Re: Errors with before queue filtering and policyd-weight - helpplease.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Errors with before queue filtering and policyd-weight - helpplease.

Kevin Gagel
OK, reconfigured to:
main.cf
smtpd_recipient_restrictions =  reject_non_fqdn_recipient,
 reject_non_fqdn_sender,
 reject_non_fqdn_recipient,
 reject_unknown_sender_domain,
 check_sender_mx_access cidr:/etc/postfix/wildcard_mx_records.cidr,
 permit_mynetworks,
 check_client_access hash:/etc/postfix/whitelist,
 reject_unauth_destination,
 reject_non_fqdn_hostname,
 reject_invalid_hostname,
 reject_unauth_pipelining,
 reject_unverified_sender,
 check_policy_service inet:127.0.0.1:12524,
 permit

master.cf
smtp      inet  n       -       n       -       200       smtpd

127.0.0.1:12526 inet n  -       n       -       200       smtpd
 -o smtpd_authorized_xforward_hosts=127.0.0.0/8
 -o smtpd_client_restrictions=
 -o smtpd_helo_restrictions=
 -o smtpd_sender_restrictions=
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o content_filter=
 -o mynetworks=127.0.0.0/8
 -o receive_override_options=no_unknown_recipient_checks

Now I get these errors:
Oct  1 12:54:59 gateway postfix/smtpd[14635]: warning: connect to 127.0.0.1:12524: Connection refused
Oct  1 12:54:59 gateway postfix/smtpd[14635]: warning: problem talking to server 127.0.0.1:12524: Connection refused


Kevin W. Gagel
Network Administrator
Local 5448
My blog:
http://mail.cnc.bc.ca/blogs/gagel
My shared files:
http://mail.cnc.bc.ca/users/gagel


--- Original message ---
From: Brian Evans - Postfix List <[hidden email]>
[snip] 
Maybe because policyd-weight is a policy service not a content filter.

http://www.postfix.org/SMTPD_POLICY_README.html

Untitled Document

The College of New Caledonia
Visit us at http://www.cnc.bc.ca
Virus scanning is done on all incoming and outgoing email
Anti-spam information for CNC can be found at http://gateway.cnc.bc.ca


Reply | Threaded
Open this post in threaded view
|

Re: Errors with before queue filtering and policyd-weight - helpplease.

Brian Evans - Postfix List
Kevin Gagel wrote:

> OK, reconfigured to:
> main.cf
> smtpd_recipient_restrictions =  reject_non_fqdn_recipient,
>  reject_non_fqdn_sender,
>  reject_non_fqdn_recipient,
>  reject_unknown_sender_domain,
>  check_sender_mx_access cidr:/etc/postfix/wildcard_mx_records.cidr,
>  permit_mynetworks,
>  check_client_access hash:/etc/postfix/whitelist,
>  reject_unauth_destination,
>  reject_non_fqdn_hostname,
>  reject_invalid_hostname,
>  reject_unauth_pipelining,
>  reject_unverified_sender,
>  check_policy_service inet:127.0.0.1:12524,
>  permit
>

This is better.

> master.cf
> smtp      inet  n       -       n       -       200       smtpd
>
> 127.0.0.1:12526 inet n  -       n       -       200       smtpd
>  -o smtpd_authorized_xforward_hosts=127.0.0.0/8
>  -o smtpd_client_restrictions=
>  -o smtpd_helo_restrictions=
>  -o smtpd_sender_restrictions=
>  -o smtpd_recipient_restrictions=permit_mynetworks,reject
>  -o content_filter=
>  -o mynetworks=127.0.0.0/8
>  -o receive_override_options=no_unknown_recipient_checks
>
FYI, Policy servers do not have a return path.

> Now I get these errors:
> Oct  1 12:54:59 gateway postfix/smtpd[14635]: warning: connect to
> 127.0.0.1:12524: Connection refused
> Oct  1 12:54:59 gateway postfix/smtpd[14635]: warning: problem talking
> to server 127.0.0.1:12524: Connection refused
Sounds like your policy server is not running or responding on localhost.
If you cannot telnet to it, then Postfix cannot talk to it either.
Reply | Threaded
Open this post in threaded view
|

Re: Errors with before queue filtering and policyd-weight - helpplease.

Stan Hoeppner
Brian Evans - Postfix List put forth on 10/1/2009 3:03 PM:
> Kevin Gagel wrote:
>> Now I get these errors:
>> Oct  1 12:54:59 gateway postfix/smtpd[14635]: warning: connect to
>> 127.0.0.1:12524: Connection refused
>> Oct  1 12:54:59 gateway postfix/smtpd[14635]: warning: problem talking
>> to server 127.0.0.1:12524: Connection refused
> Sounds like your policy server is not running or responding on localhost.
> If you cannot telnet to it, then Postfix cannot talk to it either.

Make sure your loopback interface is configured as well, and make sure
you don't have some oddball iptables rule causing problems.  If you're
running selinux or apparmor or similar, turn that off until you've got
this working.

--
Stan
Reply | Threaded
Open this post in threaded view
|

Re: Errors with before queue filtering and policyd-weight - helpplease.

Kevin Gagel
In reply to this post by Kevin Gagel
Thank you all. I have it running now.


Kevin W. Gagel
Network Administrator
Local 5448
My blog:
http://mail.cnc.bc.ca/blogs/gagel
My shared files:
http://mail.cnc.bc.ca/users/gagel


--- Original message ---
Subject: Re: Errors with before queue filtering and policyd-weight - helpplease.
From: Stan Hoeppner <[hidden email]>
To: Postfix users <[hidden email]>
Date: Thursday, 10/01/2009 10:01 PM

Brian Evans - Postfix List put forth on 10/1/2009 3:03 PM:
Kevin Gagel wrote:
Now I get these errors:
Oct 1 12:54:59 gateway postfix/smtpd[14635]: warning: connect to
127.0.0.1:12524: Connection refused
Oct 1 12:54:59 gateway postfix/smtpd[14635]: warning: problem talking
to server 127.0.0.1:12524: Connection refused
Sounds like your policy server is not running or responding on localhost.
If you cannot telnet to it, then Postfix cannot talk to it either.

Make sure your loopback interface is configured as well, and make sure
you don't have some oddball iptables rule causing problems. If you're
running selinux or apparmor or similar, turn that off until you've got
this working.

--
Stan

Untitled Document

The College of New Caledonia
Visit us at http://www.cnc.bc.ca
Virus scanning is done on all incoming and outgoing email
Anti-spam information for CNC can be found at http://gateway.cnc.bc.ca