what does these log lines mean?

On 11/5/2018 3:18 AM, Poliman - Serwis wrote:
>
> I have in mail.log file lines like below:

(the http markup you posted screws up the log lines. plain text only
next time please.)

>
> Nov 5 10:14:31 s1 postfix/smtpd[27320]: NOQUEUE: filter: RCPT from
> dedicated-aip61.rev.nazwa.pl
> <http://dedicated-aip61.rev.nazwa.pl>[77.55.223.61]:
> <[hidden email]>: Sender address triggers FILTER
> amavis:[127.0.0.1]:10024; from=<[hidden email]>
> to=<[hidden email] <mailto:[hidden email]>> proto=ESMTP
> helo=<dedicated-aip61.rev.nazwa.pl
> <http://dedicated-aip61.rev.nazwa.pl>>

There's a check_sender_access map that results in a FILTER
statement.  After the mail is accepted, it will be filtered through
amavisd.

> Nov 5 10:14:31 s1 postfix/smtpd[27320]: NOQUEUE: reject: RCPT from
> dedicated-aip61.rev.nazwa.pl
> <http://dedicated-aip61.rev.nazwa.pl>[77.55.223.61]: 454 4.7.1
> <[hidden email] <mailto:[hidden email]>>: Relay access
> denied; from=<[hidden email]> to=<[hidden email]
> <mailto:[hidden email]>> proto=ESMTP
> helo=<dedicated-aip61.rev.nazwa.pl
> <http://dedicated-aip61.rev.nazwa.pl>>

Message is rejected with "Relay access denied".  This means your
postfix is not configured to accept mail for skpkrakow.pl and the
client is not authenticated/authorized to relay.

The 454 reject code indicates this is a temporary reject and the
sender is free to retry.

This could be due to default settings in smtpd_relay_restrictions
that you haven't set up yet.

> Nov 5 10:14:31 s1
> postfix/smtpd[27320]: disconnect from dedicated-aip61.rev.nazwa.pl
> <http://dedicated-aip61.rev.nazwa.pl>[77.55.223.61] ehlo=2
> starttls=1 mail=4 rcpt=0/4 rset=3 quit=1 commands=11/15

The client disconnected after sending the number of commands listed.
 The rcpt=0/4 indicates the client sent 4 RCPT commands, 0 were
accepted.  The commands=11/15 indicates the client sent 15 total
commands, 11 were accepted.


> Nov 5 10:14:31 s1 postfix/smtpd[27320]: NOQUEUE: filter: RCPT from
> dedicated-aip61.rev.nazwa.pl
> <http://dedicated-aip61.rev.nazwa.pl>[77.55.223.61]:
> <[hidden email]>: Sender address triggers FILTER
> amavis:[127.0.0.1]:10026; from=<[hidden email]>
> to=<[hidden email] <mailto:[hidden email]>> proto=ESMTP
> helo=<dedicated-aip61.rev.nazwa.pl
> <http://dedicated-aip61.rev.nazwa.pl>>

Another check_sender_access table with a FILTER result.


If you need more help, please see
http://www.postfix.org/DEBUG_README.html#mail



>
> What do they mean?
>
>
>
> --
> /Pozdrawiam / Best Regards
> /
> /Piotr Bracha/




   -- Noel Jones

On Tue, 6 Nov 2018, Poliman - Serwis wrote:

> Sorry for http markup, I got knowledge for the future. Thank you for brief
> answer. Does each email is filtered by amavisd or only some kind of
> suspicious?

You're the only one who can answer that question. Did you configure such
filtering?

You could post your $(postconf -n)

Cheers.

On Tue, 6 Nov 2018, Poliman - Serwis wrote:

> Thank you for answer. I attach .txt file with output of postconf -n.

Your original message showed amavis filtering on ports 10024 and 10026.
Your postfix configuration shows only amavis on port 10024.

I think your logs don't come from the postfix with the configuration you
posted.

In any case, what do you need to know?
Have YOU configured the postfix server, or are you trying to understand
why something happens (your log lines) on a server which you DO NOT
administer?

I don't think anybody here has time for puzzles.