HI I installed postgrey. But I dont receive emails and have waited more than 6 hrs for resend. I have send from gmail as well as my home-ISP to my server.
I changed:
check_policy_service unix:/var/spool/postfix/postgrey/socketin the postfix config to
check_policy_service unix:postgrey/socketbut that didn't make a difference.
maillog:
May 24 18:41:39 sv01 postgrey[23791]: 2009/05/24-18:41:39 postgrey (type Net::Server::Multiplex) starting! pid(23791) May 24 18:41:39 sv01 postgrey[23791]: Binding to UNIX socket file /var/spool/postfix/postgrey/socket using SOCK_STREAM May 24 18:41:39 sv01 postgrey[23791]: Setting gid to "498 498" May 24 18:41:39 sv01 postgrey[23791]: Setting uid to "12" May 24 18:41:42 sv01 postfix/postfix-script: refreshing the Postfix mail system May 24 18:41:42 sv01 postfix/master[6791]: reload configuration /etc/postfix May 24 18:41:42 sv01 postfix/qmgr[23814]: warning: bounce_queue_lifetime is larger than maximal_queue_lifetime - adjusting bounce_queue_lifetimeI am supposed to see something like:
Dec 17 21:23:49 jessie postfix/smtpd[6714]: connect from mk-outboundfilter-4-a-1.mail.uk.tiscali.com[212.74.114.8] Dec 17 21:23:49 jessie postfix/smtpd[6714]: NOQUEUE: reject: RCPT from mk-outboundfilter-4-a-1.mail.uk.tiscali.com[212.74.114.8]: 450 4.2.0 <ned@example.com>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/example.com.html; from=<bob@example.com> to=<ned@example.com> proto=ESMTP helo=<mk-outboundfilter-4-a-1.mail.uk.tiscali.com> Dec 17 21:23:54 jessie postfix/smtpd[6714]: disconnect from mk-outboundfilter-4-a-1.mail.uk.tiscali.com[212.74.114.8]but I am getting:
May 24 18:43:10 sv01 postfix/smtpd[23844]: connect from mail-ew0-f175.google.com[209.85.219.175] May 24 18:43:10 sv01 postfix/smtpd[23844]: EC1A9D606D9: client=mail-ew0-f175.google.com[209.85.219.175] May 24 18:43:10 sv01 postfix/cleanup[23848]: EC1A9D606D9: message-id=<4A19791C.3060200@gmail.com> May 24 18:43:10 sv01 postfix/qmgr[23814]: EC1A9D606D9: from=<myaccount@gmail.com>, size=1961, nrcpt=1 (queue active) May 24 18:43:16 sv01 postfix/local[23849]: EC1A9D606D9: to=<info-domain.nl@sv01.myserver.nl>, orig_to=<info@domain.nl>, relay=local, delay=5.1, delays=0.04/0.01/0/5.1, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME) May 24 18:43:16 sv01 postfix/qmgr[23814]: EC1A9D606D9: removedwhich is a normal delivery without postgrey interfering. However I dont get the message in my box. This shows gmail but its the same for my home-isp..
Apparently I foxed this after looking again at the postfix configuration
<div class='quote'>May 24 19:04:00 sv01 postfix/smtpd[24849]: connect from mail-ew0-f175.google.com[209.85.219.175]
May 24 19:04:00 sv01 postgrey[23791]: action=greylist, reason=new, client_name=mail-ew0-f175.google.com, client_address=209.85.219.175, sender=myaccount@gmail.com, recipient=info@domain.nl
May 24 19:04:00 sv01 postfix/smtpd[24849]: NOQUEUE: reject: RCPT from mail-ew0-f175.google.com[209.85.219.175]: 450 4.2.0 <info@domain.nl>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/izidesign.nl.html; from=<myaccount@gmail.com> to=<info@domain.nl> proto=ESMTP helo=<mail-ew0-f175.google.com>
May 24 19:04:00 sv01 postfix/smtpd[24849]: disconnect from mail-ew0-f175.google.com[209.85.219.175]
</div>
what was needed is to place the <div class='quote'>mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME</div> AFTER <div class='quote'>smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service unix:postgrey/socket permit_mx_backup</div>
Also permit_mx_backup needs to come after the check_policy_service
It seems virtualmin isn't intelligent enough to place the lines where they should be placed :-)
so now we can see that gmail re-delivered the messages and it "went through"
<div class='quote'>May 24 19:11:46 sv01 postfix/smtpd[25066]: connect from mail-ew0-f175.google.com[209.85.219.175]
May 24 19:11:46 sv01 postgrey[23791]: action=pass, reason=triplet found, delay=466, client_name=mail-ew0-f175.google.com, client_address=209.85.219.175, sender=myaccount@gmail.com, recipient=info@domain.nl
May 24 19:11:46 sv01 postfix/smtpd[25066]: 83F70D606D9: client=mail-ew0-f175.google.com[209.85.219.175]
May 24 19:11:46 sv01 postfix/cleanup[25070]: 83F70D606D9: message-id=<4A197DFD.9040304@gmail.com>
May 24 19:11:46 sv01 postfix/qmgr[24788]: 83F70D606D9: from=<myaccount@gmail.com>, size=2064, nrcpt=1 (queue active)
May 24 19:11:49 sv01 postfix/local[25071]: 83F70D606D9: to=<info-domain.nl@sv01.myserver.nl>, orig_to=<info@domain.nl>, relay=local, delay=3.2, delays=0.05/0.01/0/3.2, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
May 24 19:11:49 sv01 postfix/qmgr[24788]: 83F70D606D9: removed
May 24 19:12:16 sv01 postfix/smtpd[25066]: disconnect from mail-ew0-f175.google.com[209.85.219.175]
</div>
But, it is not in my mailbox. So where is it?
