1

I have a postfix mail-server and want to use amavis for spam and virus detection. I followed this tutorial to add amavis to my running mail-server. I added to /etc/postfix/main.cf:

content_filter = smtp-amavis:[127.0.0.1]:10024

and my /etc/postfix/master.cf locks like this:

smtp      inet  n       -       -       -       -       smtpd
submission inet n       -       -       -       -       smtpd -v
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o smtpd_sasl_security_options=noanonymous
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

pickup    unix  n       -       -       60      1       pickup
  -o content_filter=
  -o receive_override_options=no_header_body_checks
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache

maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}

uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

smtp-amavis unix         -       -       n       -       2       smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
  -o max_use=20
##### Amavis inbound properties ######
127.0.0.1:10025 inet n - n - - smtpd  
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_delay_reject=no
  -o smtpd_client_restrictions=permit_mynetworks,reject
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o smtpd_data_restrictions=reject_unauth_pipelining
  -o smtpd_end_of_data_restrictions=
  -o mynetworks=127.0.0.0/8
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
  -o smtpd_client_connection_count_limit=0
  -o smtpd_client_connection_rate_limit=0
  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

The output of postconf -n:

append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
inet_protocols = all
local_recipient_maps = $virtual_mailbox_maps
mailbox_size_limit = 0
mydestination =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = mydomain.com
readme_directory = no
recipient_delimiter =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_mailbox_domains = mydomain.com
virtual_mailbox_maps = ldap:/etc/postfix/virtual/ldap-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp

All mails I try to send get status deferred with this log information:

    Jan 19 10:28:51 mydomain postfix/smtp[2035]: BB27526F73: to=<user@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.7, delays=0.13/0.01/0/2.5, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=00944-02 - Temporary MTA failure on relaying, From MTA() during fwd-connect (Negative greeting:  at (eval 134) line 479.): id=00944-02 (in reply to end of DATA command))

If I requeue the deferred mail it will be delivered. But all new mails which was not queued before get the same status with the same problem.

Has someone any idea how to solve this problem?

EDIT: Here is are a few more lines of my logs also with the log after requeuing the mail:

Jan 19 13:45:13 mydomain postfix/smtpd[2361]: fatal: unexpected command-line argument: ###
Jan 19 13:45:14 mydomain postfix/master[2014]: warning: process /usr/lib/postfix/smtpd pid 2361 exit status 1
Jan 19 13:45:14 mydomain postfix/master[2014]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Jan 19 13:45:14 mydomain amavis[943]: (00943-06) (!)FWD from <alice@mydomain.com> -> <bob@mydomain.com>, 451 4.5.0 From MTA() during fwd-connect (Negative greeting:  at (eval 134) line 479.): id=00943-06
Jan 19 13:45:14 mydomain amavis[943]: (00943-06) Blocked MTA-BLOCKED {TempFailedInbound}, [xxx.xxx.xxx.xxx]:50237 [xxx.xxx.xxx.xxx] <alice@mydomain.com> -> <bob@mydomain.com>, Queue-ID: 53094271AF, Message-ID: <54BCFC56.3030600@mydomain.com>, mail_id: eK3SxABQEng1, Hits: 1.438, size: 608, 2797 ms
Jan 19 13:45:14 mydomain postfix/smtp[2357]: 53094271AF: to=<bob@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.9, delays=0.12/0.01/0/2.8, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=00943-06 - Temporary MTA failure on relaying, From MTA() during fwd-connect (Negative greeting:  at (eval 134) line 479.): id=00943-06 (in reply to end of DATA command))
Jan 19 13:45:16 mydomain postfix/submission/smtpd[2355]: auto_clnt_close: disconnect private/tlsmgr stream
Jan 19 13:45:16 mydomain postfix/submission/smtpd[2355]: rewrite stream disconnect
Jan 19 13:45:24 mydomain postfix/postsuper[2364]: Requeued: 1 message
Jan 19 13:45:49 mydomain postfix/pickup[2293]: 00D21271BA: uid=107 from=<alice@mydomain.com> orig_id=53094271AF
Jan 19 13:45:49 mydomain postfix/cleanup[2348]: 00D21271BA: message-id=<54BCFC56.3030600@mydomain.com>
Jan 19 13:45:49 mydomain postfix/qmgr[2018]: 00D21271BA: from=<alice@mydomain.com>, size=727, nrcpt=1 (queue active)
Jan 19 13:45:49 mydomain dovecot: lmtp(2369): Connect from local
Jan 19 13:45:49 mydomain dovecot: lmtp(2369, bob@mydomain.com): wlQ8AX38vFRBCQAAXzmN0w: msgid=<54BCFC56.3030600@mydomain.com>: saved mail to INBOX
Jan 19 13:45:49 mydomain postfix/lmtp[2368]: 00D21271BA: to=<bob@mydomain.com>, relay=mydomain.localdomain[private/dovecot-lmtp], delay=38, delays=38/0.01/0/0.01, dsn=2.0.0, status=sent (250 2.0.0 <bob@mydomain.com> wlQ8AX38vFRBCQAAXzmN0w Saved)
Jan 19 13:45:49 mydomain dovecot: lmtp(2369): Disconnect from local: Successful quit
Jan 19 13:45:49 mydomain postfix/qmgr[2018]: 00D21271BA: removed
Ulli
  • 97
  • 2
  • 9
  • Please edit the question and add the output of `postconf -n` – masegaloeh Jan 19 '15 at 11:42
  • Any other maillog lines relevant with amavis log above? Negative greeting error can be caused by many things – masegaloeh Jan 19 '15 at 12:34
  • Maillog said that something wrong with your master.cf syntax - - - > `fatal unexpected command line arguments`. Fortunately, your master.cf in this thread looks fine. See your actual master.cf and findout where error ### coming. – masegaloeh Jan 19 '15 at 13:26

2 Answers2

3

Oh I feel just so stupid...

found the mistake. masegaloeh thx for your hint and sorry for everyone who wasted time cause of my stupidness...

I just had a wrong placed comment in my master.cf which I deleted before I posted the content here so my original master.cf file locked like this:

##### Amavis inbound properties ######
127.0.0.1:10025 inet n - n - - smtpd  ### stupid commend :(
  -o content_filter=
  -o local_recipient_maps=
Ulli
  • 97
  • 2
  • 9
3

Thia maillog line

 Jan 19 13:45:13 mydomain postfix/smtpd[2361]: fatal: unexpected command-line argument: ###

was clear indicator that something wrong on master.cf syntax. You already confirmed this in your answer. In this part, I will try to explain why mail go through when you requeue them.

When you issue command postsuper - r to requeue message, postfix will move the email to maildrop queue. Then pickup daemon will 'pick' it and try to delivers it. In the other part, you disabled amavis content_filter on pickup process (via master.cf). So, the requeued email won't go through amavis, thus doesn't suffer error message like above.

masegaloeh
  • 18,236
  • 10
  • 57
  • 106