Content filter - reijnect message back into queue

classic Classic list List threaded Threaded
33 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Viktor Dukhovni
> On Jan 4, 2019, at 5:13 PM, Rafael Azevedo <[hidden email]> wrote:
>
> They don't. But there might be some variable with undesired default value.
>
> # cd /etc/postfix/
> lab postfix # grep 'config_directory' main.cf master.cf

So the unwanted value was acquired at runtime.

Post the output of:

  # postmulti -l
  # postfix status
  # pgrep -x qmgr | while read pid; do ps -o pid,ppid,args -p "$pid"; xargs -0n1 < /proc/$pid/environ; done

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Rafael Azevedo-4
# postmulti -l
-               -               y         /etc/postfix

# postfix status
postfix: Postfix is running with backwards-compatible default settings
postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details
postfix: To disable backwards compatibility use "postconf
compatibility_level=2" and "postfix reload"
postfix/postfix-script: the Postfix mail system is running: PID: 5158


# pgrep -x qmgr | while read pid; do ps -o pid,ppid,args -p "$pid";
xargs -0n1 &lt; /proc/$pid/environ; done
    PID    PPID COMMAND
1201099    5158 qmgr -l -t fifo -u -o syslog_name=xx.net
MAIL_CONFIG=/etc/mailservers/xx.net/host.xx.net/
MAIL_LOGTAG=postfix
LANG=C
GENERATION=15302



Em sex, 4 de jan de 2019 às 20:43, Viktor Dukhovni
<[hidden email]> escreveu:

>
> > On Jan 4, 2019, at 5:13 PM, Rafael Azevedo <[hidden email]> wrote:
> >
> > They don't. But there might be some variable with undesired default value.
> >
> > # cd /etc/postfix/
> > lab postfix # grep 'config_directory' main.cf master.cf
>
> So the unwanted value was acquired at runtime.
>
> Post the output of:
>
>   # postmulti -l
>   # postfix status
>   # pgrep -x qmgr | while read pid; do ps -o pid,ppid,args -p "$pid"; xargs -0n1 < /proc/$pid/environ; done
>
> --
>         Viktor.
>
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Viktor Dukhovni


> On Jan 4, 2019, at 6:18 PM, Rafael Azevedo <[hidden email]> wrote:
>
> # postmulti -l
> -               -               y         /etc/postfix
>
> # postfix status
> postfix: Postfix is running with backwards-compatible default settings
> postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details
> postfix: To disable backwards compatibility use "postconf
> compatibility_level=2" and "postfix reload"
> postfix/postfix-script: the Postfix mail system is running: PID: 5158
>
>
> # pgrep -x qmgr | while read pid; do ps -o pid,ppid,args -p "$pid";
> xargs -0n1 &lt; /proc/$pid/environ; done
>    PID    PPID COMMAND
> 1201099    5158 qmgr -l -t fifo -u -o syslog_name=xx.net
> MAIL_CONFIG=/etc/mailservers/xx.net/host.xx.net/
> MAIL_LOGTAG=postfix

So your only "registered" Postfix instance is in /etc/postfix, but
the queue manager is running with:

        MAIL_CONFIG=/etc/mailservers/xx.net/host.xx.net/

How is that supposed to work???  And why is "postdrop" logging
problems using "/etc/postfix/" and not "/etc/mailservers/xx.net/host.xx.net/"?

I am afraid you're not providing sufficiently detailed information
about your configuration...  Not much help is possible under these
circumstances.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Rafael Azevedo-4
Hi Viktor,

Thanks for your reply.

I've provided all information you asked.

This is a lab server.
It has about 8 IPs and multiple postfix configurations (from older tests).

Although this server has multiple IPs, I'm not running multiple
instances at this time.

The pourpose of this test is to build a postfix server running on
multiple ips, with multiple transports and one self-made anti-spam
system.

So there's a lot of things yet to be accomplished.

In time, would this make any sense:

1. spamfilter    unix    -       n       n       -       -       pipe
2.        user=vmail argv=/home/postfix/app/tools/contentFilter.php
${nexthop} ${size} ${sender} ${recipient}
3.        /usr/sbin/sendmail -oi -f ${sender} ${recipient}

I'm calling sendmail at line 3 in an attempt to make postfix re-inject
message back into queue.

No success at all.

Any help ..

