DevHeads.net

Problems invoking amavis from postfix

I am building a new system on CentOS7 that has postfix 2.10.1 and
amavis-new 2.11.1

I am working from my notes of 2 years ago when I last did this
successfully so either something has changed since then (quite likely),
or I am missing something from my notes (also quite likely).

For main.cf I run:

postconf -e 'content_filter = amavis:[127.0.0.1]:10024'

Then I append to the default master.cf (working from my understanding
that the last instruction in master.cf encountered is the one applied,
rather than trying to edit what is there):

#
==========================================================================
# service type private unpriv chroot wakeup maxproc command + args #
(yes) (yes) (yes) (never) (100) #
==========================================================================
smtpd pass - - n - - smtpd submission inet n - n - - smtpd -o
smtpd_recipient_restrictions= pickup unix n - n 60 1 pickup -o
content_filter= relay unix - - n - - smtp -o fallback_relay= maildrop
unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop
-d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux
-r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - -
pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop
($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp
argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient # # spam/virus
section # amavis unix - - y - 2 lmtp -o lmtp_data_done_timeout=1200 -o
lmtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20
127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o
smtpd_delay_reject=no -o
smtpd_client_restrictions=permit_mynetworks,reject -o
smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o
smtpd_recipient_restrictions=permit_mynetworks,reject -o
smtpd_data_restrictions=reject_unauth_pipelining -o
smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o
mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o
smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o
smtpd_client_connection_count_limit=0 -o
smtpd_client_connection_rate_limit=0 -o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients= -o smtpd_milters= -o
local_recipient_maps= -o relay_recipient_maps= # # Dovecot LDA dovecot
unix - n n - - pipe flags=DRhu user=vmail:mail
argv=/usr/libexec/dovecot/deliver -d ${recipient} # # Vacation mail
vacation unix - n n - - pipe flags=Rq user=vacation
argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}

Dovecot is working just fine, BTW.  So I run a couple of tests:

sendmail -i <a href="mailto: ... at test dot htt-consult.com"> ... at test dot htt-consult.com</a> < sample-virus-simple.txt

Feb  7 12:52:57 klovia postfix/pickup[11341]: 9347458EC: uid=0 from=<root>
Feb  7 12:52:57 klovia postfix/cleanup[11458]: 9347458EC:
message-id=<20190207175257. ... at klovia dot htt-consult.com>
Feb  7 12:52:57 klovia postfix/qmgr[6089]: 9347458EC:
from=< ... at klovia dot htt-consult.com>, size=430, nrcpt=1 (queue active)
Feb  7 12:52:58 klovia dovecot: lda(<a href="mailto: ... at test dot htt-consult.com"> ... at test dot htt-consult.com</a>): sieve:
msgid=<20190207175257. ... at klovia dot htt-consult.com>: stored mail
into mailbox 'INBOX'
Feb  7 12:52:58 klovia postfix/pipe[11465]: 9347458EC:
to=< ... at test dot htt-consult.com>, relay=dovecot, delay=4.3,
delays=3.4/0.08/0/0.77, dsn=2.0.0, status=sent (delivered via dovecot
service)
Feb  7 12:52:58 klovia postfix/qmgr[6089]: 9347458EC: removed

sendmail -i <a href="mailto: ... at test dot htt-consult.com"> ... at test dot htt-consult.com</a> < sample-spam-GTUBE-junk.txt

Feb  7 12:54:08 klovia postfix/pickup[11341]: 860DE58EC: uid=0 from=<root>
Feb  7 12:54:08 klovia postfix/cleanup[11458]: 860DE58EC:
message-id=<GTUBE1. ... at example dot net>
Feb  7 12:54:08 klovia postfix/qmgr[6089]: 860DE58EC:
from=< ... at klovia dot htt-consult.com>, size=941, nrcpt=1 (queue active)
Feb  7 12:54:09 klovia dovecot: lda(<a href="mailto: ... at test dot htt-consult.com"> ... at test dot htt-consult.com</a>): sieve:
msgid=<GTUBE1. ... at example dot net>: stored mail into mailbox 'INBOX'
Feb  7 12:54:09 klovia postfix/pipe[11465]: 860DE58EC:
to=< ... at test dot htt-consult.com>, relay=dovecot, delay=0.89,
delays=0.37/0.02/0/0.5, dsn=2.0.0, status=sent (delivered via dovecot
service)
Feb  7 12:54:09 klovia postfix/qmgr[6089]: 860DE58EC: removed

Both right to INBOX.  Obviously I am missing something.  I have spent
the day reading over stuff, but I am missing what I am missing.

