> On 31 Oct 2016, at 17:08, wilfried.es...@essignetz.de wrote:
>
> Am 31.10.2016 um 23:51 schrieb @lbutlr:
> ...
> No loglines of the denied mail?
Sure. Ut gives the same error as in the DND email.
Oct 31 09:34:19 mail postfix/smtpd[35893]: 3t6z1R27xYzKXmh:
client=localhost[127.0.0.1]
Oct 31 09:34:19 mail postfix/smtpd[35893]: 3t6z1R27xYzKXmh: permit: DATA from
localhost[127.0.0.1]: action=permit for Data command=DATA ;
from=<virusal...@covisp.net> to=<virusal...@covisp.net> proto=ESMTP
helo=<mail.covisp.net>
Oct 31 09:34:19 mail postfix/cleanup[35866]: 3t6z1R27xYzKXmh:
message-id=<valec8gtk8d...@mail.covisp.net>
Oct 31 09:34:19 mail postfix/qmgr[1309]: 3t6z1R27xYzKXmh:
from=<virusal...@covisp.net>, size=3114, nrcpt=1 (queue active)
Oct 31 09:34:19 mail postfix/local[35894]: 3t6z1R27xYzKXmh:
to=<virusal...@covisp.net>, relay=local, delay=0.13, delays=0.08/0.03/0/0.02,
dsn=5.1.1, status=bounced (unknown user: "virusalert")
Oct 31 09:34:19 mail postfix/bounce[35895]: 3t6z1R27xYzKXmh: sender
non-delivery notification: 3t6z1R33w3zKYKC
>> If I manually send a mail to virusal...@covisp.net
>
> What do you mean with "manually”?
Sent it myself from remote email (gmail or iCloud)
> (What is the difference to the denied mail?)
virusalert is the email that amavis sends to, but it is postfix that is
rejecting it.
> PLease, provide output of postconf -n and postconf -Mf.
OK, But I don’t think that is going to be helpful in this case. the user is
valid. The user maps properly via postmap -q, so there is something else that
is causing this.
There are no errors, panics, or fatal messages and the only warning messages
are rbl-related.
=== postconf -nf
alias_database = hash:$config_directory/aliases
alias_maps = hash:$config_directory/aliases,
hash:/usr/local/mailman/data/aliases
allow_percent_hack = no
bounce_size_limit = 10240
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb
$daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_long_queue_ids = yes
header_checks = pcre:/etc/postfix/header_checks.pcre
header_size_limit = 10240
home_mailbox = Maildir/
html_directory = /usr/local/share/doc/postfix
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailbox_command = /usr/local/bin/procmail -t -a $EXTENSION
mailbox_size_limit = 52428800
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
maps_rbl_reject_code = 521
max_use = 10
message_size_limit = 26214400
meta_directory = /usr/local/libexec/postfix
mime_header_checks = pcre:$config_directory/mime_headers.pcre
mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost,
ns1.$mydomain, ns2.$mydomain, mail.$mydomain, www.$mydomain,
webmail.$mydomain
mydomain = covisp.net
myhostname = mail.covisp.net
mynetworks = 75.148.37.64/29, 127.0.0.0/8, 65.121.55.42, , 65.121.55.45,
mynetworks_style = subnet
myorigin = $mydomain
newaliases_path = /usr/local/bin/newaliases
policyd-spf_time_limit = 3600
postscreen_access_list = permit_mynetworks,
cidr:$config_directory/postscreen_access.cidr
postscreen_bare_newline_ttl = 7d
postscreen_blacklist_action = drop
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = dnsbl.sorbs.net=127.0.0.10*9
dnsbl.sorbs.net=127.0.0.14*9 zen.spamhaus.org=127.0.0.[10;11]*8
dnsbl.sorbs.net=127.0.0.5*7 zen.spamhaus.org=127.0.0.[4..7]*7
b.barracudacentral.org=127.0.0.2*7 zen.spamhaus.org=127.0.0.3*7
dnsbl.inps.de=127.0.0.2*7 dnsbl.sorbs.net=127.0.0.7*4
hostkarma.junkemailfilter.com=127.0.0.2*4 bl.spamcop.net=127.0.0.2*4
bl.spameatingmonkey.net=127.0.0.[2;3]*4 dnsrbl.swinog.ch=127.0.0.3*4
ix.dnsbl.manitu.net=127.0.0.2*4 psbl.surriel.com=127.0.0.2*4
zen.spamhaus.org=127.0.0.2*3 score.senderscore.com=127.0.4.[0..20]*3
dnsbl.sorbs.net=127.0.0.6*3 dnsbl.sorbs.net=127.0.0.8*2
hostkarma.junkemailfilter.com=127.0.0.4*2 dnsbl.sorbs.net=127.0.0.9*2
dnsbl-1.uceprotect.net=127.0.0.2*2 all.spamrats.com=127.0.0.38*2
bl.nszones.com=127.0.0.[2;3]*1 dnsbl-2.uceprotect.net=127.0.0.2*1
dnsbl.sorbs.net=127.0.0.2*1 dnsbl.sorbs.net=127.0.0.4*1
score.senderscore.com=127.0.4.[0..69]*1 dnsbl.sorbs.net=127.0.0.3*1
