Le 20/07/2011 07:32, Thomas Zehbe a écrit : > Am Dienstag 19 Juli 2011, 22:20:25 schrieb mouss: >> Le 19/07/2011 09:05, Jeroen Geilman a écrit : >>> On 2011-07-19 00:31, mouss wrote: >>>> Le 18/07/2011 19:01, Jeroen Geilman a écrit : >>>>> On 2011-07-17 20:19, mouss wrote: >>>>>> Le 17/07/2011 12:49, Thomas Zehbe a écrit : >>>>>>> Hello List, >>>>>>> >>>>>>> I have an installtion using bitdefender as a virus scanner using the >>>>>>> content_filter option. >>>>>>> bitdefender's smtp daemon listens on port 10025, in main.cf therefore >>>>>>> this is defined: >>>>>>> >>>>>>> content_filter = smtp:[127.0.0.1]:10025 >>>>>>> >>>>>>> In master.cf a second instance of smtpd is defined, listening on port >>>>>>> 10026: >>>>>>> >>>>>>> 127.0.0.1:10026 inet n - n - 10 smtpd >>>>>>> -o content_filter= -o smtp_send_xforward_command=yes >>>>>>> >>>>>>> When smtp tries to send the mail to bitdefender for scanning, this >>>>>>> happens: >>>>>>> >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 220 linuxgw.myown.net ESMTP Postfix >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: warning: host >>>>>>> 127.0.0.1[127.0.0.1] greeted me with my own hostname linuxgw.myown.net >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:> 127.0.0.1[127.0.0.1]: >>>>>>> EHLO linuxgw.myown.net >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 250-linuxgw.myown.net >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 250-PIPELINING >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 250-SIZE 502400000 >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 250-VRFY >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 250-ETRN >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 250-XVERP >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]:< 127.0.0.1[127.0.0.1]: >>>>>>> 250 8BITMIME >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: warning: host >>>>>>> 127.0.0.1[127.0.0.1] replied to HELO/EHLO with my own hostname >>>>>>> linuxgw.myown.net >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: connect to subsystem >>>>>>> private/defer >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: send attr nrequest = 0 >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: send attr flags = 0 >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: send attr queue_id = >>>>>>> 2859B35121 >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: send attr >>>>>>> original_recipient = tz@localhost >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: send attr recipient = >>>>>>> t...@localhost.myown.net >>>>>>> Jul 17 11:42:55 linuxgw postfix/smtp[20313]: send attr reason = mail >>>>>>> for 127.0.0.1:10025 loops back to myself >>>>>>> >>>>>>> main.cf contains >>>>>>> mydestination = $myhostname, localhost.$mydomain,$mydomain >>>>>>> >>>>>>> I think, the bitdefender uses a correct answer for the EHLO, there is >>>>>>> no way (i know of) to change the 250 answer of bitdefender. >>>>>>> >>>>>>> After a dozen hours of research any hint would be appreciated. >>>>>>> >>>>>> first, is myown.net a domain of yours, or are you hijacking it? are you >>>>>> exposing domains of others? that would be really bad... >>>>>> >>>>>> second. you need to setup different hostames for the various pieces of >>>>>> servers you use. you'll have problems if one piece connects to another >>>>>> and both think they are the same "name". with postfix, use different >>>>>> myhostname values. >>>>> >>>>> I think that's only required if you're using multiple instances that >>>>> send SMTP mail to each other - and he's running 2.0 :) >>>>> >>>> no. you need different names even with a single instance. as soon as one >>>> piece talks to another over the network, each needs an identity. >>> >>> He's only running one postfix smtpd, the other host in the above log is >>> bitdefender. >>> The simplest would be to change the hostname of either postfix or >>> bitdefender, whichever makes more sense. >>> >>>> is is >>>> easily solved with smtp_helo_hostname... >>> >>> smtp_helo_name </nitpick> >> >> indeed! >> I need to update my brainware :) > No, smtp_helo_hostname doesn't help. I tested it. smtp client still checks > the hostname to prevent bounces. >
this is nonsense. if you think you are right, provide evidence. > But meanwhile i updated the postfix to a higher version, and as the changelog > tells, the problem is gone ... > Thanks > Thomas > >> >> Thanks for the correction. >> >>> >>> And you're right, that exists in 2.0. >>> >>>>> Many features we expect as given will be missing in his setup, he should >>>>> upgrade and then approach the problem fresh. >>>>> >>>>> >>> >>> >> >> > >
