Am 2013-01-28 08:21, schrieb Patrick Ben Koetter:
* [email protected] <[email protected]>:
>You have a Postfix smtpd server listening on 10026 AND you tell
amavis to
>listen on 10026 too? I doubt this will work. Did you tell amavis to
bind to
>port 10026?
No, not all. I have :
/etc/amavisd.conf =
$inet_socket_port = 10024;
That's part of your problem.
By default all traffic, regardless where it comes from (external,
internal)
and goes to (external, internal) is handled by the same amavis
filtering policy.
You want to treat some senders different. ATM you want to identify
them by
their sender address (which is not a good method, because it can be
faked
easily. But that's something we may address later).
So you need to create a special context within that amavis will apply
different filtering rules.
The way to create special contexts in amavis is to define
policy_banks. Within
a policy bank you may apply special, non-default settings; default
settings
from amavis default context will remain unchanged.
You've created a policy_bank and called it ORIGINATING.
Then you told amavis to route all traffic, that enters amavis on port
10026 to
its ORIGINATING policy bank.
So far so good. So what is missing at the moment?
You haven't told amavis yet to _listen_ on port 10026. A
configuration that
tells amavis to listen on 10024 AND 10026 goes like this:
$inet_socket_port = [10024,10026];
from an mail before:
i have this in my <<<master.cf>>>
127.0.0.1:10026 inet n - n - - smtpd
-o content_filter=
-o local_header_rewrite_clients=
-o local_recipient_maps=
-o mynetworks=127.0.0.0/8
-o mynetworks_style=host
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o relay_recipient_maps=
-o smtp_send_xforward_command=yes
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_delay_reject=no
-o smtpd_end_of_data_restrictions=
-o smtpd_error_sleep_time=0
-o smtpd_hard_error_limit=1000
-o smtpd_helo_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_restriction_classes=
-o smtpd_sender_restrictions=
-o smtpd_soft_error_limit=1001
-o strict_rfc821_envelopes=yes
and this in the amavid.conf:
$notify_method = 'smtp:[127.0.0.1]:10026';
$forward_method = 'smtp:[127.0.0.1]:10025';
so when i do like u suggested:
$inet_socket_port = [10024,10026];
i get in logs :
Feb 5 21:57:53 mail amavis[15917]: starting. /usr/sbin/amavisd at
mail.zbfmail.de amavisd-new-2.7.2 (20120629), Unicode aware,
LANG="en_GB.utf8"
Feb 5 21:57:53 mail amavis[15918]: (!)Net::Server: 2013/02/05-21:57:53
Can't connect to TCP port 10026 on 127.0.0.1 [Address already in use]\n
at line 67 in file
/usr/lib64/perl5/vendor_perl/5.12.4/Net/Server/Proto/TCP.pm
cause postfix already listens on 10026.
do i just have to follow your link that my own domain on sending is
skipped checking for banned content?
or do i have to change the
<http://www.ijs.si/software/amavisd/README.postfix.html#filter_by_sender>
marko
Use 'lsof -Pni | grep amavis' after you reloaded amavis to verify it
listens
on both ports.
Once you have this set up, amavis will be ready to apply different
filtering
rules.
Now if you use Postfix to feed amavis with messages, you need to tell
Postfix
to route messages for specific senders to port 10026. This link
should explain
how to do it:
<http://www.ijs.si/software/amavisd/README.postfix.html#filter_by_sender>
p@rick
