Hallo Liste, nach Umstellung von 7.3 auf 9.2, ich dachte es wäre Zeit weil 7.3 nicht mehr supportet, habe ich massive Probleme den Mailserver konfiguriert zu bekommen. Was der Mailserver machen soll A. Mails von verschiedenen Konten abholen B. An einen Benutzer "Mailer" weiterleiten, der via procmail Filter an die anderen Benutzer weiterverteilt C. Spamassassin und antivir über die Mails laufen lässt D. lokale Mails lokal zustellen E. die anderen Mails über ein Relay weltweit verschickt Was bisher funktioniert ist E. und A. sonst nichts, wobei die Zustellung auch unter A. nicht funktioniert, die Mails landen ... ja wo landen sie denn? in /var/log/mail steht sowas wie Mar 4 11:10:12 mserver postfix/qmgr[5879]: 8F4445C090: from=<nobody@mserver.itega.org>, size=22526, nrcpt=1 (queue active) Mar 4 11:10:23 mserver postfix/smtpd[8769]: connect from localhost[127.0.0.1] Mar 4 11:10:23 mserver postfix/smtpd[8769]: F084E5DDED: client=localhost[127.0.0.1] Mar 4 11:10:24 mserver postfix/cleanup[8900]: F084E5DDED: message-id=<20050216162349.800381BB7D@mserver.itega.org> Mar 4 11:10:24 mserver postfix/smtpd[8769]: disconnect from localhost[127.0.0.1] Mar 4 11:10:24 mserver amavis[9030]: (client-XX6Lnysl) Passed CLEAN, <nobody@mserver.itega.org> -> <dietmar@mserver.itega.org>, Message-ID: <20050216162349.800381BB7D@mserver.itega.org>, Hits: -2.82 Mar 4 11:10:24 mserver amavis[9030]: (client-XX6Lnysl) WARN: no recips left (forgot to set $forward_method=undef using milter?), 250 2.6.0 Ok, id=client-XX6Lnysl, from MTA: 250 Ok: queued as F084E5DDED Mar 4 11:10:24 mserver postfix/pipe[5888]: 092FE5E1A0: to=<dietmar@mserver.itega.org>, orig_to=<dietmar>, relay=vscan, delay=801378, status=SOFTBOUNCE (Command died with status 99: "/usr/sbin/amavis") Mar 4 11:10:24 mserver postfix/qmgr[5879]: 092FE5E1A0: from=<nobody@mserver.itega.org>, status=expired, returned to sender Mar 4 11:10:25 mserver postfix/cleanup[8962]: 1D87160996: message-id=<20050304101024.1D87160996@mserver.itega.org> Mar 4 11:10:25 mserver postfix/qmgr[5879]: 092FE5E1A0: removed Mar 4 11:10:25 mserver postfix/qmgr[5879]: 8C3655CD50: from=<nobody@mserver.itega.org>, size=34192, nrcpt=1 (queue active) in mail.info steht sowas Mar 4 11:10:12 mserver postfix/cleanup[8962]: 147D960A0D: message-id=<20050304101011.147D960A0D@mserver.itega.org> Mar 4 11:10:12 mserver postfix/qmgr[5879]: 047EE5E7C2: removed Mar 4 11:10:12 mserver postfix/qmgr[5879]: 8F4445C090: from=<nobody@mserver.itega.org>, size=22526, nrcpt=1 (queue active) Mar 4 11:10:23 mserver postfix/smtpd[8769]: connect from localhost[127.0.0.1] Mar 4 11:10:23 mserver postfix/smtpd[8769]: F084E5DDED: client=localhost[127.0.0.1] Mar 4 11:10:24 mserver postfix/cleanup[8900]: F084E5DDED: message-id=<20050216162349.800381BB7D@mserver.itega.org> Mar 4 11:10:24 mserver postfix/smtpd[8769]: disconnect from localhost[127.0.0.1] Mar 4 11:10:24 mserver amavis[9030]: (client-XX6Lnysl) Passed CLEAN, <nobody@mserver.itega.org> -> <dietmar@mserver.itega.org>, Message-ID: <20050216162349.800381BB7D@mserver.itega.org>, Hits: -2.82 Mar 4 11:10:24 mserver amavis[9030]: (client-XX6Lnysl) WARN: no recips left (forgot to set $forward_method=undef using milter?), 250 2.6.0 Ok, id=client-XX6Lnysl, from MTA: 250 Ok: queued as F084E5DDED Mar 4 11:10:24 mserver postfix/pipe[5888]: 092FE5E1A0: to=<dietmar@mserver.itega.org>, orig_to=<dietmar>, relay=vscan, delay=801378, status=SOFTBOUNCE (Command died with status 99: "/usr/sbin/amavis") Mar 4 11:10:24 mserver postfix/qmgr[5879]: 092FE5E1A0: from=<nobody@mserver.itega.org>, status=expired, returned to sender Mar 4 11:10:25 mserver postfix/cleanup[8962]: 1D87160996: message-id=<20050304101024.1D87160996@mserver.itega.org> Mar 4 11:10:25 mserver postfix/qmgr[5879]: 092FE5E1A0: removed Mar 4 11:10:25 mserver postfix/qmgr[5879]: 8C3655CD50: from=<nobody@mserver.itega.org>, size=34192, nrcpt=1 (queue active) in mail.warn sowas Mar 4 11:10:24 mserver amavis[9030]: (client-XX6Lnysl) WARN: no recips left (forgot to set $forward_method=undef using milter?), 250 2.6.0 Ok, id=client-XX6Lnysl, from MTA: 250 Ok: queued as F084E5DDED . . . Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: mail for mserver.itega.org is using up 20000 of 20000 active queue entries Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: you may need to reduce vscan connect and helo timeouts Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: so that Postfix quickly skips unavailable hosts Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: you may need to increase the main.cf minimal_backoff_time and maximal_backoff_time Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: so that Postfix wastes less time on undeliverable mail Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: you may need to increase the master.cf vscan process limit Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: please avoid flushing the whole queue when you have Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: lots of deferred mail, that is bad for performance Mar 4 11:15:05 mserver postfix/qmgr[5879]: warning: to turn off these warnings specify: qmgr_clog_warn_time = 0 Das deutet auf Probleme mit amavis hin. Aber ich finde den Fehler nicht. amavisd.conf (gekürzt) use strict; $max_servers = 2; # number of pre-forked children (2..15 is common) $daemon_user = 'vscan'; $daemon_group = 'vscan'; $mydomain = 'itega.org'; $MYHOME = '/var/spool/amavis'; $TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually $ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR $QUARANTINEDIR = '/var/spool/amavis/virusmails'; @local_domains_maps = ( [".$mydomain"] ); $log_level = 0; # verbosity 0..5 $log_recip_templ = undef; # disable by-recipient level-0 log entries $DO_SYSLOG = 1; # log via syslogd (preferred) $SYSLOG_LEVEL = 'mail.debug'; $enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) $enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 $inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol) $unix_socketname = "$MYHOME/amavisd.sock"; # when using sendmail milter $sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 5.0; $sa_kill_level_deflt = 6.31; # triggers spam evasive actions $sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent $sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger $sa_local_tests_only = 0; # only tests which do not require internet access? $sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant # for SA 3.0, cf option is 'use_auto_whitelist') $virus_admin = "virusalert\@$mydomain"; # notifications recip. $mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender $mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender $mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef @addr_extension_virus_maps = ('virus'); @addr_extension_spam_maps = ('spam'); @addr_extension_banned_maps = ('banned'); @addr_extension_bad_header_maps = ('badh'); $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; $file = 'file'; # file(1) utility; use recent versions $gzip = 'gzip'; $bzip2 = 'bzip2'; $lzop = 'lzop'; $rpm2cpio = ['rpm2cpio.pl','rpm2cpio']; $cabextract = 'cabextract'; $uncompress = ['uncompress', 'gzip -d', 'zcat']; $unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat']; $arc = ['nomarch', 'arc']; $unarj = ['arj', 'unarj']; $unrar = ['rar', 'unrar']; $zoo = 'zoo'; $lha = 'lha'; $cpio = ['gcpio','cpio']; $dspam = 'dspam'; $MAXLEVELS = 14; $MAXFILES = 1500; $MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) $MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) $sa_spam_subject_tag = '***SPAM*** '; $defang_virus = 1; # MIME-wrap passed infected mail $defang_banned = 1; # MIME-wrap passed mail containing banned name $final_spam_destiny = D_PASS; @viruses_that_fake_sender_maps = (new_RE( [qr'\bEICAR\b'i => 0], # av test pattern name [qr'^(WM97|OF97|Joke\.)'i => 0], # adjust names to match your AV scanner [qr/.*/ => 1], # true for everything else )); @keep_decoded_original_maps = (new_RE( qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, )); $banned_filename_re = new_RE( qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)\.?$'i, qr'^application/x-msdownload$'i, # block these MIME types qr'^application/x-msdos-program$'i, qr'^application/hta$'i, [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any type in Unix archives qr'.\.(exe|vbs|pif|scr|bat|cmd|com)$'i, # banned extension - basic qr'^\.(exe-ms)$', # banned file(1) types ); @score_sender_maps = ({ # a by-recipient hash lookup table, # results from all matching recipient tables are summed '.' => [ # the _first_ matching sender determines the score boost new_RE( # regexp-type lookup table, just happens to be all soft-blacklist [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0], [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0], [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0], [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0], [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0], [qr'^(your_friend|greatoffers)@'i => 5.0], [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0], ), { # a hash-type lookup table (associative array) 'nobody@cert.org' => -3.0, 'cert-advisory@us-cert.gov' => -3.0, 'owner-alert@iss.net' => -3.0, 'slashdot@slashdot.org' => -3.0, 'bugtraq@securityfocus.com' => -3.0, 'ntbugtraq@listserv.ntbugtraq.com' => -3.0, 'security-alerts@linuxsecurity.com' => -3.0, 'mailman-announce-admin@python.org' => -3.0, 'amavis-user-admin@lists.sourceforge.net'=> -3.0, 'notification-return@lists.sophos.com' => -3.0, 