Re: First Insallation, Bouncing Emails

2011-10-22 Thread Bastian Blank 
On Fri, Oct 21, 2011 at 04:39:28PM +0200, Reindl Harald wrote:
> i bet this is a debian system and your postfix is chrooted
> "-" and "y" in this column is yes - change it to n and if i am
> right complain debian why these dumb maintainers do not stop
> their chroot-default which leads to trouble most of time

Can you please explain how syntax errors within the never chrooted
proxymap daemon can be caused by a chroot setup? And please stop calling
people "dumb" just because you don't conform with their decisions.

Bastian

-- 
Immortality consists largely of boredom.
-- Zefrem Cochrane, "Metamorphosis", stardate 3219.8

Re: First Insallation, Bouncing Emails

2011-10-22 Thread Bastian Blank 
On Fri, Oct 21, 2011 at 05:16:04PM -0400, beno - wrote:
> Oct 21 08:20:44 example postfix/smtpd[23702]: connect from
> host.peakskillmediacenters.com[50.7.6.219]
> Oct 21 08:20:45 example postfix/smtpd[23702]: NOQUEUE: reject: RCPT from
> host.peakskillmediacenters.com[50.7.6.219]: 554 5.7.1 <
> ddejo...@dejonghgroup.com>: Relay access denied; from=
> to= proto=ESMTP helo=
> Oct 21 08:20:45 example postfix/smtpd[23702]: too many errors after RCPT
> from host.peakskillmediacenters.com[50.7.6.219]

Is this server in stress mode?

> Looks like the same problem over and over again. Please advise. Will be
> offline for a few hours.

You should kill the complete config and start over. You don't understand
what it does. And use the _postfix_ documentation, which you can reach
via http://www.postfix.org/documentation.html.

Bastian

-- 
You're dead, Jim.
-- McCoy, "Amok Time", stardate 3372.7

Re: First Insallation, Bouncing Emails

2011-10-22 Thread Reindl Harald 


Am 22.10.2011 11:50, schrieb Bastian Blank:
> On Fri, Oct 21, 2011 at 04:39:28PM +0200, Reindl Harald wrote:
>> i bet this is a debian system and your postfix is chrooted
>> "-" and "y" in this column is yes - change it to n and if i am
>> right complain debian why these dumb maintainers do not stop
>> their chroot-default which leads to trouble most of time
> 
> Can you please explain how syntax errors within the never chrooted
> proxymap daemon can be caused by a chroot setup? 

if people start posting random logs without configurations and there
are "no such file or directory" messages i guess chroot is active

my answer is the result of posting without thinking a second becuase
if someone spits random logparts in his message it happens that the
only interesting ine with the mysql-syntax-error get overlooked

http://www.postfix.org/DEBUG_README.html
and no this instructions would not be needed if people start thinking
what informations someone needs if he want to help!

>>> Oct 20 10:13:15 example postfix/smtpd[30152]: warning: TLS library problem: 
>>> 30152:error:02001002:system
>>> library:fopen:No such file or 
>>> directory:bss_file.c:122:fopen('/etc/pki/tls/certs/cert.pem','r'):

> And please stop calling people "dumb" just because you don't conform with 
> their decisions

if people are dumb i call them dumb and the maintainers of debilian are dumb

what valid reason is there to be the only distribution using 
non-upstream-defaults
which are the reason for "hep me psotfix does not work" the most time on this 
list?



signature.asc
Description: OpenPGP digital signature

Dead destination

2011-10-22 Thread Dilip Mishra // Viva 
There are some destinations, which have undefined rate limits. I know that
postfix marks the destinations as dead after a particular number of
failures. My question is how is this value defined, and when does it retry a
dead destination?

Also, does connection caching come to picture, if destination rate delay is
defined?

Re: Dead destination

2011-10-22 Thread Wietse Venema 
Dilip Mishra // Viva:
> There are some destinations, which have undefined rate limits. I know that
> postfix marks the destinations as dead after a particular number of
> failures. My question is how is this value defined, and when does it retry a
> dead destination?

http://www.postfix.org/TUNING_README.html

> Also, does connection caching come to picture, if destination rate delay is
> defined?

http://www.postfix.org/CONNECTION_CACHE_README.html

http://www.postfix.org/postconf.5.html#default_destination_rate_delay
has a comment on transport_destination_concurrency_failed_cohort_limit
and how to avoid destination death after a single delivery failure.