Thanks!

Em sex, 4 de jan de 2019 às 21:33, Viktor Dukhovni
<[hidden email]> escreveu:

>
>
>
> > On Jan 4, 2019, at 6:18 PM, Rafael Azevedo <[hidden email]> wrote:
> >
> > # postmulti -l
> > -               -               y         /etc/postfix
> >
> > # postfix status
> > postfix: Postfix is running with backwards-compatible default settings
> > postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details
> > postfix: To disable backwards compatibility use "postconf
> > compatibility_level=2" and "postfix reload"
> > postfix/postfix-script: the Postfix mail system is running: PID: 5158
> >
> >
> > # pgrep -x qmgr | while read pid; do ps -o pid,ppid,args -p "$pid";
> > xargs -0n1 &lt; /proc/$pid/environ; done
> >    PID    PPID COMMAND
> > 1201099    5158 qmgr -l -t fifo -u -o syslog_name=xx.net
> > MAIL_CONFIG=/etc/mailservers/xx.net/host.xx.net/
> > MAIL_LOGTAG=postfix
>
> So your only "registered" Postfix instance is in /etc/postfix, but
> the queue manager is running with:
>
>         MAIL_CONFIG=/etc/mailservers/xx.net/host.xx.net/
>
> How is that supposed to work???  And why is "postdrop" logging
> problems using "/etc/postfix/" and not "/etc/mailservers/xx.net/host.xx.net/"?
>
> I am afraid you're not providing sufficiently detailed information
> about your configuration...  Not much help is possible under these
> circumstances.
>
> --
>         Viktor.
>
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Viktor Dukhovni
On Fri, Jan 04, 2019 at 09:57:53PM -0200, Rafael Azevedo wrote:

> I've provided all information you asked.

Well, but you've provided detailed configuration information.
See http://www.postfix.org/DEBUG_README.html#mail

> This is a lab server.
> It has about 8 IPs and multiple postfix configurations (from older tests).

Well, I don't recall any mention of multiple Postfix configurations
until now.  For "sendmail" to work in a non-default Postfix instance
the associated configuration directory must be listed in the default
instance's main.cf file's "alternate_config_directories" parameter.

> Although this server has multiple IPs, I'm not running multiple
> instances at this time.

Well, you're running a non-default instance, whose configuration
is not /etc/postfix.  It does not matter whether other instances
are running or not, you're in a multi-instance configuration.

> In time, would this make any sense:
>
> spamfilter    unix    -       n       n       -       -       pipe
>   user=vmail argv=/home/postfix/app/tools/contentFilter.php ${nexthop} ${size} ${sender} ${recipient}
>   /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Not really, because the sendmail command goes inside the script,
and I'd stay well clear of PHP for processing email and executing
sub-processes, ...

And ${recipient} should always be the last command line variable,
since it expands to multiple recipient arguments.

> No success at all.

You're stumbling around in the dark trying random things that can't
work.  Find a native English speaker who can help you understand
FILTER_README, and get it working in a single-instance Postfix
environment first.

Consider buying the Postfix Book by Patrick and Ralf, and read the
chapter(s) on content filters.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Rafael Azevedo-4
> Well, I don't recall any mention of multiple Postfix configurations
> until now.  For "sendmail" to work in a non-default Postfix instance
> the associated configuration directory must be listed in the default
> instance's main.cf file's "alternate_config_directories" parameter.

Ok, got it back to default config.
# postmulti -l
-               -               y         /etc/postfix

# pgrep -x qmgr | while read pid; do ps -o pid,ppid,args -p "$pid";
xargs -0n1 < /proc/$pid/environ; done
    PID    PPID COMMAND
2028229 2026262 qmgr -l -t unix -u
MAIL_CONFIG=/etc/postfix/
MAIL_LOGTAG=postfix
LANG=C
GENERATION=724

# postfix -c /etc/postfix/ status
postfix: Postfix is running with backwards-compatible default settings
postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details
postfix: To disable backwards compatibility use "postconf
compatibility_level=2" and "postfix reload"
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined
parameter: mua_sender_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined
parameter: mua_client_restrictions
/usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined
parameter: mua_helo_restrictions
postfix/postfix-script: the Postfix mail system is running: PID: 2026262

Same behavior..