'owner-postfix-users@postfix.org' => -3.0, 'owner-postfix-announce@postfix.org' => -3.0, 'owner-sendmail-announce@lists.sendmail.org' => -3.0, 'sendmail-announce-request@lists.sendmail.org' => -3.0, 'donotreply@sendmail.org' => -3.0, 'ca+envelope@sendmail.org' => -3.0, 'noreply@freshmeat.net' => -3.0, 'owner-technews@postel.acm.org' => -3.0, 'ietf-123-owner@loki.ietf.org' => -3.0, 'cvs-commits-list-admin@gnome.org' => -3.0, 'rt-users-admin@lists.fsck.com' => -3.0, 'clp-request@comp.nus.edu.sg' => -3.0, 'surveys-errors@lists.nua.ie' => -3.0, 'emailnews@genomeweb.com' => -5.0, 'yahoo-dev-null@yahoo-inc.com' => -3.0, 'returns.groups.yahoo.com' => -3.0, 'clusternews@linuxnetworx.com' => -3.0, lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0, lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0, # soft-blacklisting (positive score) 'sender@example.net' => 3.0, '.example.net' => 1.0, }, ], # end of site-wide tables }); postconf -n alias_maps = hash:/etc/aliases canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix content_filter = vscan: daemon_directory = /usr/lib/postfix debug_peer_level = 2 defer_transports = disable_dns_lookups = yes html_directory = /usr/share/doc/packages/postfix/html inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/mail mailbox_command = /usr/bin/procmail mailbox_size_limit = 0 mailbox_transport = procmail mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root message_size_limit = 10240000 mydestination = $myhostname,localhost.$mydomain,$mydomain mydomain = itega.org myhostname = mserver.itega.org mynetworks = 172.16.2.0/24, 127.0.0.0/8 newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/packages/postfix/README_FILES relayhost = postman.arcor.de relocated_maps = hash:/etc/postfix/relocated sample_directory = /usr/share/doc/packages/postfix/samples sender_canonical_maps = hash:/etc/postfix/sender_canonical sendmail_path = /usr/sbin/sendmail setgid_group = maildrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_use_tls = yes smtpd_client_restrictions = smtpd_helo_required = no smtpd_helo_restrictions = smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sender_restrictions = hash:/etc/postfix/access smtpd_use_tls = yes soft_bounce = yes strict_rfc821_envelopes = no transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 450 main.cf soft_bounce = yes queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/lib/postfix mail_owner = postfix myhostname = mserver.itega.org mydomain = itega.org inet_interfaces = all unknown_local_recipient_reject_code = 450 mynetworks = 172.16.2.0/24, 127.0.0.0/8 mailbox_command = /usr/bin/procmail debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/sbin/sendmail newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq setgid_group = maildrop manpage_directory = /usr/share/man sample_directory = /usr/share/doc/packages/postfix/samples readme_directory = /usr/share/doc/packages/postfix/README_FILES mail_spool_directory = /var/mail canonical_maps = hash:/etc/postfix/canonical virtual_maps = hash:/etc/postfix/virtual relocated_maps = hash:/etc/postfix/relocated transport_maps = hash:/etc/postfix/transport sender_canonical_maps = hash:/etc/postfix/sender_canonical masquerade_exceptions = root masquerade_classes = envelope_sender, header_sender, header_recipient program_directory = /usr/lib/postfix inet_interfaces = all masquerade_domains = mydestination = $myhostname,localhost.$mydomain,$mydomain defer_transports = disable_dns_lookups = yes relayhost = postman.arcor.de content_filter = vscan: mailbox_command = /usr/bin/procmail mailbox_transport = procmail smtpd_sender_restrictions = hash:/etc/postfix/access smtpd_client_restrictions = smtpd_helo_required = no smtpd_helo_restrictions = strict_rfc821_envelopes = no smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination smtp_sasl_auth_enable = yes smtpd_sasl_auth_enable = yes smtpd_use_tls = yes smtp_use_tls = yes alias_maps = hash:/etc/aliases mailbox_size_limit = 0 message_size_limit = 10240000 smtp_sasl_security_options = smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd html_directory = /usr/share/doc/packages/postfix/html master.cf smtp inet n - n - 2 smtpd -o content_filter=smtp:[127.0.0.1]:10024 pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp showq unix n - n - - showq error unix - - n - - error local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil localhost:10025 inet n - n - - smtpd -o content_filter= maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient vscan unix - n n - 10 pipe user=vscan argv=/usr/sbin/amavis ${sender} ${recipient} procmail unix - n n - - pipe flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient} Any hints? -- Best regards, Dietmar mailto:earthmate@gmx.net