On Saturday 22 October 2011 18:56:18 Jack Fredrikson wrote: > From: /dev/rob0 <r...@gmx.co.uk> > > http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL > > (or, as it says, wiki1 for Dovecot 1.x) > > http://www.postfix.org/SASL_README.html#server_dovecot > > Do I really want to create a chroot jail? That's what that first > link at any rate is teaching.
Hmm, you must be reading something there that I missed. No, I don't recommend chroot unless/until it makes sense for you. But you can put your socket at /var/spool/postfix/private/auth as it says. "smtpd_sasl_path = private/auth" works whether or not chrooted, if it's the default spool_directory, of course. That is the only reference made to chroot, not a recommendation either way. > I set up my files as per the link the other fellow's suggestion: > http://wiki.centos.org/HowTos/postfix_sasl > > and I still get errors: > > Oct 22 16:51:06 example spamd[5847]: razor2: razor2 check failed: > Permission denied razor2: Can't read conf file: > /var/spool/amavisd/razor-agent.conf at > /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Razor2.p > m line 330, <GEN568> line 157. > Oct 22 16:51:07 example spamd[12042]: util: failed to spawn a > process "/usr/bin/pyzor, check": error closing STDERR: > Inappropriate ioctl for device at > /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line > 1517, <GEN568> line 157. at > /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line > 1438, <GEN568> line 157. > Oct 22 16:51:07 example spamd[5847]: pyzor: [12042] error: exit 6 > Oct 22 16:51:07 example spamd[5847]: spamd: identified spam > (21.7/5.0) for spamfilter:516 in 1.5 seconds, 5786 bytes. > Oct 22 16:51:07 example spamd[5847]: spamd: result: Y 21 - > DYN_RDNS_SHORT_HELO_HTML,FSL_HELO_NON_FQDN_1,HELO_NO_DOMAIN, > HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_BRBL_LASTEXT, > RCVD_IN_PBL,RCVD_IN_RP_RNBL,RCVD_IN_SORBS_WEB,RCVD_IN_XBL, > RDNS_DYNAMIC,URIBL_AB_SURBL,URIBL_BLACK,URIBL_DBL_SPAM, > URIBL_JP_SURBL,URIBL_SBL,URIBL_WS_SURBL scantime=1.5,size=5786, > user=spamfilter,uid=516,required_score=5.0,rhost= > localhost.localdomain,raddr=127.0.0.1,rport=55681, > mid=<003601cc911d$da0806e0$8e1814a0$@org>,autolearn=spam Off topic here, but you need to configure your content filter to do different tests for SASL authenticated submission as opposed to MX mail arriving on port 25. The DNSBL and HELO tests are not useful. URIBL and DBL tests, OTOH, are a good idea. How you managed to submit mail which was flagged as spam using the latter tests is possibly another cause for concern. :) > Oct 22 16:51:07 example postfix/pipe[12035]: 726F35790169: > to=<ddejo...@dejonghgroup.com>, relay=spamfilter, delay=2.6, > delays=0.85/0.01/0/1.8, dsn=2.0.0, status=sent (delivered via > spamfilter service) > Oct 22 16:51:07 example postfix/qmgr[11692]:726F35790169: removed > Oct 22 16:51:07 example postfix/pickup[11707]: C2F705790169: > uid=516 from=<hawkexasper...@justnet.org> > Oct 22 16:51:08 example spamd[5505]: prefork: child states: II > Oct 22 16:51:08 example postfix/cleanup[12034]: C2F705790169: > message-id=<003601cc911d$da0806e0$8e1814a0$@org> > Oct 22 16:51:08 example postfix/qmgr[11692]: C2F705790169: > from=<hawkexasper...@justnet.org>, size=10373, nrcpt=1 (queue > active) This part worked, all except for your pipe(8) transport. I would recommend that you set things up with the standard Postfix delivery agents (local(8) and/or virtual(8)) first, before using pipe. > Oct 22 16:51:08 example postfix/pipe[12021]: C2F705790169: > to=<ddejo...@dejonghgroup.com>, relay=dovecot, delay=2.1, > delays=2/0.01/0/0.08, dsn=4.3.0, status=deferred (temporary > failure. Command output: doveconf: Warning: NOTE: You can get a snip Apparently you used doveconf(1) rather than dovecot-lda(1). I'm sure the Dovecot documentation does not tell you to do this. :) > I googled that razor2 error and looked through lots of results > which were of no help. I have yet to check out the ioctl error but > it's time for bed ;) The "status=deferred (temporary failure... is > frustrating but that's obviously a dovecot issue. I can't help with any of those except the latter, where again, you should get local and/or virtual working first, before trying with dovecot-lda/pipe or LMTP. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header
