Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Nevermind - I do know how to solve that now. (Figured it out all on my own; I must be getting to know something here! Now that's a scary thought! )
In master.cf I added the following under the options for the 127.0.0.1:10025 line. This I believe overrides the settings in main.cf and disables TLS when talking on the 127.0.0.1 interface on port 10025.
I've done extensive testing since my last post. I was able to get pop-before-smtp to play nice with SMTP AUTH, which should make setting up handheld devices much easier. There are still 2 issues which I don't believe are related to each other.
The first is a warning in /var/log/maillog - it does not affect functionality as far as I can tell. I've tried googling for the error, but nearly all the results I've found have been caused by localhost not being in /etc hosts - it is in mine. There is a thread here that describes the problem on fedora, but it was last updated in Feb 2007 and no solution was found. I can also ping localhost from a command line and if I comment out the amavisd content filter line, the warning disappears, which indicates that the problem must be either with amavisd or clamav.
Code:
postfix/smtpd[2692]: warning: 127.0.0.1: address not listed for hostname localhost
The second issue actually affects functionality. Greylisting is indeed not working. I've tried sending mail to myself (jim@domain1, jim@domain2, etc) from a variety of addresses outside of my domains and the mail arrives immediately. According to the postgrey docs, it should use a tuple of client ip/sender address/recipient address to greylist messages. My understanding would be that changing any one of these should cause a message to be delayed, but it is not. Question - I'm sending mail to a user at my domain using the SMTP server on the same machine as the user's account. (I have had to do this to test because the internet line *still* is not functional.) Question - could using an SMTP server to send mail to a user on the same machine cause postgrey to be non-functional? If not, any suggestions as to where to look to fix greylisting?
More info on the warning. When I set bypass_virus_checks_maps, bypass_spam_checks_maps, and bypass_decode_parts to 1 in amavisd.conf to disable everything (meaning amavis should do nothing but shuffle messages around), the error still shows in /var/log/maillog whenever a message is sent. However, 'localhost' never appears in an uncommented fashion in amavisd.conf... puzzling.
OK, fixed the postgrey problem - working fine now. (It indeed was the fact that I was using the SMTP server located on the same machine - the earlier permit_ lines shorted out the following tests and therefore postgrey was never contacted. I commented out all the lines except for the stipulation about postgrey and bam- grelisting worked! )
Now to go back to the amavisd warning being generated in /var/log/maillog...
I believe it's an amavisd issue because when I comment out this line in main.cf, the problem disappears. This led me to believe it was a problem with either amavis or clamav.
Code:
content_filter = smtp-amavis:[127.0.0.1]:10024
If I disable everything in amavisd.conf by setting bypass_*_checks to 1 (really, just uncomment the lines that were already there), the problem is still there. This eliminates clamav as a possible problem and isolates amavis as the culprit.
Is there a flaw in my troubleshooting?
I used directions from a variety of resources I found on the internet describing greylisting. Surprisingly to me, the postgrey home page has almost nothing in the way of documentation.
Greylisting is now working on my system Billy - I was sending mail using the SMTP server local to the machine and therefore was permitted to send before getting to the line interfacing with postgrey. (The internet line isn't in yet and I've been testing using my local network.)
I have tried changing the line to reflect the syntax that you suggest. (Using localhost instead of the 127.0.0.1 loopback IP.) It did indeed make the error go away, but messages weren't being scanned by clam anymore either.
You're awesome dude - changing the y to an n as you illustrated made the problem disappear! (Teach me to copy & paste without understanding things... then again, if I would've insisted on understanding everything before I did it, I'd probably be at about the 'install postfix' stage. ) The amavisd line in master.cf has a y in that same column, but is working - wonder why that would work and having it on this line would generate errors... have to research what 'chroot' means after I'm done with this project. (Other than changing the root file system to a different directory/device; I've done that installing/troubleshooting systems, but don't see how that'd apply here.)
Thanks again man - I'm now off to install SquirrelMail and Apache, hopefully before the internet line is ready so I can test the PPPoE connection when it's in. Getting near the end now! (A good thing since my deadline is tomorrow evening! )
I was able to get Apache installed and working for virtual hosts. I also installed SquirrelMail and got the login page to show up before I left last night, but haven't done anything further with it because I've been working on getting the DSL line up and running.
The internet line is now in and working, though I'm having a few issues. (Big surprise there!) Anybody have experience using a PPPoE connection with FreeBSD? I had the machine on my local network and before moving it to the DSL line, I did the following:
1. Updated the IP address in /etc/hosts
2. Updated the IP address in /etc/namedb/master/domain.tld files
3. Updated /etc/pf.conf to use tun0 instead of the ethernet card for the external interface
4. Set up PPP by following directions found in a variety of HOWTOs.
5. Rebooted.
Here are the errors that are popping up when I connect via PPP, though strangely enough it seems to be working for outgoing traffic.
Code:
Warning: tun0: AIFADDR <my IP address> -> <unknown IP address> returned 0
Warning: 0.0.0.0/0: Change route failed: errno: No such process
Warning: ff02:7::/32: Change route failed: errno: Network is unreachable
This error pops up seemingly at random when connecting. I found a post here that says it's harmless, but wanted to include it in case it's important.
Code:
WARNING: attempt to net_add_domain(netgraph) after domainfinalize()
Finally, PPP refuses to start with the machine; I need to manually start it from a command line. This message is displayed when the machine boots up and runs into the PPP config. I did a find / -name libintl.so.8 -print and found the file in /usr/local/lib/ as a plain file.
Code:
Starting PPP profile: papchap/libexec/ld-elf.so.1: Shared object "libintl.so.8" not found, required by "su"
I've tried googling for each of these with very limited success. Interestingly, I cannot ping the machine by IP from the internet when the PPP connection is up, though /var/log/messages says that there was a connection attempt to a closed port by an IP address I do not recognize, so there must be *some* level of connectivity present. (I'd guess by this message that the firewall isn't working right?) I've further verified that I'm unable to access anything on from the internet to this machine by doing an nmap -sS -p 0-65000 <my IP>; port 80 reports as being filtered and the rest are closed. (??? - there should be 53 for DNS, 80 for apache, 25 for SMTP, various ports for IMAP/POP, etc open. Using sockstat -4 I see that it's listening, though not on the external IP when the link is up. I shouldn't need to restart all the daemons after connecting, should I? Regardless, I'd think that all of these ports should show as filtered because they're open and nothing listening.)
I apologize for rambling... just trying to wrap my brain around what's going on and hoping that if I provide enough information, somebody will recognize the symptoms I'm experiencing. If anybody has ideas of where to look to remedy any of these problems, I'd appreciate them. (Here I thought this was going to be the easy part!)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.