If the documentation is ambiguous or wrong, please file a bug report.

Wietse

Re: Dead destination

2011-10-22 Thread Wietse Venema 
Wietse Venema:
> Dilip Mishra // Viva:
> > There are some destinations, which have undefined rate limits. I know that
> > postfix marks the destinations as dead after a particular number of
> > failures. My question is how is this value defined, and when does it retry a
> > dead destination?
> 
> http://www.postfix.org/TUNING_README.html
> 
> > Also, does connection caching come to picture, if destination rate delay is
> > defined?
> 
> http://www.postfix.org/CONNECTION_CACHE_README.html
> 
> http://www.postfix.org/postconf.5.html#default_destination_rate_delay
> has a comment on transport_destination_concurrency_failed_cohort_limit
> and how to avoid destination death after a single delivery failure.

I've added this parameter to TUNING_README.html, which was written
five years before the parameter was introduced.

Wietse

> If the documentation is ambiguous or wrong, please file a bug report.
> 
>   Wietse
>

Re: First Insallation, Bouncing Emails

2011-10-22 Thread Jack Meagain 


From: Reindl Harald 
To: postfix-users@postfix.org
Sent: Saturday, October 22, 2011 6:06 AM
Subject: Re: First Insallation, Bouncing Emails

I am still getting the following errors:

Oct 22 07:26:28 13gems dovecot: pop3-login: Disconnected (tried to use disabled 
plaintext auth): rip=66.248.165.32, lip=209.216.9.56
Oct 22 07:26:41 13gems postfix/smtpd[1263]: connect from unknown[66.248.165.32]
Oct 22 07:26:41 13gems postfix/smtpd[1263]: lost connection after EHLO from 
unknown[66.248.165.32]
Oct 22 07:26:41 13gems postfix/smtpd[1263]: disconnect from 
unknown[66.248.165.32]
Oct 22 07:27:31 13gems dovecot: pop3-login: Disconnected (no auth attempts): 
rip=66.248.165.32, lip=209.216.9.56
Oct 22 07:27:51 13gems postfix/smtpd[1263]: connect from unknown[66.248.165.32]
Oct 22 07:27:51 13gems postfix/smtpd[1263]: lost connection after EHLO from 
unknown[66.248.165.32]
Oct 22
 07:27:51 13gems postfix/smtpd[1263]: disconnect from unknown[66.248.165.32]
Oct 22 07:28:51 13gems postfix/smtpd[1263]: connect from unknown[66.248.165.32]
Oct 22 07:28:51 13gems postfix/smtpd[1263]: lost connection after EHLO from 
unknown[66.248.165.32]
Oct 22 07:28:51 13gems postfix/smtpd[1263]: disconnect from 
unknown[66.248.165.32]
Oct 22 07:29:51 13gems postfix/smtpd[1263]: connect from unknown[66.248.165.32]
Oct 22 07:29:51 13gems postfix/smtpd[1263]: lost connection after EHLO from 
unknown[66.248.165.32]
Oct 22 07:29:51 13gems postfix/smtpd[1263]: disconnect from 
unknown[66.248.165.32]
Oct 22 07:30:31 13gems postfix/smtpd[1263]: connect from 
outbound5.eb.emediausa.com[184.106.21.203]
Oct 22 07:30:32 13gems postfix/smtpd[1263]: NOQUEUE: reject: RCPT from 
outbound5.eb.emediausa.com[184.106.21.203]: 554 5.7.1 
: Relay access denied; 
from=
 to= proto=ESMTP helo=
Oct 22 07:30:33 13gems postfix/anvil[30239]: statistics: max connection rate 
1/60s for (smtp:69.171.232.147) at Oct 22 07:20:52
Oct 22 07:30:33 13gems postfix/anvil[30239]: statistics: max connection count 1 
for (smtp:69.171.232.147) at Oct 22 07:20:52
Oct 22 07:30:33 13gems postfix/anvil[30239]: statistics: max cache size 2 at 
Oct 22 07:21:01

I don't know how to add pertinent user/domain data to my mysql tables. I'm 
going to look at the postfixadmin php files to try and figure out how to

Postfix, Sasl & Pam

2011-10-22 Thread Jack Fredrikson 
Hi;
I get this error:
dovecot: pop3-login: Disconnected (no auth attempts): rip
In googling this, it indicated that the problem might be in postfix. So I poked 
around and became puzzled as to how postfix discovers my 
/etc/postfix/sasl/sasl.conf file, since it's not referenced in main.cf. Please 
advise.
TIA,
Jack

