On Thu, Apr 8, 2010 at 9:29 AM, perikillo <periki...@gmail.com> wrote: > Hi people. > > I'm working in my first spam gateway, using Postfix + policyd-weight. > > I have 2 jails for this, the jail-A is the mail server, where the mailboxes > exist, they are on each user home directory: > > /home/user-1 > /home/user-2 > /home/user-3 > ... > /home/user-N > > This jail-A have samba+ldap=PDC, nss_ldap+pam_ldap working + > dovecot+postfix working to. > > id test > uid=10003(test) gid=513(Domain Users) groups=513(Domain Users) > id root > uid=0(root) gid=0(wheel) groups=0(wheel),5(operator),512(Domain Admins) > > I can add users without a issue using smbldap-tools. > > I have test dovecot+postfix and I can send emails with that jail. > > Now I want to setup my spam gateway, is another jail called jail-B, I have > setup nss_ldap+pam_ldap to contact my PDC(jail-A) and is working: > > id user1 > uid=10002(user1) gid=513(Domain Users) groups=513(Domain Users) > id test > uid=10003(test) gid=513(Domain Users) groups=513(Domain Users) > > Now, the part is the one is not working is postfix+ policyd-weight. > > Went I test with other machine in the network using telnet, for some reason > once postfix accept the mail wants to send the email to the outside not > internally. I have setup transport to send the email jail-A but I don't see > any task doing this, check: > > Apr 8 07:02:01 filtro postfix/qmgr[6723]: 97002BB47C2: from=<t...@x.org>, > size=409, nrcpt=1 (queue active) > Apr 8 07:02:04 filtro postfix/smtpd[6727]: connect from filtro.X.org > [192.168.49.7] > Apr 8 07:02:31 filtro postfix/smtp[6725]: connect to X.org[X.Y.Z.W]:25: > Operation timed out > Apr 8 07:02:31 filtro postfix/smtp[6725]: 97002BB47C2: to=<us...@x.org>, > relay=none, delay=869, delays=839/0.03/30/0, dsn=4.4.1, status=deferred > (connect to X.org[X.Y.Z.W]:25: Operation timed out)
You say that X.org should be delivered locally. Postfix doesn't think X.org is a local domain. > Apr 8 07:10:00 filtro postfix/sendmail[6763]: fatal: root(0): No recipient > addresses found in message header This appears that you've used "sendmail -t" to inject some mail, and there was no To: header. Don't rely on headers for mail routing. > > X.Y.Z.W --> Public address. > > My postfix settings are this: > > alias_maps = hash:/etc/aliases > command_directory = /usr/local/sbin > config_directory = /usr/local/etc/postfix > daemon_directory = /usr/local/libexec/postfix > data_directory = /var/db/postfix > debug_peer_level = 2 > home_mailbox = Maildir/ > html_directory = /usr/local/share/doc/postfix > inet_interfaces = all > local_destination_concurrency_limit = 2 > mail_owner = postfix > mailq_path = /usr/local/bin/mailq > manpage_directory = /usr/local/man > mydomain = X.org > myhostname = filtro.X.org You might want to add mydestination = $mydomain $myhostname localhost > myorigin = $mydomain > newaliases_path = /usr/local/bin/newaliases > queue_directory = /var/spool/postfix > readme_directory = /usr/local/share/doc/postfix > relay_domains = $transport_maps Bad idea. If you add a transport for eg. hotmail, you become an instant open relay. Don't reuse transport_maps this way. If mail is delivered locally on this box, relay_domains should be explicitly set empty. relay_domains = > sample_directory = /usr/local/etc/postfix > sendmail_path = /usr/local/sbin/sendmail > setgid_group = maildrop > smtpd_delay_reject = yes > smtpd_helo_required = yes > smtpd_recipient_restrictions = permit_mynetworks, > reject_unauth_destination, reject_non_fqdn_recipient, > reject_invalid_helo_hostname, check_policy_service > inet:[192.168.49.7]:12525 > soft_bounce = no > transport_maps = hash:/usr/local/etc/postfix/transport > unknown_local_recipient_reject_code = 550 > > Now, my transport file is: > > nis.X.org smtp:[192.168.49.6] ----->jail-A > > Is created: transport.db > > Another think, in the log I don't see went is touching "policyd-weight: > 12525" or this is just for the outside connections? Mail that's permitted by "permit_mynetworks" or submitted via the sendmail(1) interface won't trigger the policy server in your config. -- Noel Jones _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
