Hi,
we're about to use Spamassassin in our postfix mail system. For that
reason we "copied" our mail system to a virtual machine in order to see
how Spamassassin is configured correctly.
After we enabled Spamassassin we're facing the problem that the virtual
table is evaluated a second time after the mail re-entered the mail
system when processed by Spamassassin.
My first attempt to solve this problem was to find a way to leave the
virtual settings empty for the re-entered mail - no success.
After some googling it looks to me that we're the only one facing this
problem. So, seems to be a problem with our configuration.
Is there a way to prevent postfix from evaluating the virtual table a
second time? Or: How is Virtual and Spamassassin configured correctly?
I've attached the postfinger configuration and the one particular mail
processing log from the virtual machine, after enabling Spamassassin.
Thanks for any hint.
postfinger - postfix configuration on Sat Aug 20 10:32:14 CEST 2022
version: 1.30
Warning: postfinger output may show private configuration information,
such as ip addresses and/or domain names which you do not want to show
to the public. If this is the case it is your responsibility to modify
the output to hide this private information. [Remove this warning with
the --nowarn option.]
--System Parameters--
mail_version = 3.4.14
hostname = SpamAssassin
uname = Linux SpamAssassin 4.19.0-20-amd64 #1 SMP Debian 4.19.235-1
(2022-03-17) x86_64 GNU/Linux
--Packaging information--
looks like this postfix comes from deb package: postfix-3.4.14-0+deb10u1
--main.cf non-default parameters--
alias_maps = hash:/etc/aliases
always_add_missing_headers = yes
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 3d
broken_sasl_auth_clients = yes
delay_warning_time = 5h
maildrop_destination_recipient_limit = 1
maximal_queue_lifetime = 3d
message_size_limit = 36700160
mydestination = hexa, localhost.localdomain, localhost $myhostname
mydomain = <domain>
myhostname = mail
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
192.168.151.80/28 192.168.151.1/32
myorigin = $mydomain
policyd-spf_time_limit = 3600
readme_directory = no
recipient_delimiter = +
relay_domains = $mydestination
smtp_destination_concurrency_limit = 1
smtp_destination_rate_delay = 1s
smtp_extra_recipient_limit = 10
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_exclude_ciphers = RC4, aNULL
smtp_tls_loglevel = 1
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = check_client_access
hash:/etc/postfix/custom_restrictions/denied_clients check_client_access
hash:/etc/postfix/custom_restrictions/denied_single_clients
smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access
regexp:/etc/postfix/custom_restrictions/denied_recipient_from_outside,
reject_unauth_destination, reject_invalid_hostname,
reject_non_fqdn_sender, reject_unknown_sender_domain,
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = check_sender_access
hash:/etc/postfix/custom_restrictions/denied_sender
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/postfix/certs/mail/cert.combine.crt
smtpd_tls_exclude_ciphers = aNULL, eNULL, DES, 3DES, MD5, DES+MD5, RC4
smtpd_tls_key_file = /etc/postfix/certs/mail/privkey1.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_use_tls = yes
spamassassin_destination_recipient_limit = 1
submission_client_checks = check_client_access
hash:/etc/postfix/custom_restrictions/submission_client_checks
tls_preempt_cipherlist = yes
transport_maps = proxy:mysql:/etc/postfix/virtual/transport.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/virtual/alias.cf,
proxy:mysql:/etc/postfix/virtual/mail_distributor.cf
virtual_gid_maps = proxy:mysql:/etc/postfix/virtual/virtual_gid_maps.cf
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/virtual/virtual_domains.cf
virtual_mailbox_limit = 41943040
virtual_mailbox_lock = dotlock
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/virtual/virtual_mail_box.cf
virtual_maps =
virtual_minimum_uid = 10000
virtual_uid_maps = proxy:mysql:/etc/postfix/virtual/virtual_uid_maps.cf
yaa_destination_recipient_limit = 1
--master.cf--
192.168.73.200:25 inet n - y - - smtpd
-o content_filter=spamassassin
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_recipient_restrictions=
-o smtpd_client_restrictions=$submission_client_checks
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
yaa unix - n n - - pipe flags=DR
user=yaa argv=/usr/local/sbin/yaa.pl
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/bin/policyd-spf
spamassassin unix - n n - - pipe
user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f
${sender} ${recipient}
-- end of postfinger output --
Apr 22 13:52:19 SpamAssassin postfix/smtpd[16018]: connect from
unknown[192.168.73.165]
Apr 22 13:52:21 SpamAssassin postfix/smtpd[16018]: 68E7220EC6:
client=unknown[192.168.73.165]
Apr 22 13:52:21 SpamAssassin postfix/cleanup[16022]: 68E7220EC6:
message-id=<20220422115221.68E7220EC6@mail>
Apr 22 13:52:21 SpamAssassin postfix/qmgr[15976]: 68E7220EC6:
from=<sender>, size=319, nrcpt=2 (queue active)
Apr 22 13:52:21 SpamAssassin spamd[15738]: spamd: connection from ::1
[::1]:44194 to port 783, fd 5
Apr 22 13:52:21 SpamAssassin spamd[15738]: spamd: setuid to debian-spamd
succeeded
Apr 22 13:52:21 SpamAssassin spamd[15738]: spamd: processing message
<20220422115221.68E7220EC6@mail> for debian-spamd:108
Apr 22 13:52:21 SpamAssassin spamd[15739]: spamd: connection from ::1
[::1]:44196 to port 783, fd 5
Apr 22 13:52:21 SpamAssassin spamd[15739]: spamd: setuid to debian-spamd
succeeded
Apr 22 13:52:21 SpamAssassin spamd[15739]: spamd: processing message
<20220422115221.68E7220EC6@mail> for debian-spamd:108
Apr 22 13:52:21 SpamAssassin spamd[15738]: spamd: clean message
(2.0/5.0) for debian-spamd:108 in 0.1 seconds, 311 bytes.
