spamassassin/clamav setup problem

Discussion in 'Server Operation' started by dipeshmehta, Dec 20, 2008.

  1. dipeshmehta

    dipeshmehta Member

    Hello,

    I have setup my ubuntu 8.04 LTS server as guided in "The Perfect Server (by Falko)". I have not installed ISPConfig.

    Since, this howto do not include spamassassin and clamav setup, I have setup them, as guided in "Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)".

    I am not using MySQL as well as virtual users, I am using system users, therefore I jumped directly to "9 Install amavisd-new, SpamAssassin, And ClamAV" part of the said howto.

    Now, my mails transmitted into internal network, do not get delivered to destinations. If I comment out the added lines in postfix's main.cf and master.cf, it works fine without spamassasin / clamav interaction.

    I know, there should be some silly matter which needs to be configured but cannot figure it out myself. Any suggestions welcome.

    Dipesh
     
  2. falko

    falko Super Moderator ISPConfig Developer

    What's in your mail log?

    What's in /etc/postfix/main.cf and /etc/postfix/master.cf?
     
  3. dipeshmehta

    dipeshmehta Member

    Hello,

    Sorry for re-opening the thread after a long time. Since, the setup is on my production server, I have not been able to run test cases as much.

    Please check my postfix config files as under:

    =======================
    main.cf
    =======================
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    append_dot_mydomain = no
    readme_directory = no
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    #
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    smtp_generic_maps = hash:/etc/postfix/generic
    myorigin = /etc/mailname
    mydestination = hostname.domain.com, localhost.domain.com, localhost.localdomain, localhost, domain.com
    sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_command =
    mailbox_size_limit = 0
    message_size_limit = 25600000
    recipient_delimiter = +
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    home_mailbox = Maildir/
    sender_bcc_maps = hash:/etc/postfix/sender_bcc
    recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options =
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings


    =====================
    master.cf
    =====================
    #
    # Postfix master process configuration file. For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master").
    #
    # Do not forget to execute "postfix reload" after editing this file.
    #
    # ==========================================================================
    # service type private unpriv chroot wakeup maxproc command + args
    # (yes) (yes) (yes) (never) (100)
    # ==========================================================================
    smtp inet n - - - - smtpd
    #submission inet n - - - - smtpd
    # -o smtpd_tls_security_level=encrypt
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    #smtps inet n - - - - smtpd
    # -o smtpd_tls_wrappermode=yes
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    #628 inet n - - - - qmqpd
    pickup fifo n - - 60 1 pickup
    cleanup unix n - - - 0 cleanup
    qmgr fifo n - n 300 1 qmgr
    #qmgr fifo n - - 300 1 oqmgr
    tlsmgr unix - - - 1000? 1 tlsmgr
    rewrite unix - - - - - trivial-rewrite
    bounce unix - - - - 0 bounce
    defer unix - - - - 0 bounce
    trace unix - - - - 0 bounce
    verify unix - - - - 1 verify
    flush unix n - - 1000? 0 flush
    proxymap unix - - n - - proxymap
    proxywrite unix - - n - 1 proxymap
    smtp unix - - - - - smtp
    # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
    relay unix - - - - - smtp
    -o smtp_fallback_relay=
    # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq unix n - - - - showq
    error unix - - - - - error
    retry unix - - - - - error
    discard unix - - - - - discard
    local unix - n n - - local
    virtual unix - n n - - virtual
    lmtp unix - - - - - lmtp
    anvil unix - - - - 1 anvil
    scache unix - - - - 1 scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent. See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop unix - n n - - pipe
    flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp unix - n n - - pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    #
    # Other external delivery methods.
    #
    ifmail unix - n n - - pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp unix - n n - - pipe
    flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    scalemail-backend unix - n n - 2 pipe
    flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman unix - n n - - pipe
    flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
    ${nexthop} ${user}

    amavis unix - - - - 2 smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes

    127.0.0.1:10025 inet n - - - - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restictions=
    -o smtpd_recipient_restictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    -o smtpd_bind_address=127.0.0.1
    ==================

    I have noticed that while sending mails postfix do not read sender_dependent_relayhost_maps and smtp_generic_maps if amavis-new is there in postfix config files. Mails sent to local users do not deliver at all - and mail que status is "mail transport unavailable". Whereas for mails sent to out of the world, it does not being relayed through my ISP mail server, and therefore almost all recipient server reject it.

    At present I have comented out the lines related to amavis, and content filter, and the set up is running very fine.

    Please help me out.

    Thanks in advance.

    Dipesh
     
  4. falko

    falko Super Moderator ISPConfig Developer

    What's in your mail log when you try to send a mail to one of your accounts?
     
