Hi again Jasper... I think we are in the home straight, but I still
have a couple of questions....:-)
On 13/09/2010 12:09 AM, Jasper Jongmans wrote:
On 2010-09-12 17:41, Richard Chapman wrote:
Thanks again Jasper. I have enabled local -v debug logging - and I
think we can see in more detail where the problem arises - but I
still can't figure it out.
I have included what I think is the relevant bit... Here it is:
[snip]
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_switch[2]: local
rchapman reciprchap...@c5.aardvark.com.au exten
deliverrchap...@c5.aardvark.com.au exp_from
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_alias[3]: local
rchapman reciprchap...@c5.aardvark.com.au exten
deliverrchap...@c5.aardvark.com.au exp_from
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_alias:
hash:/etc/aliases(0,lock|no_regsub|no_proxy|no_unauth|fold_fix):
rchapman = richard
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_alias[3]: reset
user_attr
Sep 12 23:01:00 C5 postfix/local[28073]: maps_find: aliases:
owner-rchapman: not found
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_alias[3]: reset
owner attr
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_token_string: richard
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_token: richard
Sep 12 23:01:00 C5 postfix/local[28073]: deliver_resolve_tree[4]:
local rchapman reciprchap...@c5.aardvark.com.au exten
deliverrchap...@c5.aardvark.com.au exp_from rchapman
Sep 12 23:01:00 C5 postfix/local[28073]: tok822_rewrite: input: richard
Sep 12 23:01:00 C5 postfix/local[28073]: connect to subsystem
private/rewrite
Sep 12 23:01:00 C5 postfix/local[28073]: send attr request = rewrite
Sep 12 23:01:00 C5 postfix/local[28073]: send attr rule = local
Sep 12 23:01:00 C5 postfix/local[28073]: send attr address = richard
Sep 12 23:01:00 C5 postfix/local[28073]: private/rewrite socket:
wanted attribute: flags
Sep 12 23:01:00 C5 postfix/local[28073]: input attribute name: flags
Sep 12 23:01:00 C5 postfix/local[28073]: input attribute value: 0
Sep 12 23:01:00 C5 postfix/local[28073]: private/rewrite socket:
wanted attribute: address
Sep 12 23:01:00 C5 postfix/local[28073]: input attribute name: address
Sep 12 23:01:00 C5 postfix/local[28073]: input attribute
value:rich...@aardvark.com.au
Sep 12 23:01:00 C5 postfix/local[28073]: private/rewrite socket:
wanted attribute: (list terminator)
Sep 12 23:01:00 C5 postfix/local[28073]: input attribute name: (end)
Sep 12 23:01:00 C5 postfix/local[28073]: rewrite_clnt: local: richard
-> rich...@aardvark.com.au
Sep 12 23:01:00 C5 postfix/local[28073]: tok822_rewrite:
result:rich...@aardvark.com.au
[snip]
I just realised (thanks to the verbose logs) that when you specify an
unqualified address in aliases, myorigin gets added by
trivial-rewrite; use a qualified address like
rich...@c5.aardvark.com.au or change myorigin.
This makes perfect sense - and I'm sure you are right. I removed
myorigin so it should default back to myhostname - but still the server
did not accept mail forwarded to validu...@c5.aardvark.com.au unless the
mydestinatios includes $mydomain. I also ran "newaliases" just in case
the "myorigin" was applied at that time.
A further surprise to me is that it would not even accept
"validu...@c5.aardvark.com.au" when validuser is a native local account
as opposed to an alias.
I eventually found that there is a "default" option when forwarding from
google apps to "not change the envelope". I changed it to "change the
envelope" and evrything started working much more as expected. So it
looks like there were a couple of postfix config problems obscuring a
more fundamental non-postfix problem.....:-)
As you can probably guess - I have fiddled with quite a few things over
the last few days - and may not have been as careful as I should have to
note what I've changed and when. Here are a few weird new things...
Maybe you can give me a clue what caused these. I have included postconf
-n below.