I hope someone here can lend a hand.  I suspect it is a 'small'
oversight as that all it takes.

thanks

Oh, and here is the status of amavisd:

# systemctl -l status amavisd
● amavisd.service - Amavisd-new is an interface between MTA and content
checkers.
   Loaded: loaded (/usr/lib/systemd/system/amavisd.service; enabled;
vendor preset: disabled)
   Active: active (running) since Thu 2019-02-07 08:16:59 EST; 7h ago
     Docs: <a href="http://www.ijs.si/software/amavisd/#doc" title="http://www.ijs.si/software/amavisd/#doc">http://www.ijs.si/software/amavisd/#doc</a>
  Process: 5715 ExecStart=/usr/sbin/amavisd -c
/etc/amavisd/amavisd.conf (code=exited, status=0/SUCCESS)
 Main PID: 6327 (/usr/sbin/amavi)
   CGroup: /system.slice/amavisd.service
           ├─6327 /usr/sbin/amavisd (master)
           ├─6336 /usr/sbin/amavisd (virgin child)
           └─6337 /usr/sbin/amavisd (virgin child)

Feb 07 08:16:59 klovia.htt-consult.com amavis[6327]: Found decoder
for    .lha  at /usr/bin/7z
Feb 07 08:16:59 klovia.htt-consult.com amavis[6327]: Found decoder
for    .iso  at /usr/bin/7z
Feb 07 08:16:59 klovia.htt-consult.com amavis[6327]: Found decoder
for    .exe  at /usr/bin/unarj
Feb 07 08:16:59 klovia.htt-consult.com amavis[6327]: Using primary
internal av scanner code for ClamAV-clamd
Feb 07 08:16:59 klovia.htt-consult.com amavis[6327]: Found secondary av
scanner ClamAV-clamscan at /usr/bin/clamscan
Feb 07 08:16:59 klovia.htt-consult.com amavis[6327]: Deleting db files
__db.002,snmp.db,nanny.db,__db.001,__db.003 in /var/spool/amavisd/db
Feb 07 08:16:59 klovia.htt-consult.com amavis[6327]: Creating db in
/var/spool/amavisd/db/; BerkeleyDB 0.51, libdb 5.3
Feb 07 08:17:00 klovia.htt-consult.com amavis[6327]: initializing
Mail::SpamAssassin (0)
Feb 07 08:17:08 klovia.htt-consult.com amavis[6327]: SpamControl:
init_pre_fork on SpamAssassin done
Feb 07 08:17:08 klovia.htt-consult.com amavis[6327]: extra modules
loaded after daemonizing/chrooting:
/usr/lib/perl5/vendor_perl/auto/Net/SSLeay/autosplit.ix,
/usr/lib/perl5/vendor_perl/auto/Net/SSLeay/randomize.al,
/usr/share/perl5/Net/libnet.cfg, IO/Socket/SSL.pm,
Mail/SpamAssassin/Plugin/FreeMail.pm,
Mail/SpamAssassin/Plugin/SpamCop.pm, Net/Cmd.pm, Net/Config.pm,
Net/SMTP.pm, Net/SSLeay.pm

Comments

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 11:16

I have dug some more and not found anything to help.  I went through
<a href="http://www.postfix.org/docs.html" title="http://www.postfix.org/docs.html">http://www.postfix.org/docs.html</a> where 2 of the amavis howtos are no
longer available.  I have replicated the main.cf and master.cf as shown
in <a href="http://www.shisaa.jp/postset/mailserver-1.html" title="http://www.shisaa.jp/postset/mailserver-1.html">http://www.shisaa.jp/postset/mailserver-1.html</a> and still no apparent
running of amavis on the test messages.

