Spamsnake - Unable to received mail - Able to send mail

Discussion in 'HOWTO-Related Questions' started by debuguser, Sep 14, 2008.

  1. debuguser

    debuguser New Member

    Good morning,

    Please help!!!

    I tried to setup a spamsnake to filter all incoming mails before relaying to our Exchange server which are located behind a firewall. The Spamsnake is located in a DMZ subnet and my Exchange is located in other subnet. However I am unable to receive mail from external either I have set all port forwarding correctly as I am able to received test mails from Spamsnake. I am able to send out mail. Please see below schema for my setup

    Internet --> Router --> Firewall -->DMZ (Spamsnake 192.168.3.1)-->Exchange (192.168.0.23)

    In postfix I set relay_recipients, the transport_map, the relay_domains. I postmap all these files.

    Please help!!!
     
  2. falko

    falko Super Moderator

    Any errors in the mail log?
     
  3. Rocky

    Rocky New Member

    Have you setup the proper MX records for your spamsnake?
     
  4. debuguser

    debuguser New Member

    I have the below message

    Can't call method "tie_db_readonly" on an undefined value at /usr/share/perl5/Mail/SpamAssassin/Bayes.pm line 1123.

    Enabling SpamAssassin auto-whitelist functionality...
    Process did not exit clearly, returned 255 with signal 0

    postfix/smtpd [7699]: warning: database /etc/postfix/relay_recipients.db is older than source file /etc/postfix/relay_recipients >>> I presume this error can be fix by postmap command right?

    I have one error message that popup on the screen every morning in regard with MailWatch.pm but I am unable to trace the log.

    Regards,
     
  5. debuguser

    debuguser New Member

    Good morning,

    The mail server that I mount have a MX record hosted as my ISP, I check this morning when In read yr. post using the below command

    # dig mx mailserver.domain.com

    However plaese tell me how to check if my MX is in my BIND

    Thanks,
     
  6. Rocky

    Rocky New Member

    I think you have to do:
    dig mx domain.com

    That should list your mx records.

    You have to postmap your relay_recipients file and that will fix the relay error.

    For the bayes issues, make sure you have the following in your spam.assassin.prefs.conf file and make sure to change the values to match your setup:

    #Bayes DB Connection
    bayes_store_module Mail::SpamAssassin::BayesStore::SQL
    bayes_sql_dsn DBI:mysql:sa_bayes:localhost
    bayes_sql_username username
    bayes_sql_password password
    bayes_sql_override_username root
     
    Last edited: Sep 15, 2008
  7. debuguser

    debuguser New Member

    I think the problem that I have is in named.conf in /var/lib/named/etc/bind/named.conf, I am not sure if I do right so can someone give me a sample or shoiw me how-to process.

    Thanks
     
  8. debuguser

    debuguser New Member

    Need a working sample of named.conf

    Can someone provide a working sample of named.conf with MX and A record so I can resolve this problem.
    Please copy and paste or reply with attachment.

    Thanks
     
  9. Rocky

    Rocky New Member

    hey,

    Who's the host of your DNS? They would have to create the records for you. You will need a host record(A) and an MX record for your spamsnake.

    The A record makes it available online and the MX records directs mails over to it.

    You have to get your DNS host to do this for you.
     
  10. debuguser

    debuguser New Member


    Thanks for yr. reply.

    I have a 3 MX host and recorded at my ISP, I have 2 A record but I don't known how-to put in the named.conf, I use MS Exchange so Linux Mail server is new to me.

    Can you provide me a "WORKING" sample of the names.conf

    Thanks,
     
  11. Rocky

    Rocky New Member

    Ok, I think you're a bit confused. What you need to do is to call your DNS host, if you're not hosting your own DNS, and tell them you want the proper A and MX records created for your Spamsnake.

    Bind configuration on your end is very minimum and doesn't require anything more advanced beyond the guide.

    If your Spamsnake is, lets say, mailcatch, then you would tell your DNS host to setup an A record for mailcatch and then setup an MX record point all mails to the public IP of the mailcatch box.

    Hope this sheds some light on the issue for you.