1) I have seen a lot of this in the last 2 days:
Sep 13 17:49:35 C5 postfix/smtpd[12397]: connect from
mail-iw0-f174.google.com[209.85.214.174]
Sep 13 17:49:35 C5 postfix/smtpd[12397]: warning: Illegal address syntax from
mail-iw0-f174.google.com[209.85.214.174] in MAIL command:<boo...@95.58.45.186>
Sep 13 17:49:36 C5 postfix/smtpd[12397]: disconnect from
mail-iw0-f174.google.com[209.85.214.174]
Sep 13 17:50:07 C5 postfix/smtpd[12397]: connect from localhost[127.0.0.1]
Sep 13 17:50:07 C5 postfix/smtpd[12397]: warning: Illegal address syntax from
localhost[127.0.0.1] in MAIL command:<vice...@123.24.198.232>
Sep 13 17:50:07 C5 postfix/smtpd[12397]: warning: Illegal address syntax from
localhost[127.0.0.1] in MAIL command:<cy...@116.118.47.120>
Sep 13 17:50:07 C5 postfix/smtpd[12397]: warning: Illegal address syntax from
localhost[127.0.0.1] in MAIL command:<ja...@59.99.152.46>
Sep 13 17:50:07 C5 postfix/smtpd[12397]: disconnect from localhost[127.0.0.1]
Sep 13 17:53:27 C5 postfix/anvil[12399]: statistics: max connection rate 1/60s
for (smtp:209.85.214.174) at Sep 13 17:49:35
Sep 13 17:53:27 C5 postfix/anvil[12399]: statistics: max connection count 1 for
(smtp:209.85.214.174) at Sep 13 17:49:35
Sep 13 17:53:27 C5 postfix/anvil[12399]: statistics: max cache size 1 at Sep 13
17:49:35
Even weirder:
Sep 13 17:56:22 C5 postfix/postfix-script: starting the Postfix mail system
Sep 13 17:56:22 C5 postfix/master[12586]: daemon started -- version 2.3.3,
configuration /etc/postfix
Sep 13 18:00:07 C5 postfix/smtpd[12802]: connect from localhost[127.0.0.1]
Sep 13 18:00:07 C5 postfix/smtpd[12802]: warning: Illegal address syntax from
localhost[127.0.0.1] in MAIL command:<vice...@123.24.198.232>
Sep 13 18:00:07 C5 postfix/smtpd[12802]: warning: Illegal address syntax from
localhost[127.0.0.1] in MAIL command:<cy...@116.118.47.120>
Sep 13 18:00:07 C5 postfix/smtpd[12802]: warning: Illegal address syntax from
localhost[127.0.0.1] in MAIL command:<ja...@59.99.152.46>
Sep 13 18:00:08 C5 postfix/smtpd[12802]: 12E981D22332:
client=localhost[127.0.0.1]
Sep 13 18:00:08 C5 postfix/cleanup[12806]: 12E981D22332:
message-id=<4c8e029b.c076b...@avaya.com>
Sep 13 18:00:08 C5 postfix/qmgr[12588]: 12E981D22332:
from=<angeline_jeric...@avaya.com>, size=2464, nrcpt=1 (queue active)
Sep 13 18:00:08 C5 spamd[2532]: spamd: connection from localhost [127.0.0.1] at
port 43970
Sep 13 18:00:08 C5 spamd[2532]: spamd: setuid to richard succeeded
Sep 13 18:00:08 C5 spamd[2532]: spamd: processing
message<4c8e029b.c076b...@avaya.com> for richard:500
Sep 13 18:00:08 C5 postfix/smtpd[12802]: disconnect from localhost[127.0.0.1]
Sep 13 18:00:12 C5 spamd[2532]: spamd: identified spam (17.8/5.0) for
richard:500 in 4.8 seconds, 2592 bytes.
Sep 13 18:00:12 C5 spamd[2532]: spamd: result: Y 17 -
BAYES_99,HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_PBL,RCVD_IN_XBL,RDNS_NONE,URIBL_AB_SURBL,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SBL,URIBL_SC_SURBL,URIBL_WS_SURBL
scantime=4.8,size=2592,user=richard,uid=500,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=43970,mid=<4c8e029b.c076b...@avaya.com>,bayes=1.000000,autolearn=spam
Sep 13 18:00:13 C5 postfix/local[12807]: 12E981D22332:
to=<rich...@localhost.aardvark.com.au>, orig_to=<rich...@localhost>,
relay=local, delay=4.9, delays=0.06/0.01/0/4.9, dsn=2.0.0, status=sent (delivered to
command: procmail)
Sep 13 18:00:13 C5 postfix/qmgr[12588]: 12E981D22332: removed
Note in the above case the illegal addresses seems to come from
"localhost" without any connection from elsewhere since the server was
restarted. I couldn't see anything stuck in the outgoing queue either.
It looks like a virus somewhere - but I'm not sure where. All the
windows boxes here look well protected - but it almost looks like a
virus on the centos box.. Seems very weird. Or have I seriously broken
something?
2) You may recall that rchapman is an alias to richard on the local
server. If I send email from a local client with rchap...@aardvark... as
the from address - it arrives back with "rich...@aardvark... as the from
address. I'm pretty sure this is new behaviour (rewriting the user-name)
- and not ideal from my purposes. For reference - here is postconf -n:
*> postconf -n*
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
delay_warning_time = 1
home_mailbox = Maildir/
html_directory = no
mailbox_command = procmail
mailbox_size_limit = 512000000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
masquerade_domains = aardvark.com.au
message_size_limit = 409600000
myhostname = c5.aardvark.com.au
newaliases_path = /usr/bin/newaliases.postfix
notify_classes = resource, software, delay
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relayhost = smtp.gmail.com:submission
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous, noplaintext
smtp_sasl_tls_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_tls_security_level = may
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks
permit_inet_interfaces reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /usr/share/ssl/certs/c5.aardvark_cert.pem
smtpd_tls_key_file = /usr/share/ssl/private/c5.aardvark_key.pem
smtpd_use_tls = yes
soft_bounce = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
3) Also - you made reference to my virtual domain set up. I re-read the
virtual_readme and it looks to me like I am allowed to "implicitly"
specify the virtual domain in the /etc/postfix/virtual file according to
the procedure below:
[from virtual_readme]
# Support for a virtual alias domain looks like:
#
# /etc/postfix/main.cf:
# virtual_alias_maps = hash:/etc/postfix/virtual
#
# Note: some systems use dbm databases instead of hash.
# See the output from "postconf -m" for available data-
# base types.
#
# /etc/postfix/virtual:
# virtual-alias.domain anything (right-hand content does not
matter)
# postmas...@virtual-alias.domain postmaster
# us...@virtual-alias.domain address1
# us...@virtual-alias.domain address2, address3
#
#
Am I misinterpreting this? This is what my /etc/postfix/virtual file
looks like - including the first line...
Thanks again for all your help. I have learned a lot - and would never
have got here without your help.
Richard.
--
Richard Chapman
