On Fri, Nov 4, 2011 at 3:57 PM, David Southwell <ad...@vizion2000.net>wrote:
> On Friday 04 November 2011 10:24:54 Wietse Venema wrote: > > David Southwell: > > > On Friday 04 November 2011 09:24:40 Kris Deugau wrote: > > > > David Southwell wrote: > > > > > But still got the following errors when the lines in main.cf were > > > > > > unchecked: > > > > [snip] > > > > > > > > > Nov 4 07:37:50 dns1 postfix/smtpd[26676]: warning: connect to > > > > > private/policyd-spf: Connection refused > > > > > > > > You need to find out why your policy server isn't responding to > > > > Postfix. > > > > > > > > Since it's set up for a Unix socket, you likely either have a > > > > permissions issue (eg, running as the wrong user) or the policy > server > > > > isn't running. > > > > > > > > -kgd > > > > > > Sounds sensible. Any advice on how I can check that out? > > > > You can use lsof or netstat to find out what is listening. > > > > On FreeBSD (which I recall is the platform) the error "Connection > > refused" means that no process is listening on the port. > > > > Hence, my suspicion about editing the wrong file or saving the file > > at the wrong time. > > > > Wietse > > > I tried to test policyd-spf-perl manually with results as can be seen > below. > This does seem to confirm the notion that for some as yet unbeknown reason > the > process is not being launched. > > Any ideas where I should be looking? > > [root@dns1 /usr/local/sbin]# postfix-policyd-spf-perl > request=smtpd_access_policy > protocol_state=RCPT > protocol_name=SMTP > helo_name=h****forge.com > queue_id=8045F2AB23 > sender=info@h****forge.com > recipient=da...@vizion2000.net > client_address=81.169.1.52 > client_name=h****.server*******.net > > action=PREPEND Received-SPF: none (h****forge.com: No applicable sender > policy > available) receiver=dns1.vizion2000.net; identity=mailfrom; envelope- > from="info@h****forge.com"; helo=h****forge.com; client-ip=81.169.1.52 > > > Usually, when you can run a process as root and cannot start it as a background service, the problem is that the user that is the owner of the service does not have enough permissions to open or access some resource (usually pid file, run file, socket file or config file). Try looking for: 1) which user/group is the owner of the service when you started it in background as a daemon. 2) see if that user/group has enough permissions to access the files it should access with read AND write permissions. Look for pid files, socket files and at last for config file. Fernando Maior