I have tried to get debugging working on postfix.  After reading
<a href="http://www.postfix.org/DEBUG_README.html" title="http://www.postfix.org/DEBUG_README.html">http://www.postfix.org/DEBUG_README.html</a>, I have tried appending -v to
the smtpd lines in master.cf and not seen any more detail.  All I am
seeing is:

Feb  8 11:11:45 klovia postfix/pickup[14472]: 3DD4059DA: uid=0 from=<root>
Feb  8 11:11:45 klovia postfix/cleanup[14478]: 3DD4059DA:
message-id=<20190208161145. ... at klovia dot htt-consult.com>
Feb  8 11:11:45 klovia postfix/qmgr[14473]: 3DD4059DA:
from=< ... at klovia dot htt-consult.com>, size=430, nrcpt=1 (queue active)
Feb  8 11:11:45 klovia dovecot: lda(<a href="mailto: ... at test dot htt-consult.com"> ... at test dot htt-consult.com</a>): sieve:
msgid=<20190208161145. ... at klovia dot htt-consult.com>: stored mail
into mailbox 'INBOX'
Feb  8 11:11:45 klovia postfix/pipe[14484]: 3DD4059DA:
to=< ... at test dot htt-consult.com>, relay=dovecot, delay=1.1,
delays=0.8/0.05/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot
service)
Feb  8 11:11:45 klovia postfix/qmgr[14473]: 3DD4059DA: removed

Something is wrong, but I have yet to find it.

Any and all help greatly appreciated.

On 2/7/19 4:16 PM, Robert Moskowitz wrote:

Re: Problems invoking amavis from postfix

By Dominic Raferd at 02/08/2019 - 11:36

On Fri, 8 Feb 2019 at 16:18, Robert Moskowitz <rgm@htt-consult.com> wrote:
Try sending to amavis via smtp, not lmtp, this is the way I have it
set up in master.cf (extract only):

...
amavis unix - - y - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
...

and check for the setting of inet_socket_port in amavis, which needs
to be 10024 (set as default in debian, but not in original
amavisd-new):
grep -r \$inet_socket_port /etc/amavis

You will need to restart amavis after any configuration changes, and
maybe reload postfix too (it's easy enough).

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 11:46

On 2/8/19 11:36 AM, Dominic Raferd wrote:
FWIW, my current, 4 year old system works with lmtp and all the docs I
have read say to use lmtp, but I will give this a try.

# grep -r \$inet_socket_port /etc/amavisd
/etc/amavisd/amavisd.conf:               # option(s) -p overrides
$inet_socket_port and $unix_socketname
/etc/amavisd/amavisd.conf:$inet_socket_port = 10024;   # listen on this
local TCP port(s)
/etc/amavisd/amavisd.conf:# $inet_socket_port = [10024,10026];  # listen
on multiple TCP ports

So that is right.  And I have tested this with 'telnet localhost 10024'.

Re: Problems invoking amavis from postfix

By Wietse Venema at 02/08/2019 - 11:31

Robert Moskowitz:
If you could summarize in one line what is wrong.

- You configured amavis via 'content_filter' but it is not being used?
In that case, what is the output from:

postconf -n content_filter
postconf -P "*/*/content_filter"

"postconf -P" requires Postfix 2.11 or later (released five years
ago, it is no longer supported).

- Something else? amavis via Milter API, but it is not being used?

Wietse

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 11:40

Wietse, thanks for responding.

On 2/8/19 11:31 AM, Wietse Venema wrote:
It does not seem that amavis-new is being called by postfix.  The test
Eicar message goes right through into INBOX.

content_filter = amavisfeed:[127.0.0.1]:10024

And CentOS7 is still on 2.10.1

Besides the content_filter in main.cf, I have the 'typical' lines in
master.cf:

amavisfeed unix    -    -    y    -    2    lmtp
    -o lmtp_data_done_timeout=1200
    -o lmtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
127.0.0.1:10025 inet n    -    n    -    -    smtpd
    -o content_filter=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o smtpd_restriction_classes=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
        -o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
    -o local_header_rewrite_clients=
    -o smtpd_milters=
    -o local_recipient_maps=
    -o relay_recipient_maps=

I suspect there is something else I have left out.