Re: Postfix, Sasl & Pam

2011-10-22 Thread Robert Schetterer 
Am 22.10.2011 22:11, schrieb Jack Fredrikson:
> Hi;
> I get this error:
> dovecot: pop3-login: Disconnected (no auth attempts): rip
> In googling this, it indicated that the problem might be in postfix. So
> I poked around and became puzzled as to how postfix discovers my
> /etc/postfix/sasl/sasl.conf file, since it's not referenced in main.cf.
> Please advise.
> TIA,
> Jack

is this debian/ubuntu ?
this is sometimes little problematic at defaults ,chroot etc, any logs,
please show ?
there are help files online , try search google
sorry few are current off
perhaps look
http://www.howtoforge.com/ubuntu-postfix-saslauthd-sasl-authentication-failure-cannot-connect-to-saslauthd-server-permission-denied

perhaps this helps

--snip
Solution

Add the postfix user to the sasl group (this makes sure that Postfix has
the permission to access saslauthd):
--snip

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: Postfix, Sasl & Pam

2011-10-22 Thread Patrick Ben Koetter 
* Jack Fredrikson :
> Hi;
> I get this error:
> dovecot: pop3-login: Disconnected (no auth attempts): rip
> In googling this, it indicated that the problem might be in postfix. So I
> poked around and became puzzled as to how postfix discovers my
> /etc/postfix/sasl/sasl.conf file, since it's not referenced in main.cf.

/etc/postfix/sasl/sasl.conf is wrong. It must be /etc/postfix/sasl/smtpd.conf
if you use Debian/Ubuntu.

For more help please follow the Postfix Debug instructions.

p@rick

-- 
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.

saslfinger (debugging SMTP AUTH):

Re: Postfix, Sasl & Pam

2011-10-22 Thread Robert Schetterer 
Am 22.10.2011 22:44, schrieb Patrick Ben Koetter:
> * Jack Fredrikson :
>> Hi;
>> I get this error:
>> dovecot: pop3-login: Disconnected (no auth attempts): rip
>> In googling this, it indicated that the problem might be in postfix. So I
>> poked around and became puzzled as to how postfix discovers my
>> /etc/postfix/sasl/sasl.conf file, since it's not referenced in main.cf.
> 
> /etc/postfix/sasl/sasl.conf is wrong. It must be /etc/postfix/sasl/smtpd.conf

jep

> if you use Debian/Ubuntu.
> 
> For more help please follow the Postfix Debug instructions.
> 
> p@rick
> 

here is another link for special dovecot/postfix ubuntu

https://help.ubuntu.com/community/PostfixDovecotSASL


-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: Dead destination

2011-10-22 Thread Ralf Hildebrandt 
* Dilip Mishra // Viva :
> There are some destinations, which have undefined rate limits. I know that
> postfix marks the destinations as dead after a particular number of
> failures. My question is how is this value defined, and when does it retry a
> dead destination?

maximal_backoff_time = 4000s
minimal_backoff_time = 300s

The backoff time is increased with each unsuccessful attempt.

> Also, does connection caching come to picture, if destination rate delay is
> defined?

I don't understand the question.

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebra...@charite.de | http://www.charite.de

Re: Postfix, Sasl & Pam

2011-10-22 Thread Jack Fredrikson 


From: Robert Schetterer 
To: postfix-users@postfix.org
Sent: Saturday, October 22, 2011 4:32 PM
Subject: Re: Postfix, Sasl & Pam

First up, my bad. The conf file is:
/etc/postfix/sasl/smtp.conf

> is this debian/ubuntu ?

No. CentOS

> this is sometimes little problematic at defaults ,chroot etc, any logs,
> please show ?

