/etc/postfix/mysql-transports.cf
virtual_alias_maps = hash:/etc/postfix/virtual
disable_vrfy_command = yes
strict_rfc821_envelopes = no
smtpd_delay_reject = yes
smtpd_recipient_limit = 100
smtpd_helo_required = yes
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, permit
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, permit
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unauth_destination, whitelist_policy, grey_policy, rbl_policy, spf_policy, permit
smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining
smtpd_restriction_classes = spf_policy, rbl_policy, grey_policy, whitelist_policy
spf_policy = check_policy_service unix:private/policy
rbl_policy = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
grey_policy = check_policy_service unix:private/greyfix
whitelist_policy = check_sender_access mysql:/etc/postfix/mysql-global_whitelist.cf
header_checks = regexp:/etc/postfix/header_checks
verify_recipient = reject_unknown_recipient_domain, reject_unverified_recipient
look_ahead = check_recipient_access hash:/etc/postfix/access
unverified_recipient_reject_code = 550
address_verify_map = btree:/var/lib/postfix/verify
Here is my master.cf

Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
   -o content_filter=dfilt:
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
         -o content_filter=
         -o receive_override_options=no_header_body_checks
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

policy unix - n n - - spawn
  user=nobody argv=/usr/bin/perl /usr/lib/post

greyfix    unix  -        n       n       -        -       spawn
   user=nobody  argv=/usr/local/sbin/greyfix   --greylist-delay 60  -/ 24

dfilt     unix    -       n       n       -       -       pipe
    flags=Rq user=filter argv=/etc/postfix/disclaimer -f ${sender} -- ${recipient}

Colin
Reply With Quote
  #4  
Old 19th December 2010, 17:50
colskinet colskinet is offline
Junior Member
 
Join Date: Aug 2008
Posts: 24
Thanks: 1
Thanked 1 Time in 1 Post
Default

I've now fixed this and got the system up and running.

The problem was with some code in my "master.cf" file

It read :

Code:
policy unix - n n - - spawn
  user=nobody argv=/usr/bin/perl /usr/lib/post
When it should have read :

Code:
policy unix - n n - - spawn
  user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl
I'd simply not copied the entire line!

I had an issue of "colin@domain.com" being accepted but "Colin@domain.com" being rejected (450 4.1.1 error) - I assume the case sensitive issue was the problem here? I've removed "reject_unknown_recipient_domain" from main.cf and this seems to have stopped the problem. I've replaced it with "check_relay_domains" - is that the right thing to do?

Thanks
Colin
Reply With Quote
  #5  
Old 19th December 2010, 17:56
Rocky Rocky is offline
Senior Member
 
Join Date: Oct 2005
Posts: 553
Thanks: 14
Thanked 49 Times in 48 Posts
Default

Yes, SPF entry in master.cf was incorrect, glad you caught it.

The system should allow the mail regardless of case, because the domain is specified. Are you using relay recipients or look_ahead?

Also, have you followed my little writeup on how to create the domain admin and the entries for domains and transports? It's under the Baruwa section. Without that section being completed, the system won't relay messages since the relay domains aren't present.
__________________
Home of the SpamSnake
Reply With Quote
  #6  
Old 19th December 2010, 18:01
colskinet colskinet is offline
Junior Member
 
Join Date: Aug 2008
Posts: 24
Thanks: 1
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by Rocky View Post
Yes, SPF entry in master.cf was incorrect, glad you caught it.

The system should allow the mail regardless of case, because the domain is specified. Are you using relay recipients or look_ahead?

Also, have you followed my little writeup on how to create the domain admin and the entries for domains and transports? It's under the Baruwa section. Without that section being completed, the system won't relay messages since the relay domains aren't present.
My /etc/postfix/access file has the following:

Code:
colskinet.co.uk verify_recipient
But look_ahead is also listed in the "smtpd_recipient_restrictions" section of master.cf. I notice there's also a line in that file with "look_ahead = check_recipient_access hash:/etc/postfix/access"

That what you were wanting to know? This part confused me somewhat!

Edit - yes - the whole Baruwa section went without any problems, and I added my domain to it.

Colin
Reply With Quote
  #7  
Old 19th December 2010, 19:28
Rocky Rocky is offline
Senior Member
 
Join Date: Oct 2005
Posts: 553
Thanks: 14
Thanked 49 Times in 48 Posts
Default

Ok, yes, so you can skip the entire relay_recipient script section because your system is setup for look_ahead.

Your setup will send a dummy mail to your exchange to verify(look_ahead) to make sure the user exists. If the user doesn't exist, exchange will reply saying so and postfix will drop the connection. However, you must have exchange setup to act that way if the user doesn't exist.
__________________
Home of the SpamSnake
Reply With Quote
The Following User Says Thank You to Rocky For This Useful Post:
colskinet (19th December 2010)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
MailWatch Error: no rows retrieved from database sergio.arnaldo Server Operation 25 21st March 2011 06:05
The Perfect SpamSnake - Ubuntu Jeos 10.10 - Managing transport relay_domains etc mintydave HOWTO-Related Questions 19 20th January 2011 03:15
MailScanner trouble with DBD-MYSQL sergio.arnaldo Server Operation 11 26th August 2009 18:08
Howtoforge the perfect Server(links) rini90 Installation/Configuration 0 14th December 2008 10:58
SpamSnake SpamAssassin not working? getrav HOWTO-Related Questions 5 23rd June 2008 23:02


All times are GMT +2. The time now is 23:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.