Apr 22 13:52:21 SpamAssassin spamd[15738]: spamd: result: . 1 -
ALL_TRUSTED,MISSING_HEADERS,MISSING_SUBJECT
scantime=0.1,size=311,user=debian-spamd,uid=108,required_score=5.0,rhost=::1,raddr=::1,rport=44194,mid=<20220422115221.68E7220EC6@mail>,autolearn=no
autolearn_force=no
Apr 22 13:52:21 SpamAssassin spamd[15739]: spamd: clean message
(2.0/5.0) for debian-spamd:108 in 0.1 seconds, 311 bytes.
Apr 22 13:52:21 SpamAssassin spamd[15739]: spamd: result: . 1 -
ALL_TRUSTED,MISSING_HEADERS,MISSING_SUBJECT
scantime=0.1,size=311,user=debian-spamd,uid=108,required_score=5.0,rhost=::1,raddr=::1,rport=44196,mid=<20220422115221.68E7220EC6@mail>,autolearn=no
autolearn_force=no
Apr 22 13:52:21 SpamAssassin postfix/pipe[16023]: 68E7220EC6:
to=<recipient>, orig_to=<alias>, relay=spamassassin, delay=0.17,
delays=0.03/0.01/0/0.13, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Apr 22 13:52:21 SpamAssassin postfix/pickup[15975]: 8F63A20ECF: uid=108
from=<sender>
Apr 22 13:52:21 SpamAssassin postfix/cleanup[16022]: 8F63A20ECF:
message-id=<20220422115221.68E7220EC6@mail>
Apr 22 13:52:21 SpamAssassin postfix/qmgr[15976]: 8F63A20ECF:
from=<sender>, size=680, nrcpt=2 (queue active)
Apr 22 13:52:21 SpamAssassin postfix/pickup[15975]: 9912420ED4: uid=108
from=<sender>
Apr 22 13:52:21 SpamAssassin postfix/cleanup[16022]: 9912420ED4:
message-id=<20220422115221.68E7220EC6@mail>
Apr 22 13:52:21 SpamAssassin postfix/pipe[16024]: 68E7220EC6:
to=<forward>, orig_to=<alias>, relay=spamassassin, delay=0.22,
delays=0.03/0.03/0/0.15, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Apr 22 13:52:21 SpamAssassin postfix/qmgr[15976]: 68E7220EC6: removed
Apr 22 13:52:21 SpamAssassin postfix/qmgr[15976]: 9912420ED4:
from=<sender>, size=680, nrcpt=1 (queue active)
Apr 22 13:52:21 SpamAssassin postfix/virtual[16031]: 8F63A20ECF:
to=<recipient>, relay=virtual, delay=0.09, delays=0.03/0.06/0/0.01,
dsn=2.0.0, status=sent (delivered to maildir)
Apr 22 13:52:21 SpamAssassin spamd[15737]: prefork: child states: IB
Apr 22 13:52:21 SpamAssassin spamd[15737]: prefork: child states: II
Apr 22 13:52:22 SpamAssassin postfix/smtp[16032]: 8F63A20ECF:
to=<forward>, orig_to=<recipient>, relay=forward-host[IP]:25,
delay=0.47, delays=0.03/0.09/0.18/0.18, dsn=2.0.0, status=sent (250
2.0.0 Ok: queued as E290814011C)
Apr 22 13:52:22 SpamAssassin postfix/qmgr[15976]: 8F63A20ECF: removed
Apr 22 13:52:23 SpamAssassin postfix/smtpd[16018]: disconnect from
unknown[192.168.73.165] mail=1 rcpt=1 data=1 commands=3
Apr 22 13:52:23 SpamAssassin postfix/smtp[16032]: 9912420ED4:
to=<forward>, relay=forward-host[IP]:25, delay=1.7,
delays=0.02/1.4/0.11/0.15, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued
as 31CA214011C)
Apr 22 13:52:23 SpamAssassin postfix/qmgr[15976]: 9912420ED4: removed