Defaults? Snippet from main.cf further down.
Chroot? As in a chroot jail? No.
Logs:

Oct 22 14:32:16 example spamd[5847]: spamd: processing message 
<4oz1cemc4camruebaadufq0a4m.mc.1319319132...@oms09.hw-media.com> for 
spamfilter:516
Oct 22 14:32:16 example postfix/smtpd[8093]: disconnect from 
hw-media.com[205.162.42.27]
Oct 22 14:32:18 example spamd[8127]: util: failed to spawn a process 
"/usr/local/bin/dccproc, -H, -x, 0, -a, 205.162.42.27": error closing STDERR: 
Inappropriate ioctl for device at 
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line 1517,  
line 277. at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line 
1438,  line 277.
Oct 22 14:32:18 example spamd[5847]: dcc: [8127] finished: exit 6
Oct 22 14:32:18 example spamd[5847]: dcc: check failed: failed to read header
Oct 22 14:32:18 example spamd[5847]: razor2: razor2 check failed: Permission 
denied razor2: Can't read conf file: /var/spool/amavisd/razor-agent.conf at 
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Razor2.pm line 330, 
 line 277.
Oct 22 14:32:18 example spamd[8128]: util: failed to spawn a process 
"/usr/bin/pyzor, check": error closing STDERR: Inappropriate ioctl for device 
at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line 1517, 
 line 277. at 
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line 1438,  
line 277.
Oct 22 14:32:18 example spamd[5847]: pyzor: [8128] error: exit 6
Oct 22 14:32:18 example spamd[5847]: spamd: clean message (0.6/5.0) for 
spamfilter:516 in 1.9 seconds, 21590 bytes.
Oct 22 14:32:18 example spamd[5847]: spamd: result: . 0 - 
HTML_MESSAGE,MIME_HTML_ONLY,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS,T_DKIM_INVALID
 
scantime=1.9,size=21590,user=spamfilter,uid=516,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=47128,mid=<4oz1cemc4camruebaadufq0a4m.mc.1319319132...@oms09.hw-media.com>,autolearn=no
Oct 22 14:32:18 example postfix/pipe[8122]: ABA23579012F: 
to=, relay=spamfilter, delay=5.4, 
delays=3.3/0.01/0/2.2, dsn=2.0.0, status=sent (delivered via spamfilter service)
Oct 22 14:32:18 example postfix/qmgr[8098]: ABA23579012F: removed
Oct 22 14:32:18 example postfix/pickup[8109]: 815F35790152: uid=516 
from=
Oct 22 14:32:18 example spamd[5505]: prefork: child states: II
Oct 22 14:32:18 example postfix/cleanup[8121]: 815F35790152: 
message-id=<4oz1cemc4camruebaadufq0a4m.mc.1319319132...@oms09.hw-media.com>
Oct 22 14:32:18 example postfix/qmgr[8098]: 815F35790152: 
from=, size=22279, nrcpt=1 (queue active)
Oct 22 14:32:18 example postfix/qmgr[8098]: warning: connect to transport 
private/spamassassin: No such file or directory
Oct 22 14:32:18 example postfix/error[8129]: 815F35790152: 
to=, relay=none, delay=2.4, delays=2.3/0.03/0/0.04, 
dsn=4.3.0, status=deferred (mail transport unavailable)
Oct 22 14:32:20 example dovecot: pop3-login: Disconnected (tried to use 
disabled plaintext auth): rip=209.85.212.34, lip=209.216.9.56
Oct 22 14:32:51 example postfix/smtpd[8094]: connect from unknown[66.248.165.32]
Oct 22 14:32:51 example postfix/smtpd[8094]: lost connection after EHLO from 
unknown[66.248.165.32]
Oct 22 14:32:51 example postfix/smtpd[8094]: disconnect from 
unknown[66.248.165.32]
Oct 22 14:33:06 example postfix/smtp[8134]: fatal: specify a password table via 
the `smtp_sasl_password_maps' configuration parameter
Oct 22 14:33:07 example postfix/master[30192]: warning: process 
/usr/libexec/postfix/smtp pid 8134 exit status 1
Oct 22 14:33:07 example postfix/master[30192]: warning: 
/usr/libexec/postfix/smtp: bad command startup -- throttling
Oct 22 14:34:07 example postfix/smtp[8138]: fatal: specify a password table via 
the `smtp_sasl_password_maps' configuration parameter
Oct 22 14:34:08 example postfix/master[30192]: warning: process 
/usr/libexec/postfix/smtp pid 8138 exit status 1
Oct 22 14:34:08 example postfix/master[30192]: warning: 
/usr/libexec/postfix/smtp: bad command startup -- throttling
Oct 22 14:34:11 example postfix/smtpd[8094]: connect from unknown[66.248.165.32]
Oct 22 14:34:11 example postfix/smtpd[8094]: lost connection after EHLO from 
unknown[66.248.165.32]
Oct 22 14:34:11 example postfix/smtpd[8094]: disconnect from 
unknown[66.248.165.32]
Oct 22 14:34:14 example postfix/smtpd[8094]: connect from 
vip.inhe.net[61.55.136.27]
Oct 22 14:34:15 example postfix/smtpd[8094]: NOQUEUE: reject_warning: RCPT from 
vip.inhe.net[61.55.136.27]: 450 4.7.1 Service unavailable; Sender address 
[zhan...@vip.inhe.net] blocked using abuse.rfc-ignorant.org; Not supporting 
abuse@domain; from= 
to= proto=ESMTP helo=
Oct 22 14:34:15 example postfix/

