Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 17th December 2010, 18:06
mintydave mintydave is offline
Junior Member
 
Join Date: Dec 2010
Posts: 23
Thanks: 2
Thanked 0 Times in 0 Posts
Default

I now have my second new snake in production after getting the whitelisting working.

When I set up the original user accounts in barawa in order to manage the transports for each domain, I set about half of the admin account to receive the quarantine report and the other half to not receive them.

So this morning, I woke up to 400 quarantine reports for each of the domain admins' respective domains. So I went into baruwa->settings->accounts and edited each account and unchecked "send report"

Those admins set to not receive are still receiving the quarantine reports. Am I missing where to actually disable the quarantine report?


Thank you for your assistance,

Dave
Deconn Technical Services
Reply With Quote
Sponsored Links
  #12  
Old 19th December 2010, 02:35
Rocky Rocky is offline
Senior Member
 
Join Date: Oct 2005
Posts: 553
Thanks: 14
Thanked 49 Times in 48 Posts
Default

Ok, as a temp, open cron and comment out the send pdf reports job. That should prevent the system from sending anymore reports.

I'll have Andrew follow up with this.
__________________
Home of the SpamSnake
Reply With Quote
  #13  
Old 19th December 2010, 06:20
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
Default

Quote:
Originally Posted by mintydave View Post

Those admins set to not receive are still receiving the quarantine reports. Am I missing where to actually disable the quarantine report?
If the send quarantine report option is off, a report will definitely not be sent out.
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #14  
Old 24th December 2010, 15:52
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
Default

Quote:
Originally Posted by mintydave View Post
I now have my second new snake in production after getting the whitelisting working.

When I set up the original user accounts in barawa in order to manage the transports for each domain, I set about half of the admin account to receive the quarantine report and the other half to not receive them.

So this morning, I woke up to 400 quarantine reports for each of the domain admins' respective domains. So I went into baruwa->settings->accounts and edited each account and unchecked "send report"

Those admins set to not receive are still receiving the quarantine reports. Am I missing where to actually disable the quarantine report?


Thank you for your assistance,

Dave
Deconn Technical Services
You may have this problem here http://www.howtoforge.com/forums/sho...474#post247474
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #15  
Old 15th January 2011, 01:05
mintydave mintydave is offline
Junior Member
 
Join Date: Dec 2010
Posts: 23
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Rocky View Post
If an entry is found in the whitelist, it bypasses grey, rbl, spf and mailscanner checks. This was something I thought long and hard about because I wanted to have a common whitelist.
Rocky,

I have a conern that on my spamsnake the whitelist managed in Barawa is not behaving as you state above.

I have the following IP in my whitelist:
Code:
46     Any address     216.241.219.0
Then I get this in my syslog:
Code:
Jan 14 14:36:09 curve postfix/smtpd[17734]: NOQUEUE: reject: RCPT from mailout-01.cobaltgroup.com[216.241.219.148]: 450 4.7.1 <fleetguy@carlburger.com>: Recipient address rejected: SPF-Result=mailout-01-n2.tuk.cobaltgroup.com: 'SERVFAIL' error on DNS 'SPF' lookup of 'mailout-01-n2.tuk.cobaltgroup.com'; from=<214425@crm.cobaltgroup.com> to=<nickd@carlburger.com> proto=ESMTP helo=<mailout-01-n2.tuk.cobaltgroup.com>
Just to cover myself, I researched how the SPF actually works and it appears that there should be an SPF record for "mailout-01-n2.tuk.cobaltgroup.com", but there is not, so that is why the server is failing on the DNS lookup.

However, I would prefer that the whitelist just bypasses all the checks and let's the messages through the snake.

Here is my main.cf:

Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = ESMTP SpamSnake
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = curve.dsh.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = dsh.com
mydestination =
relayhost =
mynetworks = 127.0.0.0/8, 192.168.0.0/16, 10.10.0.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
message_size_limit = 20485760
local_transport = error:No local mail delivery
local_recipient_maps =
relay_domains = mysql:/etc/postfix/mysql-relay_domains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-relay_recipients.cf
transport_maps = mysql:/etc/postfix/mysql-transports.cf
virtual_alias_maps = hash:/etc/postfix/virtual
disable_vrfy_command = yes
strict_rfc821_envelopes = no
smtpd_delay_reject = yes
smtpd_recipient_limit = 100
smtpd_helo_required = yes
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, permit
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, permit
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, permit
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unauth_destination, whitelist_policy, grey_policy, rbl_policy, spf_policy, permit
smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining
smtpd_restriction_classes = spf_policy, rbl_policy, grey_policy, whitelist_policy
spf_policy = check_policy_service unix:private/policy
rbl_policy = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
grey_policy = check_policy_service unix:private/greyfix
whitelist_policy = check_sender_access mysql:/etc/postfix/mysql-global_whitelist.cf
header_checks = regexp:/etc/postfix/header_checks
As always, your input and assistance are greatly appreciated.


