View previous topic :: View next topic |
Author |
Message |
pgu l33t
Joined: 30 Jul 2009 Posts: 719 Location: Oslo, Norway
|
Posted: Mon Feb 11, 2013 10:36 pm Post subject: [SOLVED] sqlgrey how to? |
|
|
I've used sendmail with grey milter support previously and recently tried to get postfix/sqlgrey working. I tried to follow this http://blog.philippheckel.com/2010/01/28/how-to-postfix-as-mail-relay-with-greylisting-support/ but with a PostgreSQL backend.
The problem is that nothing happens, e.g. I observe this in the log file and then not a single trace of sqlrey after that:
Code: | Feb 11 23:24:44 www sqlgrey: 2013/02/11-23:24:44 sqlgrey (type Net::Server::Multiplex) starting! pid(3662)
Feb 11 23:24:44 www sqlgrey: Resolved [localhost]:2501 to [::1]:2501, IPv6
Feb 11 23:24:44 www sqlgrey: Resolved [localhost]:2501 to [127.0.0.1]:2501, IPv4
Feb 11 23:24:44 www sqlgrey: Binding to TCP port 2501 on host ::1 with IPv6
Feb 11 23:24:44 www sqlgrey: Binding to TCP port 2501 on host 127.0.0.1 with IPv4
Feb 11 23:24:44 www sqlgrey: Setting gid to "122 122"
Feb 11 23:24:44 www sqlgrey: Setting uid to "101"
|
If I triy to run telnet to port 25 I do net get a Code: | Recipient address rejected: Greylisted for 5 minutes | as shown.
So are there some more step by step guides for sqlgrey available?
Last edited by pgu on Wed Feb 13, 2013 10:51 am; edited 1 time in total |
|
Back to top |
|
|
hydrapolic Tux's lil' helper
Joined: 07 Feb 2008 Posts: 126
|
Posted: Tue Feb 12, 2013 12:18 pm Post subject: |
|
|
I have very good experience with postgrey (http://postgrey.schweikert.ch) - it uses berkdb. I think PostgreSQL is an overkill for greylisting (but it depends on your needs). Postgrey worked fine even when my mailserver was bombed with 300.000 spams a day. |
|
Back to top |
|
|
pgu l33t
Joined: 30 Jul 2009 Posts: 719 Location: Oslo, Norway
|
Posted: Tue Feb 12, 2013 1:06 pm Post subject: |
|
|
I'll check out the howto for postgrey, as I seem to remember reading that sqlgrey being a fork of postgrey. I agree that postgresql is somewhat overkill (at least for my usage), but I already have a working postgresql environment on the server. I've used the lookup function to check that postfix can access the database so the problem is probably not related to the db part. I think the part that I'm missing is the part that tells postfix to actually use sqlgrey. |
|
Back to top |
|
|
hydrapolic Tux's lil' helper
Joined: 07 Feb 2008 Posts: 126
|
Posted: Tue Feb 12, 2013 3:01 pm Post subject: |
|
|
How did you integrate sqlgrey into postfix? |
|
Back to top |
|
|
pgu l33t
Joined: 30 Jul 2009 Posts: 719 Location: Oslo, Norway
|
Posted: Tue Feb 12, 2013 3:59 pm Post subject: |
|
|
hydrapolic wrote: | How did you integrate sqlgrey into postfix? |
Well, that's part of my problem. I've been using sendmail in the past and have switched to postfix recently. I thought that this was the statement which would cause postfix to communicate with sqlgrey:
Code: | smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
reject_unlisted_recipient,
check_policy_service inet:127.0.0.1:2501 |
But I might be wrong... |
|
Back to top |
|
|
hydrapolic Tux's lil' helper
Joined: 07 Feb 2008 Posts: 126
|
Posted: Tue Feb 12, 2013 5:41 pm Post subject: |
|
|
I think you did a good choice switching to postfix
About your configuration - your postfix instance is configured to inspect the smtp communication and act the time, when the client types in "RCPT TO: <user@domain>".
- if the sender matched mynetworks, he's good to go (no greylisting) - if not, move to the next restriction
- you don't serve as an open-relay, so you refuse any domain, that you don't host (virtual or any other) - if the domain is fine, move to the next restriction
- you don't accept mail for users that don't exist and thus you don't became a source of backscatter - if the user is fine, move to the next restriction
- you inspect the policy service at localhost:2501 - if the greylisting said ok, we accept the mail
- there is an implicit permit after the last restriction
In the first post you mentioned you connected to localhost 25 and received that message - was that really 25 or 2501? How did you test postfix - did you test from localhost or from some other? How did you configure the 'mynetworks' parameter?
If you don't mind, show the output of 'postconf -n'.
Btw - postfix has a good documentation - this is for example about the policy service: http://www.postfix.org/SMTPD_POLICY_README.html
All of it: http://www.postfix.org/documentation.html |
|
Back to top |
|
|
pgu l33t
Joined: 30 Jul 2009 Posts: 719 Location: Oslo, Norway
|
Posted: Wed Feb 13, 2013 7:59 am Post subject: |
|
|
I was testing with port 25 from the downstream host. I guess I should probably try postgrey as the documentation seem to be more complete. Thank you for your suggestions. |
|
Back to top |
|
|
pgu l33t
Joined: 30 Jul 2009 Posts: 719 Location: Oslo, Norway
|
Posted: Wed Feb 13, 2013 10:50 am Post subject: |
|
|
I had a mistake in my main.cf file. I actually had a smtpd_recipient_restrictions statement further down in the file which would re-assign the value shown above. After I removed the second smtpd_recipient_restrictions it seem to be working fine with sqlgrey. |
|
Back to top |
|
|
pgu l33t
Joined: 30 Jul 2009 Posts: 719 Location: Oslo, Norway
|
Posted: Wed Feb 13, 2013 10:53 am Post subject: |
|
|
I agree, the postfix documentation is excellent. I should have consulted it at an earlier stage, rather than googling error messages and option names.... |
|
Back to top |
|
|
|