Re: Postfix, Sasl & Pam

2011-10-22 Thread Ned Slider 

On 22/10/11 22:36, Jack Fredrikson wrote:



Add the postfix user to the sasl group (this makes sure that Postfix has
the permission to access saslauthd):


[root@example jack]# ls -al /usr/sbin/saslauthd
-rwxr-xr-x 1 root root 83848 Mar 17  2010 /usr/sbin/saslauthd
[root@example jack]# ls -al /etc/rc.d/init.d/saslauthd
-rwxr-xr-x 1 root root 1676 Mar 17  2010 /etc/rc.d/init.d/saslauthd

So I'm presuming root access is necessary. I discovered while googling earlier 
that postfix gets authorization to run saslauthd through /etc/shadow, but where 
is this? How to set it up?



But you're not using cyrus sasl, you're using dovecot:


Here's a snippet from my main.cf file:




smtpd_sasl_type = dovecot


As you're using CentOS, try the Postfix SASL guide on the CentOS wiki:

http://wiki.centos.org/HowTos/postfix_sasl

Re: Postfix, Sasl & Pam

2011-10-22 Thread /dev/rob0 
On Saturday 22 October 2011 15:44:50 Patrick Ben Koetter wrote:
> * Jack Fredrikson :
> > Hi;
> > I get this error:
> > dovecot: pop3-login: Disconnected (no auth attempts): rip
> > In googling this, it indicated that the problem might be in
> > postfix. So I poked around and became puzzled as to how postfix
> > discovers my /etc/postfix/sasl/sasl.conf file, since it's not
> > referenced in main.cf.
> 
> /etc/postfix/sasl/sasl.conf is wrong. It must be
> /etc/postfix/sasl/smtpd.conf if you use Debian/Ubuntu.

But again, not used for Dovecot SASL.

> For more help please follow the Postfix Debug instructions.

http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
(or, as it says, wiki1 for Dovecot 1.x)
http://www.postfix.org/SASL_README.html#server_dovecot
-- 
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header

Re: Postfix, Sasl & Pam

2011-10-22 Thread Jack Fredrikson 
From: /dev/rob0 
To: postfix-users@postfix.org
Sent: Saturday, October 22, 2011 6:57 PM
Subject: Re: Postfix, Sasl & Pam

> http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
> (or, as it says, wiki1 for Dovecot 1.x)
> http://www.postfix.org/SASL_README.html#server_dovecot


Do I really want to create a chroot jail? That's what that first link at any 
rate is teaching.

I set up my files as per the link the other fellow's suggestion:
http://wiki.centos.org/HowTos/postfix_sasl

and I still get errors:

Oct 22 16:51:06 example spamd[5847]: razor2: razor2 check failed: Permission 
denied razor2: Can't read conf file: /var/spool/amavisd/razor-agent.conf at 
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Razor2.pm line 330, 
 line 157. 
Oct 22 16:51:07 example spamd[12042]: util: failed to spawn a process 
"/usr/bin/pyzor, check": error closing STDERR: Inappropriate ioctl for device 
at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line 1517, 
 line 157. at 
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line 1438,  
line 157. 
Oct 22 16:51:07 example spamd[5847]: pyzor: [12042] error: exit 6 
Oct 22 16:51:07 example spamd[5847]: spamd: identified spam (21.7/5.0) for 
spamfilter:516 in 1.5 seconds, 5786 bytes. 
Oct 22 16:51:07 example spamd[5847]: spamd: result: Y 21 - 
DYN_RDNS_SHORT_HELO_HTML,FSL_HELO_NON_FQDN_1,HELO_NO_DOMAIN,HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PBL,RCVD_IN_RP_RNBL,RCVD_IN_SORBS_WEB,RCVD_IN_XBL,RDNS_DYNAMIC,URIBL_AB_SURBL,URIBL_BLACK,URIBL_DBL_SPAM,URIBL_JP_SURBL,URIBL_SBL,URIBL_WS_SURBL
 