Re: Problems invoking amavis from postfix

By Wietse Venema at 02/08/2019 - 12:05

Robert Moskowitz:
Never overlook the impossible: what is logged when you execute
"postfix reload"? Does that configuration directory match the
location of the main.cf and master.cf files that you report here?

Wietse

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 12:24

On 2/8/19 12:05 PM, Wietse Venema wrote:
Here is some more information (asked in a private mail):

# postconf smtpd_milters content_filter smtpd_proxy_filter

smtpd_milters =
content_filter = amavisfeed:[127.0.0.1]:10024
smtpd_proxy_filter =

#postconf -Mxf

pickup     unix  n       -       n       60      1       pickup
cleanup    unix  n       -       n       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       n       1000?   1       tlsmgr
rewrite    unix  -       -       n       -       - trivial-rewrite
bounce     unix  -       -       n       -       0       bounce
defer      unix  -       -       n       -       0       bounce
trace      unix  -       -       n       -       0       bounce
verify     unix  -       -       n       -       1       verify
flush      unix  n       -       n       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       n       -       -       smtp
relay      unix  -       -       n       -       -       smtp
showq      unix  n       -       n       -       -       showq
error      unix  -       -       n       -       -       error
retry      unix  -       -       n       -       -       error
discard    unix  -       -       n       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       n       -       -       lmtp
anvil      unix  -       -       n       -       1       anvil
scache     unix  -       -       n       -       1       scache
Smtpd      pass  -       -       n       -       -       smtpd -v
submission inet  n       -       n       -       -       smtpd -v
    -o syslog_name=postfix/submission -o smtpd_tls_wrappermode=no
    -o smtpd_tls_security_level = encrypt -o smtpd_sasl_auth_enable=yes -o
smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination

    -o milter_macro_daemon_name=ORIGINATING
pickup     unix  n       -       n       60      1       pickup
    -o content_filter=
relay      unix  -       -       n       -       -       smtp
    -o fallback_relay=
maildrop   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
    ($recipient)
ifmail     unix  -       n       n       -       -       pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe
    flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop
    $recipient
amavisfeed unix  -       -       y       -       2       lmtp
    -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes
    -o disable_dns_lookups=yes -o max_use=20
127.0.0.1:10025 inet n   -       n       -       -       smtpd
    -o content_filter= -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions= -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes=
    -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
    -o local_header_rewrite_clients= -o smtpd_milters= -o
local_recipient_maps=
    -o relay_recipient_maps=
dovecot    unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
    ${recipient}
vacation   unix  -       n       n       -       -       pipe
    flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
${sender} --
    ${recipient}

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 12:21

On 2/8/19 12:05 PM, Wietse Venema wrote:
I suspect it is something 'obvious', but I don't think it is this:

# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
# tail /var/log/maillog -n10
Feb  8 11:52:22 klovia postfix/pickup[14557]: D519D5B15: uid=0 from=<root>
Feb  8 11:52:22 klovia postfix/cleanup[14563]: D519D5B15:
message-id=<20190208165222. ... at klovia dot htt-consult.com>
Feb  8 11:52:22 klovia postfix/qmgr[14558]: D519D5B15:
from=< ... at klovia dot htt-consult.com>, size=430, nrcpt=1 (queue active)
Feb  8 11:52:23 klovia dovecot: lda(<a href="mailto: ... at test dot htt-consult.com"> ... at test dot htt-consult.com</a>): sieve:
msgid=<20190208165222. ... at klovia dot htt-consult.com>: stored mail
into mailbox 'INBOX'
Feb  8 11:52:23 klovia postfix/pipe[14570]: D519D5B15:
to=< ... at test dot htt-consult.com>, relay=dovecot, delay=0.72,
delays=0.22/0.05/0/0.45, dsn=2.0.0, status=sent (delivered via dovecot
service)
Feb  8 11:52:23 klovia postfix/qmgr[14558]: D519D5B15: removed
Feb  8 12:00:53 klovia clamd[6346]: SelfCheck: Database status OK.
Feb  8 12:10:53 klovia clamd[6346]: SelfCheck: Database status OK.
Feb  8 12:18:32 klovia postfix/postfix-script[14641]: refreshing the
Postfix mail system
Feb  8 12:18:32 klovia postfix/master[14289]: reload -- version 2.10.1,
configuration /etc/postfix

And /etc/postfix is where I have my edited mail.cf and master.cf.