  5. dipeshmehta

    dipeshmehta Member

    Hello Falko,

    Following are logs:

    1. When I sent mail to local user:
    2a. When I sent mail to my yahoo id:
    2b. Headers received at yahoo:
    3. When I sent mail to yahoo, after commenting out the lines related to content-filter and amavis into main.cf and master.cf
    and headers received at yahoo
    4. Following is generic maps:
    5. Following is sender_dependant_relay_maps:
    Hope this would suffice the need for investigation, if any more information is required, please tell.

    Dipesh
     
  6. falko

    falko Super Moderator ISPConfig Developer

    Please create a PTR record for the server.
     
  7. dipeshmehta

    dipeshmehta Member

    Hello Falko,

    The Static IP 59.96.84.206 has been provided by my ISP, and following details has been given by him:
    Moreover, if the said error occurs it means that my mail has not been relayed and fired directly. Similarly, what about internal emails?

    Regards,

    Dipesh
     
  8. falko

    falko Super Moderator ISPConfig Developer

    Does 2020503.mx2.banlab.com use valid nameservers in /etc/resolv.conf?
     
  9. dipeshmehta

    dipeshmehta Member

    Hello Falko,

    Thanks for showing interest to solve my problem.

    At this point, I think we are going towards something wrong way. So please let me give a brief idea about my system and environment.

    The host banrjt.banlabs.net is my ubuntu server which has been situated at my office. About more than 50 machines running Windows XP / vista are connected to the same. I have been using ubuntu server as mail server for my internal mails.

    The domain banlab.com is being hosted at my ISP for webhosting as well as email hosting. We have some 15 different mail ids at banlab.com.

    I use getmail (http://www.howtoforge.com/debian_etch_getmail) to fetch mails from ISP POP Mailboxes. ([email protected]). The mails are fetched for [email protected] and there I use .forward for forwarding the mails to associated internal user accounts.

    To send mails internal (i.e. [email protected] to [email protected]), I do not need to configure anything, it works fine. To send mails to outside world, I use sender_dependant_relay_maps, to relay through ISP mail servers (i.e. smtp.banlab.com). Further I use generic maps (http://www.postfix.org/ADDRESS_REWRITING_README.html#generic) to rewrite from: address for outside world.

    All these setup runs without any problem, if I remove
    Code:
    #content_filter = amavis:[127.0.0.1]:10024
    #receive_override_options = no_address_mappings
    from /etc/postfix/main.cf and
    Code:
    #amavis unix - - - - 2 smtp
    	-o smtp_data_done_timeout=1200
    	-o smtp_send_xforward_command=yes
    
    #127.0.0.1:10025 inet n - - - - smtpd
    	-o content_filter=
    	-o local_recipient_maps=
    	-o relay_recipient_maps=
    	-o smtpd_restriction_classes=
    	-o smtpd_client_restrictions=
    	-o smtpd_helo_restrictions=
    	-o smtpd_sender_restictions=
    	-o smtpd_recipient_restictions=permit_mynetworks,reje ct
    	-o mynetworks=127.0.0.0/8
    	-o strict_rfc821_envelopes=yes
    	-o receive_override_options=no_unknown_recipient_chec ks,no_header_body_checks
    	-o smtpd_bind_address=127.0.0.1
    from /etc/postfix/master.cf

    Now coming again to my problem, if I enable above lines in main.cf and master.cf. In the above mentioned log entry 1, you may notice that...
    i. The mail is originated by [email protected] (generic map: [email protected] [email protected])for [email protected] (generic map: [email protected] [email protected])
    ii. The mail is transported as from [email protected] to [email protected], that means it didn't recognised that the mail is internal, and therefore passed through generic maps.
    iii. The mail transported as from [email protected] but didn't relayed through smtp.banlab.com (sender_dependant_relay_maps: [email protected] smtp.banlab.com)
    iv. Due to security measures opted by ISP at banlab.com, the mail was rejected.
    v. For this mail sender_bcc is not generated, which recipient_bcc is generated.

    The similar things happens for log entry 2a & 2b, the mail is transported directly i.e. without relay, and received at yahoo.

    Thanks again for sparing your time to diagnose.

    Dipesh
     
  10. dipeshmehta

    dipeshmehta Member

    * bump *
     
  11. falko

    falko Super Moderator ISPConfig Developer

    I'm afraid I don't know what's wrong with your system.
     
  12. dipeshmehta

    dipeshmehta Member

    Thanks Falko for sparing your time to sort out the issues, no matter whether solved or not.

    Btw, if you wish, I PM you with access rights to my server, to check the things.

    Dipesh
     

Share This Page