View Single Post
  #1   (View Single Post)  
Old 26th October 2008
cajunman4life cajunman4life is offline
Real Name: Aaron Graves
Package Pilot
 
Join Date: May 2008
Location: Coolidge, Arizona
Posts: 203
Default Recent problems with Postfix

I've been having a problem that's been a bit perplexing to me. Over
the last few weeks, it seems that postfix-policyd-weight and postgrey
have not been processing messages, even though I should have postfix
set up properly to do so. As such, I've seen a marked increase in spam
that's getting through. I'll be happy to answer any questions and
provide as much information as I can to get this problem resolved. The
only thing I can think of is a few months ago I upgraded postfix,
first from 2.5.1_2 to 2.5.4,1 (Aug 22nd) then to 2.5.5,1 (Oct 6th). I
also updated postgrey from 1.31 to 1.32 on Aug 26th. I have not
updated postfix-policyd-weight (no updates available since installed
in April). I'm using FreeBSD. There have been no other changes that
I'm aware of. I've rolled back Postfix to 2.5.1_2 and postgrey to 1.31
(both versions were known to work) and it still appears that it wasn't
working. Below are a few bits of (hopefully) important information:

uname -r
7.0-RELEASE-p5

smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
permit_mx_backup,
reject_unauth_pipelining,
reject_unauth_destination,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unverified_recipient,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
check_policy_service inet:127.0.0.1:60001,
check_policy_service inet:127.0.0.1:10023,
permit

From what I can tell the RBL lookups are not taking place either. The
prior reject_* rules appear to be working:

Oct 25 02:54:13 fb1 postfix/smtpd[1862]: NOQUEUE: reject: RCPT from
ip-88-199-176-164.tczew.net.pl[88.199.176.164]: 504 5.5.2
<xyz-2sggsf7qwk1>: Helo command rejected: need fully-qualified
hostname; from=<fsdxtxi@bos.mcd.mot.com> to=<<email removed>>
proto=ESMTP helo=<xyz-2sggsf7qwk1>

I'm completely baffled by this. I can verify that the proper services
are running on their respective ports:
postgrey perl5.8.8 698 5 tcp4 127.0.0.1:10023 *:*
polw perl5.8.8 758 4 tcp4 127.0.0.1:60001 *:*

Any help would be grealy appreciated. Let me know if you need any more
details/configuration information. Thanks for any help you can provide.
__________________
I just saved a bunch of money on my car insurance by fleeing the scene of the accident!
Reply With Quote