Am Mittwoch, 3. Mai 2006 20:18 schrieb Sandy Drobic: Hallo Sandy,
Out: 220 gw.local.site ESMTP Postfix In: EHLO localhost Out: 250-gw.local.site Out: 250-PIPELINING Out: 250-SIZE 40000000 Out: 250-VRFY Out: 250-ETRN Out: 250 8BITMIME In: MAIL FROM:<> Out: 250 Ok In: RCPT TO:<jhw@news.com> Out: 554 <jhw@news.com>: Relay access denied In: QUIT Out: 221 Bye
grep -r "jhw@news.com" /var/
/var/log/mail:May 2 18:40:27 gw postfix/qmgr[7649]: 94A68E0028A: from=<jhw@news.com>, size=36724, nrcpt=1 (queue active)
/var/log/mail:May 2 18:40:56 gw postfix/smtpd[24141]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 554 <jhw@news.com>: Relay access denied; from=<> to=<jhw@news.com> proto=ESMTP helo=<localhost>
Postfix ist nicht ganz sauber konfiguriert. Amavis versucht, eine Mail an Postfix zu schicken, aber Postfix nimmt von Amavis die Mail nicht an, da nicht authentifiziert und offensichtlich die IP von localhost nicht in mynetworks ist.
Wenn ich mir selber eine exe-Datei als Attachment via Mailserver des ISP sende, dann verschiebt das amavisd kommentarlos in /var/spool/amavis/virusmails/. Bei dem ursprünglich geposteten Mail könnte etwas vorhanden sein, sodass es zu der erwähnten Situation kommt. relay_domains sind unbedingt erwünscht um Mailservermißbrauch auszuschließen. Zum Versenden von "User-Mails" wird der lokale Mailserver nicht eingesetzt, sondern nur für Systemmails. "User-Mails" laufen über den Mailserver des ISP oder über den Mailserver des Webspace-Hosters. postconf -n alias_maps = hash:/etc/aliases biff = no canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix content_filter = smtp:[127.0.0.1]:10024 daemon_directory = /usr/lib/postfix debug_peer_level = 2 defer_transports = disable_dns_lookups = yes disable_mime_output_conversion = no error_notice_recipient = ab@gw.local.site html_directory = /usr/share/doc/packages/postfix/html inet_interfaces = 127.0.0.1 ::1 192.168.1.99 inet_protocols = all mail_owner = postfix mail_spool_directory = /var/mail mailbox_command = mailbox_size_limit = 0 mailbox_transport = mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root message_size_limit = 4000000 mydestination = $myhostname, localhost.$mydomain myhostname = gw.local.site newaliases_path = /usr/bin/newaliases notify_classes = policy, resource, software queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/packages/postfix/README_FILES relay_domains = ... relayhost = relocated_maps = hash:/etc/postfix/relocated sample_directory = /usr/share/doc/packages/postfix/samples sender_canonical_maps = hash:/etc/postfix/sender_canonical sendmail_path = /usr/sbin/sendmail setgid_group = maildrop smtp_sasl_auth_enable = no smtp_use_tls = no smtpd_client_restrictions = smtpd_helo_required = no smtpd_helo_restrictions = smtpd_recipient_restrictions = reject_unauth_destination smtpd_sasl_auth_enable = no smtpd_sender_restrictions = hash:/etc/postfix/access smtpd_use_tls = no strict_8bitmime = no strict_rfc821_envelopes = no transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550
Entweder definiere in main.cf: mynetworks = 192.168.1.0/24, 127.0.0.0/8 (oder wie immer deine vertrauenswürdigen IPs aussehen) und smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination ....
Oder definiere in master.cf die entsprechenden Optionen für die Listener, in diesem Fall den Listener 127.0.0.1:10025
localhost:10025 inet n - n - 2 smtpd -o content_filter= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8
/etc/postfix/master.cf smtp inet n - n - - smtpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil localhost:10025 inet n - n - - smtpd -o content_filter= scache unix - - n - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient procmail unix - n n - - pipe flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
Eine der beiden Konfigurationen brauchst du.
Ich bin noch unsicher, was in der nun näher erläuterten SItuation besser ist. Distri ist Suse 10.0 Al