    Rocky
     
  12. shaolinint

    shaolinint New Member

    Hi guys..
    I just finished my spamsnake installation. looks great.
    however, I couldn't sent and receive email.
    I tried to googling and looking a solution on this forum but I couldn't find.
    If I can send an email to myself the message will not appear/deliver on my inbox.

    please help. thank you in advance.
    regards,
    shaolinint.

    Code:
    myorigin = kliacs.com.my
    myhostname = kliacs.com.my
    smtpd_banner = $myhostname ESMTP Server
    biff = no
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
    smtpd_tls_key_file = /etc/ssl/private/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    inet_interfaces = 192.100.102.21
    #relay_domains = hash:/etc/postfix/tigerteam/relay_domains
    mynetworks = 127.0.0.0/8, 192.100.102.0/24, 60.49.217.21
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain = $myhostname
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    mydestination = /etc/postfix/local-host-names
    home_mailbox = Maildir/
    smtp_tls_security_level = may
    smtpd_tls_security_level = may
    
    message_size_limit = 10485760
    relay_recipient_maps = hash:/etc/postfix/tigerteam/relay_recipients
    transport_maps = hash:/etc/postfix/tigerteam/transport
    smtpd_helo_required = yes
    smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/tigerteam/sender_access, reject_non_fqdn_sender
    smtpd_sender_restrictions = reject_non_fqdn_sender
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,check_policy_service unix:private/policy,check_policy_service inet:127.0.0.1:2525,reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com
    reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com, permit
    smtpd_data_restrictions = reject_unauth_pipelining
    header_checks = regexp:/etc/postfix/tigerteam/header_checks
    