Re: Problems invoking amavis from postfix

By Viktor Dukhovni at 02/08/2019 - 12:32

[ Please avoid sending text with Unicode non-breaking spaces
instead of ordinary spaces. ]

The "pickup" service is defined twice in master.c, the second
instance (last one wins) disables content filtering for mail submitted
locally via sendmail(1).

Your test probe was sent via sendmail(1). Nothing to see here,
move along...

PATCH: Problems invoking amavis from postfix

By Wietse Venema at 02/08/2019 - 13:44

Viktor Dukhovni:
That was easy enough to fix:

Feb 8 13:42:53 spike postfix/master[53597]: warning: duplicate master.cf entry for service "pickup" (public/pickup)-- using the last entry

--- ./src/master/master_conf.c- 2019-02-08 13:39:50.000000000 -0500
+++ ./src/master/master_conf.c 2019-02-08 13:36:28.000000000 -0500
@@ -117,6 +117,14 @@
}

/*
+ * Warn about duplicate entry.
+ */
+ else if ((serv->flags & MASTER_FLAG_MARK) == 0) {
+ msg_warn("duplicate master.cf entry for service \"%s\" (%s)"
+ "-- using the last entry", serv->ext_name, serv->name);
+ }
+
+ /*
* Update an existing service entry. Make the current generation of
* child processes commit suicide whenever it is convenient. The next
* generation of child processes will run with the new configuration

Re: PATCH: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 14:07

On 2/8/19 1:44 PM, Wietse Venema wrote:
When I was working on this 2 years ago, I thought it was kind of cool
that instead of editing master.cf entries to fix them, I could just
append a whole new entry with the 'right' content.

Much easier to automate changes (as we had nothing like postconf -e for
changing master.cf).  If I read the patch right, you are providing a
warning of the double entry.  Perhaps a better patch would warn and drop
all but the last entry?

Re: PATCH: Problems invoking amavis from postfix

By Viktor Dukhovni at 02/08/2019 - 14:10

It is not the job of master(8) to edit master.cf. Indeed that file
might reside in read-only storage.

If you meant "use only the last one", as Wietse also notes, that's the
current behaviour.

Re: PATCH: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 14:18

On 2/8/19 2:10 PM, Viktor Dukhovni wrote:
I did not think that postfix should edit master.cf.  Only its internal
processes would use the last entry found.

Re: PATCH: Problems invoking amavis from postfix

By Wietse Venema at 02/08/2019 - 14:31

Robert Moskowitz:
To make this abundantly clear, adding this warning does not change program behavior.

Wietse

Re: PATCH: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 14:41

On 2/8/19 2:31 PM, Wietse Venema wrote:
I did see that, and because i assumed Viktor's typo (and I am a master
at making typos) was a 'new' insight (for me) into postfix that there
was something more at work here.

Got it all now.

I hope.

:)

Re: PATCH: Problems invoking amavis from postfix

By Wietse Venema at 02/08/2019 - 14:08

Robert Moskowitz:
Why do you think it was keeping both pickup entries?

Wietse

Re: PATCH: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 14:15

On 2/8/19 2:08 PM, Wietse Venema wrote:
Well, I am not sure.  From Viktor's earlier note, it seems that the last
wins and the earlier ones are just ignored.  Maybe it is that Viktor
said, "master.c" and I don't know what "master.c" different from
"master.cf" that is in /etc/postfix.

I kind of assumed (and we know what that is an abbreviation for) that
"master.c" is an internal entry in postfix built from processing
master.cf.  Thus why keep all but the last in the internal table?

Re: PATCH: Problems invoking amavis from postfix

By Viktor Dukhovni at 02/08/2019 - 14:17

A simple typo. I meant master.cf.