> Not really, because the sendmail command goes inside the script,
> and I'd stay well clear of PHP for processing email and executing
> sub-processes, ...

what do you mean by inside the script?

> And ${recipient} should always be the last command line variable,
> since it expands to multiple recipient arguments.

thanks, my mistake

> You're stumbling around in the dark trying random things that can't
> work.  Find a native English speaker who can help you understand
> FILTER_README, and get it working in a single-instance Postfix
> environment first.

yes, at this time.

> Consider buying the Postfix Book by Patrick and Ralf, and read the
> chapter(s) on content filters.

This one?
https://books.google.com.br/books?id=uq1Et7KmsGwC&pg=PA22&dq=postfix&hl=pt-BR&sa=X&ved=0ahUKEwjC9evHr9XfAhXFgZAKHb2zBEIQ6AEIPzAD#v=onepage&q=postfix&f=false
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Viktor Dukhovni
On Fri, Jan 04, 2019 at 10:22:28PM -0200, Rafael Azevedo wrote:

> Ok, got it back to default config.
> # postmulti -l
> -               -               y         /etc/postfix
>
> # pgrep -x qmgr | while read pid; do ps -o pid,ppid,args -p "$pid";
> xargs -0n1 < /proc/$pid/environ; done
>     PID    PPID COMMAND
> 2028229 2026262 qmgr -l -t unix -u
> MAIL_CONFIG=/etc/postfix/
> MAIL_LOGTAG=postfix

No you did not.  By default "MAIL_CONFIG=/etc/postfix" with no trailing "/".
Perhaps you're starting Postfix via:

        postfix -c /etc/postfix/ start

don't do that.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Rafael Azevedo-4
> No you did not.  By default "MAIL_CONFIG=/etc/postfix" with no trailing "/".
> Perhaps you're starting Postfix via:
>
>         postfix -c /etc/postfix/ start
this is how we start postfix intances since this server has multiple
testing configurations.


> don't do that.
why?

and why shall I keep away from php for this content filter script? I
think its fast (isn't it?)

I want to easily be able to compare last message with a database and
try to match if the sending message is bulk or not and drop it if so.

thanks a lot.
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Viktor Dukhovni
On Fri, Jan 04, 2019 at 10:40:21PM -0200, Rafael Azevedo wrote:

> >         postfix -c /etc/postfix/ start
>
> this is how we start postfix intances since this server has multiple
> testing configurations.

Because the correct command is just "postfix start".  And you want
multiple instances read MULTI_INSTANCE_README, and configure them
properly.

> > don't do that.
> why?

Because it causes the problem you're reporting, by supplying a
subtly non-default configuration directory.

> and why shall I keep away from php for this content filter script? I
> think its fast (isn't it?)

Because it is too easy to create security issues in PHP scripts.

> I want to easily be able to compare last message with a database and
> try to match if the sending message is bulk or not and drop it if so.

Try Python or Perl, and use a command-execution interface that
bypasses the shell, and directly calls execve(2) or execvp(3) with
an array of arguments.  Make sure to separate the first recipient
address from the last option with "--", and make sure to pass "-f",
"sender-address" as two separate arguments.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Rafael Azevedo-4
Can the reinjection port be other than 10025 ?
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Matus UHLAR - fantomas
On 05.01.19 08:37, Rafael Azevedo wrote:
>Can the reinjection port be other than 10025 ?

it can be any port, but it has to be configured not to send mail back
to the filter not to create a loop.

there are other recommended options for such port, documented in filter
readme.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
How does cat play with mouse? cat /dev/mouse
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Rafael Azevedo-4
> it can be any port, but it has to be configured not to send mail back
> to the filter not to create a loop.

this is what I'm trying to figure out: how to re-inject.
I'm reading The Book of Postfix as Viktor suggested. Hope to find some
answers soon.

Thanks!
Reply | Threaded
Open this post in threaded view
|

Re: Content filter - reijnect message back into queue

Viktor Dukhovni
> On Jan 5, 2019, at 11:12 AM, Rafael Azevedo <[hidden email]> wrote:
>
> this is what I'm trying to figure out: how to re-inject.

Working re-injection examples are shown in FILTER_README.
If you don't too creative with ad-hoc multiple instances,
and "postfix -c", they work as documented, but reading the
book should give you a better picture of how the pieces
fit together.  Good luck.

--
        Viktor.

12