Dave.
Deconn Technical Services
Reply With Quote
  #16  
Old 16th January 2011, 04:30
Rocky Rocky is offline
Senior Member
 
Join Date: Oct 2005
Posts: 553
Thanks: 14
Thanked 49 Times in 48 Posts
Default

What happens if you whitelist this ip 216.241.219.148?
__________________
Home of the SpamSnake
Reply With Quote
  #17  
Old 16th January 2011, 06:31
mintydave mintydave is offline
Junior Member
 
Join Date: Dec 2010
Posts: 23
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Rocky View Post
What happens if you whitelist this ip 216.241.219.148?
at 21:24 added:
Code:
52   any     216.241.219.148
I also deleted the 216.241.219.0 entry as noted in the previous post.

I get the same result.

Code:
Jan 15 21:25:24 curve postfix/smtpd[3078]: NOQUEUE: reject: RCPT from mailout-01.cobaltgroup.com[216.241.219.148]: 450 4.7.1 <fleetguy@carlburger.com>: Recipient address rejected: SPF-Result=mailout-01-n2.tuk.cobaltgroup.com: 'SERVFAIL' error on DNS 'SPF' lookup of 'mailout-01-n2.tuk.cobaltgroup.com'; from=<214425@crm.cobaltgroup.com> to=<fleetguy@carlburger.com> proto=ESMTP helo=<mailout-01-n2.tuk.cobaltgroup.com>

Just as a sanity check, I added a /32 whitelist entry for another host and sent mail into the snake and it got hit by the greylist instantly. I used Outlook Express from a Windows host and simply used the spamsnake as the SMTP server to a known good/deliverable address.

After the greylist activity completed, Baruwa shows the message whitelisted:
Code:
2011-01-15 21:22:03  ___@carlburger.com  _____@cwssandiego.com  test 301  1.8 KB 0.0  WL


Dave.
Deconn Technical Services

Last edited by mintydave; 16th January 2011 at 06:48.
Reply With Quote
  #18  
Old 17th January 2011, 16:23
Rocky Rocky is offline
Senior Member
 
Join Date: Oct 2005
Posts: 553
Thanks: 14
Thanked 49 Times in 48 Posts
Default

Hmm, I'll have to look into that. Have you tried using the dns name?
__________________
Home of the SpamSnake
Reply With Quote
  #19  
Old 17th January 2011, 23:51
mintydave mintydave is offline
Junior Member
 
Join Date: Dec 2010
Posts: 23
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Rocky View Post
Have you tried using the dns name?
I assume you mean the hostname of the sending email server. "mailout-01.cobaltgroup.com" in this case.

Done.

No change.

In the mean time, is there a way I can disable SPF just so I can get these emails flowing?


Dave.
Deconn Technical Services.
Reply With Quote
  #20  
Old 20th January 2011, 03:15
Rocky Rocky is offline
Senior Member
 
Join Date: Oct 2005
Posts: 553
Thanks: 14
Thanked 49 Times in 48 Posts
 
Default

The guide has been updated with the fix for this problem.
__________________
Home of the SpamSnake
Reply With Quote
Reply

Bookmarks

Tags
maverick, postfix, spamsnake

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The Perfect SpamSnake - Ubuntu Jeos 10.10 Maverick Meerkat - transportmaps tahussle HOWTO-Related Questions 21 5th December 2010 04:17
The Perfect SpamSnake - Ubuntu Jeos 10.10 Maverick Meerkat tahussle HOWTO-Related Questions 4 3rd December 2010 12:06
Connection timed out on intermail outgoing mails gouravgarg Server Operation 6 5th March 2010 20:31
MailScanner trouble with DBD-MYSQL sergio.arnaldo Server Operation 11 26th August 2009 18:08
SpamSnake SpamAssassin not working? getrav HOWTO-Related Questions 5 23rd June 2008 23:02


All times are GMT +2. The time now is 15:42.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.