hostkarma.junkemailfilter.com=127.0.1.2*1 dnsbl.sorbs.net=127.0.0.15*1
ips.backscatterer.org=127.0.0.2*1 bl.nszones.com=127.0.0.5*-1
score.senderscore.com=127.0.4.[90..100]*-1
hostkarma.junkemailfilter.com=127.0.0.1*-2 ips.whitelisted.org=127.0.0.2*-2
list.dnswl.org=127.0.[0..255].0*-2 dnswl.inps.de=127.0.[0;1].[2..10]*-2
list.dnswl.org=127.0.[0..255].1*-3 list.dnswl.org=127.0.[0..255].2*-4
list.dnswl.org=127.0.[0..255].3*-5
postscreen_dnsbl_threshold = 6
postscreen_dnsbl_ttl = 1d
postscreen_dnsbl_whitelist_threshold = -1
postscreen_greet_action = enforce
postscreen_greet_banner = mail.covisp.net ESTMP -- Please wait
postscreen_greet_ttl = 7d
postscreen_greet_wait = ${stress?3}${stress:11}s
postscreen_pipelining_ttl = 7d
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
recipient_bcc_maps = pcre:$config_directory/recipient_bcc.pcre
recipient_delimiter = +_
sample_directory = /usr/local/etc/postfix
sender_bcc_maps = pcre:$config_directory/sender_bcc.pcre
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
shlib_directory = /usr/local/lib/postfix
show_user_unknown_table_name = no
smtp_tls_exclude_ciphers = EXPORT, LOW, MD5, aDSS, kECDHe, kECDHr, kDHd, kDHr,
SEED, IDEA, RC2
smtp_tls_loglevel = 1
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name $mail_version
smtpd_data_restrictions = reject_unauth_pipelining,
reject_multi_recipient_bounce, permit
smtpd_error_sleep_time = 28
smtpd_hard_error_limit = 8
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname, check_helo_access
pcre:/etc/postfix/helo_checks.pcre permit
smtpd_log_access_permit_actions = static:all
smtpd_recipient_limit = 100
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_unknown_sender_domain, reject_invalid_hostname,
reject_unlisted_recipient, reject_unlisted_sender,
reject_unknown_reverse_client_hostname, check_recipient_access
hash:$config_directory/recipient_access check_sender_access
pcre:$config_directory/sender_access.pcre, check_client_access
hash:$config_directory/access, permit
smtpd_relay_restrictions = permit_mynetworks reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_soft_error_limit = 4
smtpd_starttls_timeout = 20s
smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem
smtpd_tls_ciphers = medium
smtpd_tls_exclude_ciphers = EXPORT, LOW, MD5, SEED, IDEA, RC2, RC4
smtpd_tls_key_file = /etc/ssl/private/postfix.pem
smtpd_tls_loglevel = 1
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtputf8_enable = no
soft_bounce = no
swap_bangpath = no
tls_ssl_options = no_ticket, no_compression
undisclosed_recipients_header = To: List of Bcc addresses:;
unknown_local_recipient_reject_code = 550
virtual_alias_domains = kreme.com
virtual_alias_maps = hash:$config_directory/virtual
proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:89
virtual_mailbox_base = /usr/local/virtual
virtual_mailbox_domains =
proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 89
virtual_transport = dovecot
virtual_uid_maps = static:89
=== postconf -Mf
smtp unix - - n - - smtp
smtp inet n - n - 1 postscreen
smtpd pass - - n - - smtpd
dnsblog unix - - n - 0 dnsblog
tlsproxy unix - - n - 0 tlsproxy
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_path=private/auth
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_data_restrictions=
-o
smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
-o smtpd_helo_restrictions=
-o
smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
-o syslog_name=submit-tls
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
dovecot unix - n n - - pipe flags=DRhu
user=vpopmail:vchkpw argv=/usr/local/libexec/dovecot/dovecot-lda -f
${sender} -d ${user}@${nexthop} -m ${extension} -a ${original_recipient}
policyd-spf unix - n n - 0 spawn user=nobody
argv=/usr/local/bin/policyd-spf
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
discard unix - - n - - discard
tlsmgr unix - - n 1000? 1 tlsmgr
retry unix - - n - - error
proxywrite unix - - n - 1 proxymap
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
