Nevermind - I do know how to solve that now. (Figured it out all on my own; I must be getting to know something here! Now that's a scary thought! )

In master.cf I added the following under the options for the 127.0.0.1:10025 line. This I believe overrides the settings in main.cf and disables TLS when talking on the 127.0.0.1 interface on port 10025.



Going to go re-test the greylisting feature and will report back. Thanks again for your help Billy.

I've done extensive testing since my last post. I was able to get pop-before-smtp to play nice with SMTP AUTH, which should make setting up handheld devices much easier. There are still 2 issues which I don't believe are related to each other.


The first is a warning in /var/log/maillog - it does not affect functionality as far as I can tell. I've tried googling for the error, but nearly all the results I've found have been caused by localhost not being in /etc hosts - it is in mine. There is a thread here that describes the problem on fedora, but it was last updated in Feb 2007 and no solution was found. I can also ping localhost from a command line and if I comment out the amavisd content filter line, the warning disappears, which indicates that the problem must be either with amavisd or clamav.


The second issue actually affects functionality. Greylisting is indeed not working. I've tried sending mail to myself (jim@domain1, jim@domain2, etc) from a variety of addresses outside of my domains and the mail arrives immediately. According to the postgrey docs, it should use a tuple of client ip/sender address/recipient address to greylist messages. My understanding would be that changing any one of these should cause a message to be delayed, but it is not. Question - I'm sending mail to a user at my domain using the SMTP server on the same machine as the user's account. (I have had to do this to test because the internet line *still* is not functional.) Question - could using an SMTP server to send mail to a user on the same machine cause postgrey to be non-functional? If not, any suggestions as to where to look to fix greylisting?

More info on the warning. When I set bypass_virus_checks_maps, bypass_spam_checks_maps, and bypass_decode_parts to 1 in amavisd.conf to disable everything (meaning amavis should do nothing but shuffle messages around), the error still shows in /var/log/maillog whenever a message is sent. However, 'localhost' never appears in an uncommented fashion in amavisd.conf... puzzling.

OK, fixed the postgrey problem - working fine now. (It indeed was the fact that I was using the SMTP server located on the same machine - the earlier permit_ lines shorted out the following tests and therefore postgrey was never contacted. I commented out all the lines except for the stipulation about postgrey and bam- grelisting worked! )

Now to go back to the amavisd warning being generated in /var/log/maillog...

Why do you think it's an amvisd issue?

Can you post your /etc/hosts - it could be something simple in there you are missing (but then maybe not - can't hurt to try though).

What instructions did you follow for greylisting? Did you use this http://postgrey.schweikert.ch/?

I believe it's an amavisd issue because when I comment out this line in main.cf, the problem disappears. This led me to believe it was a problem with either amavis or clamav.

If I disable everything in amavisd.conf by setting bypass_*_checks to 1 (really, just uncomment the lines that were already there), the problem is still there. This eliminates clamav as a possible problem and isolates amavis as the culprit.

Is there a flaw in my troubleshooting?



I used directions from a variety of resources I found on the internet describing greylisting. Surprisingly to me, the postgrey home page has almost nothing in the way of documentation.

Sorry - forgot to include my /etc/hosts file. I snipped out the comments.

Did you see http://flakshack.com/anti-spam/wiki/...g+greylisting?

It probably won't help, but try

I'll have a look at the greylisting later today if I get a chance

Edit -what does you re-injection look like in master.cf (the 10025 line)

Greylisting is now working on my system Billy - I was sending mail using the SMTP server local to the machine and therefore was permitted to send before getting to the line interfacing with postgrey. (The internet line isn't in yet and I've been testing using my local network.)


I have tried changing the line to reflect the syntax that you suggest. (Using localhost instead of the 127.0.0.1 loopback IP.) It did indeed make the error go away, but messages weren't being scanned by clam anymore either.

I believe this is the line you want.

I don't recall from earlier postings - are you trying to chroot postfix?

Honestly, I do not know what that means. How would I tell?

Then you probably want to change the y to an n in

You're awesome dude - changing the y to an n as you illustrated made the problem disappear! (Teach me to copy & paste without understanding things... then again, if I would've insisted on understanding everything before I did it, I'd probably be at about the 'install postfix' stage. ) The amavisd line in master.cf has a y in that same column, but is working - wonder why that would work and having it on this line would generate errors... have to research what 'chroot' means after I'm done with this project. (Other than changing the root file system to a different directory/device; I've done that installing/troubleshooting systems, but don't see how that'd apply here.)



Thanks again man - I'm now off to install SquirrelMail and Apache, hopefully before the internet line is ready so I can test the PPPoE connection when it's in. Getting near the end now! (A good thing since my deadline is tomorrow evening! )

I was able to get Apache installed and working for virtual hosts. I also installed SquirrelMail and got the login page to show up before I left last night, but haven't done anything further with it because I've been working on getting the DSL line up and running.



The internet line is now in and working, though I'm having a few issues. (Big surprise there!) Anybody have experience using a PPPoE connection with FreeBSD? I had the machine on my local network and before moving it to the DSL line, I did the following:

1. Updated the IP address in /etc/hosts
2. Updated the IP address in /etc/namedb/master/domain.tld files
3. Updated /etc/pf.conf to use tun0 instead of the ethernet card for the external interface
4. Set up PPP by following directions found in a variety of HOWTOs.
5. Rebooted.



Here are the errors that are popping up when I connect via PPP, though strangely enough it seems to be working for outgoing traffic.



This error pops up seemingly at random when connecting. I found a post here that says it's harmless, but wanted to include it in case it's important.



Finally, PPP refuses to start with the machine; I need to manually start it from a command line. This message is displayed when the machine boots up and runs into the PPP config. I did a find / -name libintl.so.8 -print and found the file in /usr/local/lib/ as a plain file.



I've tried googling for each of these with very limited success. Interestingly, I cannot ping the machine by IP from the internet when the PPP connection is up, though /var/log/messages says that there was a connection attempt to a closed port by an IP address I do not recognize, so there must be *some* level of connectivity present. (I'd guess by this message that the firewall isn't working right?) I've further verified that I'm unable to access anything on from the internet to this machine by doing an nmap -sS -p 0-65000 <my IP>; port 80 reports as being filtered and the rest are closed. (??? - there should be 53 for DNS, 80 for apache, 25 for SMTP, various ports for IMAP/POP, etc open. Using sockstat -4 I see that it's listening, though not on the external IP when the link is up. I shouldn't need to restart all the daemons after connecting, should I? Regardless, I'd think that all of these ports should show as filtered because they're open and nothing listening.)

I apologize for rambling... just trying to wrap my brain around what's going on and hoping that if I provide enough information, somebody will recognize the symptoms I'm experiencing. If anybody has ideas of where to look to remedy any of these problems, I'd appreciate them. (Here I thought this was going to be the easy part!)

Ruler, I'd suggest starting a new thread with this one.

Cheers


Bill