Any ideas?
Apparently postfix received 2 mails in the same second.
<div class='quote'>May 24 19:22:56 sv01 postfix/smtpd[25287]: connect from mail-ew0-f175.google.com[209.85.219.175]
May 24 19:22:56 sv01 postfix/smtpd[25290]: connect from 84.123.51.154.dyn.user.ono.com[84.123.51.154]
</div>
the google is mine while the other is a client on a different mailbox on the server.
strange this one gets PASS as it is unknown and should have been rejected.
Also this mail, although delivered is no where to be found. I think Postfix got confused as it ran simultaneous with the gmail delivery..
<div class='quote'>May 24 19:22:57 sv01 postgrey[23791]: action=pass, reason=triplet found, delay=303, client_name=84.123.51.154.dyn.user.ono.com, client_address=84.123.51.154, sender=corded@alberto.ca, recipient=info@otherdomain.eu </div>
Look same number behind postgrey:
<div class='quote'>May 24 19:31:33 sv01 postgrey[23791]: action=pass, reason=triplet found, client_name=mail-ew0-f175.google.com, client_address=209.85.219.175, sender=myaccount@gmail.com, recipient=info@domain.nl </div>
strange yes? Both emails from different hosts not delivered to different mailboxes.
After retrying another message from gmail to the troubled mailbox, it went through without a hassle. So I consider the above here as an incident.
But what about really busy mailservers? How many messages are then not delivered..or disappear in some black hole
Or am I missing something obvious?
mailbox_command is unrelated to the recipient restrictions, and order of any particular directive isn't important.
But, the list of smtpd_recipient_restrictions definitely <i>does</i> need to be in a particular order (each test is checked in order, and any negative result will stop the message). It's interesting that Virtualmin didn't get it right. That'd be bug-like.
I'm not sure exactly what to make of the rest of the issues...reading over it now.
--
Check out the forum guidelines!
While Joe's looking through the rest of the issues, I'll just mention -- if you see something in the mail log mention that it was delivered to procmail, you can always peek at the procmail log (in /var/log/procmail.log) to get an idea of what may have gone awry.
It'll show the folder/path it delivered to, or any error message that occurred.
-Eric
Yeah, actually I think the answer is going to be in procmail.log, as Eric suggested. I'm not seeing any other good clues here.
--
Check out the forum guidelines!
thanks. I've found the entries. Both messages (from gmail and home-isp) were classified as spam
Dest:/dev/null Mode:Spam
the subject was "postgrey" but I did not enter any body text.
After resending the same subject but with a oneliner in the body, the mail got through. So this is cleared.
However, Procmail has other rules than spamassassin as I told SA to deliver spam normally, but just classify it in the subject [spam]. Procmail seems to just drop it in a blackhole.
this is real spam
<div class='quote'>From congestings08@psv.com Sun May 24 12:23:43 2009
Subject: [SPAM] If you feel that your manhood is already dead,call us us.
Folder: /dev/null 20223
Time:1243160636 From:congestings08@psv.com To:info@domain.nl User:info-domain.nl Size:20223 Dest:/dev/null Mode:Spam</div>
<b>That shouldn't go to /dev/null before I know mails are indeed spam</b> and I can trust the system...
Also I see that all spam is coming from the VPS I have in USA that is a 3rd nameserver and a backup mailserver only.
<b>Why would a backup server deliver messages to the main server?</b> It is not suppose to do this, right? As it should just hold the messages when the real mailserver is down...
I did, yesterday evening, install postgrey as well on that backup mailserver and the result is great. The amount of spam I got was amazing and today I didn't receive 1 yet.
So from this long story, there are 2 remaining issues (in bold) to be clarified.
thanks for any help.
<div class='quote'>That shouldn't go to /dev/null before I know mails are indeed spam and I can trust the system...</div>
So, don't configure it to send them to /dev/null. That's not the default. ;-)
Look in Server Configuration->Spam and Virus Delivery. The default is to deliver spam to a .spam mailbox.
--
Check out the forum guidelines!
Joe, I beg to differ that the mail_command does need to go after the recipient restrictions as only when I did that I got the Postgrey lines in my logs..