Re: Problems invoking amavis from postfix

By Dominic Raferd at 02/08/2019 - 12:42

I have to say - great catch ;-)

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 13:26

On 2/8/19 12:42 PM, Dominic Raferd wrote:
I pulled out that 2nd pickup entry (and I know where I picked up doing
this, sigh):

Feb  8 13:22:30 klovia postfix/master[14289]: reload -- version 2.10.1,
configuration /etc/postfix
Feb  8 13:22:49 klovia postfix/pickup[14743]: E01D25B15: uid=0 from=<root>
Feb  8 13:22:49 klovia postfix/cleanup[14751]: E01D25B15:
message-id=<20190208182249. ... at klovia dot htt-consult.com>
Feb  8 13:22:50 klovia postfix/qmgr[14744]: E01D25B15:
from=< ... at klovia dot htt-consult.com>, size=430, nrcpt=1 (queue active)
Feb  8 13:22:50 klovia amavis[13505]: (13505-02) LMTP [127.0.0.1]:10024
/var/spool/amavisd/tmp/amavis-20190208T132250-13505-c4dwb85j:
< ... at klovia dot htt-consult.com> -> < ... at test dot htt-consult.com> SIZE=430
Received: from klovia.htt-consult.com ([127.0.0.1]) by localhost
(klovia.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP
for < ... at test dot htt-consult.com>; Fri,  8 Feb 2019 13:22:50 -0500 (EST)
Feb  8 13:22:50 klovia amavis[13505]: (13505-02) Checking: ry67P_Ijljpy
[127.0.0.1] < ... at klovia dot htt-consult.com> -> < ... at test dot htt-consult.com>
Feb  8 13:22:50 klovia clamd[6346]:
/var/spool/amavisd/tmp/amavis-20190208T132250-13505-c4dwb85j/parts/p002:
Eicar-Test-Signature FOUND
Feb  8 13:22:50 klovia clamd[6346]:
/var/spool/amavisd/tmp/amavis-20190208T132250-13505-c4dwb85j/parts/p001:
Eicar-Test-Signature FOUND
Feb  8 13:22:50 klovia amavis[13505]: (13505-02) Blocked INFECTED
(Eicar-Test-Signature) {DiscardedInbound,Quarantined}, [127.0.0.1]
< ... at klovia dot htt-consult.com> -> < ... at test dot htt-consult.com>, Message-ID:
<20190208182249. ... at klovia dot htt-consult.com>, mail_id:
ry67P_Ijljpy, Hits: -, size: 430, 383 ms
Feb  8 13:22:50 klovia postfix/lmtp[14755]: E01D25B15:
to=< ... at test dot htt-consult.com>, relay=127.0.0.1[127.0.0.1]:10024,
delay=3, delays=2.5/0.04/0.01/0.39, dsn=2.7.0, status=sent (250 2.7.0
Ok, discarded, id=13505-02 - INFECTED: Eicar-Test-Signature)
Feb  8 13:22:50 klovia postfix/qmgr[14744]: E01D25B15: removed

thank you, thank you, thank you...

Re: Problems invoking amavis from postfix

By Viktor Dukhovni at 02/08/2019 - 13:42

Be careful to not introduce loops. That override to skip content filters
with pickup(8) is required if you even decide to use "simple content filters"
as described in FILTER_README. If all your filters are SMTP or LMTP, and
you want to filter local submission, then it is safe to remove the overide.

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 14:00

On 2/8/19 1:42 PM, Viktor Dukhovni wrote:
I am going to leave it out for now.  I will revisit this when I start
working on using MILTER and adding DKIM and such.  For now, I have to
get this system upgrade completed.  Getting close.

Re: Problems invoking amavis from postfix

By Wietse Venema at 02/08/2019 - 12:32

Robert Moskowitz:
One more:

ps ax|grep master

Wietse

Re: Problems invoking amavis from postfix

By Robert Moskowitz at 02/08/2019 - 13:20

On 2/8/19 12:32 PM, Wietse Venema wrote:
13500 ?        Ss     0:11 /usr/sbin/amavisd (master)
14289 ?        Ss     0:01 /usr/libexec/postfix/master -w
14729 ttySAC2  S+     0:00 grep --color=auto master