scantime=1.5,size=5786,user=spamfilter,uid=516,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=55681,mid=<003601cc911d$da0806e0$8e1814a0$@org>,autolearn=spam 
Oct 22 16:51:07 example postfix/pipe[12035]: 726F35790169: 
to=, relay=spamfilter, delay=2.6, 
delays=0.85/0.01/0/1.8, dsn=2.0.0, status=sent (delivered via spamfilter 
service)
Oct 22 16:51:07 example postfix/qmgr[11692]: 726F35790169: removed
Oct 22 16:51:07 example postfix/pickup[11707]: C2F705790169: uid=516 
from=
Oct 22 16:51:08 example spamd[5505]: prefork: child states: II 
Oct 22 16:51:08 example postfix/cleanup[12034]: C2F705790169: 
message-id=<003601cc911d$da0806e0$8e1814a0$@org>
Oct 22 16:51:08 example postfix/qmgr[11692]: C2F705790169: 
from=, size=10373, nrcpt=1 (queue active)
Oct 22 16:51:08 example postfix/pipe[12021]: C2F705790169: 
to=, relay=dovecot, delay=2.1, delays=2/0.01/0/0.08, 
dsn=4.3.0, status=deferred (temporary failure. Command output: doveconf: 
Warning: NOTE: You can get a new clean config file with: doveconf -n > 
dovecot-new.conf doveconf: Warning: Obsolete setting in 
/usr/local/etc/dovecot/dovecot.conf:5: imap_client_workarounds=outlook-idle is 
no longer necessary doveconf: Warning: Obsolete setting in 
/usr/local/etc/dovecot/dovecot.conf:17: add auth_ prefix to all settings inside 
auth {} and remove the auth {} section completely doveconf: Warning: Obsolete 
setting in /usr/local/etc/dovecot/dovecot.conf:19: passdb pam {} has been 
replaced by passdb { driver=pam } doveconf: Warning: Obsolete setting in 
/usr/local/etc/dovecot/dovecot.conf:21: userdb passwd {} has been replaced by 
userdb { driver=passwd } doveconf: Warning: Obsolete setting in 
/usr/local/etc/dovecot/dovecot.conf:23:
 auth_user has been replaced by service auth { user } doveconf:

I googled that razor2 error and looked through lots of results which were of no 
help. I have yet to check out the ioctl error but it's time for bed ;) The 
"status=deferred (temporary failure... is frustrating but that's obviously a 
dovecot issue.
TIA,
Jack

Re: Postfix, Sasl & Pam

2011-10-22 Thread Benny Pedersen 

On Sat, 22 Oct 2011 13:11:36 -0700 (PDT), Jack Fredrikson wrote:

/etc/postfix/sasl/sasl.conf file, since it's not referenced in
main.cf. Please advise.


postconf -d vs postconf -n ?

Re: Postfix, Sasl & Pam

2011-10-22 Thread /dev/rob0 
On Saturday 22 October 2011 18:56:18 Jack Fredrikson wrote:
> From: /dev/rob0 
> > http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
> > (or, as it says, wiki1 for Dovecot 1.x)
> > http://www.postfix.org/SASL_README.html#server_dovecot
> 
> Do I really want to create a chroot jail? That's what that first
> link at any rate is teaching.

Hmm, you must be reading something there that I missed. No, I don't 
recommend chroot unless/until it makes sense for you. But you can put 
your socket at /var/spool/postfix/private/auth as it says. 
"smtpd_sasl_path = private/auth" works whether or not chrooted, if 
it's the default spool_directory, of course. That is the only 
reference made to chroot, not a recommendation either way.