    # relay restriction
    disable_vrfy_command = yes
    strict_rfc821_envelopes = yes
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code = 554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_sender_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554
    and some mail.log
    Code:
    =kliacs.com.my; identity=mailfrom; envelope-from="meteinke_1963@AlertStamping.com"; helo=201-254-117-78.speedy.com.ar; client-ip=201.254.117.78
    Feb 25 03:14:42 kliacs gld: Greylist activated for recipient=<to_nazarudi@kliacs.com.my> sender=<meteinke_1963@AlertStamping.com> ip=<201.254.117.78>
    Feb 25 03:14:42 kliacs postfix/smtpd[32623]: NOQUEUE: reject: RCPT from unknown[201.254.117.78]: 554 5.7.1 Service unavailable; Client host [201.254.117.78] blocked using dul.dnsbl.sorbs.net; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?201.254.117.78; from=<meteinke_1963@AlertStamping.com> to=<to_nazarudi@kliacs.com.my> proto=ESMTP helo=<201-254-117-78.speedy.com.ar>
    Feb 25 03:14:43 kliacs postfix/smtpd[32623]: disconnect from unknown[201.254.117.78]
    Feb 25 03:14:44 kliacs postfix/smtpd[662]: B74A39DC3D2: client=c350b-3.friendster.com[209.11.169.86]
    Feb 25 03:14:45 kliacs postfix/cleanup[754]: B74A39DC3D2: hold: header Received: from c350b-3.friendster.com (c350b-3.friendster.com [209.11.169.86])??by kliacs.com.my (Postfix) with ESMTP id B74A39DC3D2??for <fazilah@kliacs.com.my>; Wed, 25 Feb 2009 03:14:38 +0800 (MYT) from c350b-3.friendster.com[209.11.169.86]; from=<alerts_fw@mail.friendster.com> to=<fazilah@kliacs.com.my> proto=ESMTP helo=<c350b-3.friendster.com>
    Feb 25 03:14:45 kliacs postfix/cleanup[754]: B74A39DC3D2: message-id=<7cogk3$hsr8uj@c350b.gbxsc.friendster.com>
    Feb 25 03:14:49 kliacs postfix/smtpd[320]: connect from unknown[84.47.237.35]
    Feb 25 03:14:51 kliacs MailScanner[32594]: New Batch: Scanning 1 messages, 31066 bytes
    Feb 25 03:14:51 kliacs MailScanner[32594]: Saved archive copies of B74A39DC3D2.090DA
    Feb 25 03:14:51 kliacs MailScanner[32594]: Whitelist refresh time reached
    Feb 25 03:14:51 kliacs MailScanner[32594]: Starting up SQL Whitelist
    Feb 25 03:14:51 kliacs MailScanner[32594]: Read 0 whitelist entries
    Feb 25 03:14:51 kliacs MailScanner[32594]: Blacklist refresh time reached
    Feb 25 03:14:51 kliacs MailScanner[32594]: Starting up SQL Blacklist
    Feb 25 03:14:51 kliacs MailScanner[32594]: Read 0 blacklist entries
    Feb 25 03:14:52 kliacs postfix/smtpd[662]: disconnect from c350b-3.friendster.com[209.11.169.86]
    Feb 25 03:14:55 kliacs postfix/policy-spf[663]: handler sender_policy_framework: is decisive.
    Feb 25 03:14:55 kliacs postfix/policy-spf[663]: : Policy action=PREPEND Received-SPF: none (stonemountainltd.com: No applicable sender policy available) receiver=kliacs.com.my; identity=mailfrom; envelope-from="tnasolpm@StoneMountainltd.com"; helo="[84.47.237.35]"; client-ip=84.47.237.35
    Feb 25 03:14:55 kliacs gld: Greylist activated for recipient=<zutinah@kliacs.com.my> sender=<tnasolpm@StoneMountainltd.com> ip=<84.47.237.35>
    Feb 25 03:14:57 kliacs postfix/smtpd[320]: NOQUEUE: reject: RCPT from unknown[84.47.237.35]: 554 5.7.1 Service unavailable; Client host [84.47.237.35] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=84.47.237.35; from=<tnasolpm@StoneMountainltd.com> to=<zutinah@kliacs.com.my> proto=ESMTP helo=<[84.47.237.35]>
    Feb 25 03:14:58 kliacs postfix/qmgr[796]: fatal: qmgr_move: update active/451D69DC4A2 time stamps: Operation not permitted
    Feb 25 03:14:59 kliacs postfix/master[18550]: warning: process /usr/lib/postfix/qmgr pid 796 exit status 1
    Feb 25 03:14:59 kliacs postfix/master[18550]: warning: /usr/lib/postfix/qmgr: bad command startup -- throttling
    Feb 25 03:15:00 kliacs postfix/smtpd[320]: disconnect from unknown[84.47.237.35]
    Feb 25 03:15:01 kliacs nss-mysql[18551]: C16709DC571: uid=0 from=<root>
    Feb 25 03:15:01 kliacs postfix/cleanup[754]: C16709DC571: message-id=<20090224191501.C16709DC571@kliacs.com.my>
    Feb 25 03:15:09 kliacs MailScanner[32594]: Virus and Content Scanning: Starting
    Feb 25 03:15:13 kliacs MailScanner[32594]: Requeue: B74A39DC3D2.090DA to 7455A9DC570
    Feb 25 03:15:13 kliacs MailScanner[32594]: Uninfected: Delivered 1 messages
    Feb 25 03:15:13 kliacs MailScanner[32594]: Logging message B74A39DC3D2.090DA to SQL
    Feb 25 03:15:13 kliacs MailScanner[32600]: B74A39DC3D2.090DA: Logged to MailWatch SQL
    Feb 25 03:15:40 kliacs postfix/smtpd[308]: timeout after RSET from unknown[216.109.9.131]
    Feb 25 03:15:40 kliacs postfix/smtpd[308]: disconnect from unknown[216.109.9.131]
    Feb 25 03:15:59 kliacs postfix/qmgr[842]: fatal: qmgr_move: update active/451D69DC4A2 time stamps: Operation not permitted
    Feb 25 03:16:00 kliacs postfix/master[18550]: warning: process /usr/lib/postfix/qmgr pid 842 exit status 1
    Feb 25 03:16:00 kliacs postfix/master[18550]: warning: /usr/lib/postfix/qmgr: bad command startup -- throttling
     
  13. falko

    falko Super Moderator

    There seems to be a permissions problem in /var/spool/postfix somewhere.
     

Share This Page