> I set up my files as per the link the other fellow's suggestion:
> http://wiki.centos.org/HowTos/postfix_sasl
> 
> and I still get errors:
> 
> Oct 22 16:51:06 example spamd[5847]: razor2: razor2 check failed:
> Permission denied razor2: Can't read conf file:
> /var/spool/amavisd/razor-agent.conf at
> /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Razor2.p
> m line 330,  line 157.
> Oct 22 16:51:07 example spamd[12042]: util: failed to spawn a
> process "/usr/bin/pyzor, check": error closing STDERR:
> Inappropriate ioctl for device at
> /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line
> 1517,  line 157. at
> /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm line
> 1438,  line 157.
> Oct 22 16:51:07 example spamd[5847]: pyzor: [12042] error: exit 6
> Oct 22 16:51:07 example spamd[5847]: spamd: identified spam
> (21.7/5.0) for spamfilter:516 in 1.5 seconds, 5786 bytes.
> Oct 22 16:51:07 example spamd[5847]: spamd: result: Y 21 -
> DYN_RDNS_SHORT_HELO_HTML,FSL_HELO_NON_FQDN_1,HELO_NO_DOMAIN,
> HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_BRBL_LASTEXT,
> RCVD_IN_PBL,RCVD_IN_RP_RNBL,RCVD_IN_SORBS_WEB,RCVD_IN_XBL,
> RDNS_DYNAMIC,URIBL_AB_SURBL,URIBL_BLACK,URIBL_DBL_SPAM,
> URIBL_JP_SURBL,URIBL_SBL,URIBL_WS_SURBL scantime=1.5,size=5786,
> user=spamfilter,uid=516,required_score=5.0,rhost=
> localhost.localdomain,raddr=127.0.0.1,rport=55681,
> mid=<003601cc911d$da0806e0$8e1814a0$@org>,autolearn=spam

Off topic here, but you need to configure your content filter to do 
different tests for SASL authenticated submission as opposed to MX 
mail arriving on port 25. The DNSBL and HELO tests are not useful. 
URIBL and DBL tests, OTOH, are a good idea. How you managed to submit 
mail which was flagged as spam using the latter tests is possibly 
another cause for concern. :)

> Oct 22 16:51:07 example postfix/pipe[12035]: 726F35790169:
> to=, relay=spamfilter, delay=2.6,
> delays=0.85/0.01/0/1.8, dsn=2.0.0, status=sent (delivered via
> spamfilter service)
> Oct 22 16:51:07 example postfix/qmgr[11692]:726F35790169: removed
> Oct 22 16:51:07 example postfix/pickup[11707]: C2F705790169:
> uid=516 from=
> Oct 22 16:51:08 example spamd[5505]: prefork: child states: II
> Oct 22 16:51:08 example postfix/cleanup[12034]: C2F705790169:
> message-id=<003601cc911d$da0806e0$8e1814a0$@org>
> Oct 22 16:51:08 example postfix/qmgr[11692]: C2F705790169:
> from=, size=10373, nrcpt=1 (queue
> active)

This part worked, all except for your pipe(8) transport. I would 
recommend that you set things up with the standard Postfix delivery 
agents (local(8) and/or virtual(8)) first, before using pipe.

> Oct 22 16:51:08 example postfix/pipe[12021]: C2F705790169:
> to=, relay=dovecot, delay=2.1,
> delays=2/0.01/0/0.08, dsn=4.3.0, status=deferred (temporary
> failure. Command output: doveconf: Warning: NOTE: You can get a
snip

Apparently you used doveconf(1) rather than dovecot-lda(1). I'm sure 
the Dovecot documentation does not tell you to do this. :)

> I googled that razor2 error and looked through lots of results
> which were of no help. I have yet to check out the ioctl error but
> it's time for bed ;) The "status=deferred (temporary failure... is
> frustrating but that's obviously a dovecot issue.

I can't help with any of those except the latter, where again, you 
should get local and/or virtual working first, before trying with 
dovecot-lda/pipe or LMTP.
-- 
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header

Re: Postfix, Sasl & Pam

2011-10-22 Thread Patrick Ben Koetter 
* Jack Fredrikson :
> 
> 
> From: Robert Schetterer 
> To: postfix-users@postfix.org
> Sent: Saturday, October 22, 2011 4:32 PM
> Subject: Re: Postfix, Sasl & Pam
> 
> First up, my bad. The conf file is:
> /etc/postfix/sasl/smtp.conf

And that is wrong too. I suggest you either send debug output as requested by
the Postfix welcome message or documented here
.

SASL is complex, but a matter of minutes if you help us to help you.
Without debug information you waste everyones time.

> > http://www.howtoforge.com/ubuntu-postfix-saslauthd-sasl-authentication-failure-cannot-connect-to-saslauthd-server-permission-denied
> 
> Been through a bunch of them before emailing the list.

"And when I found out it wouldn't work I did it again ..."

p@rick


-- 
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.

saslfinger (debugging SMTP AUTH):