Loading ...
Sorry, an error occurred while loading the content.

Re: bare user names and {dk,sid}-milter

Expand Messages
  • Mark Martinec
    ... A brave soul! Mark
    Message 1 of 10 , Aug 1, 2006
    • 0 Attachment
      On Tuesday August 1 2006 08:17, Tony Earnshaw wrote:
      > ps aux | grep dk-filter
      > root 31123 0.0 0.1 46392 1644 ? Ssl Jul26
      ^^^^
      > 0:05 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl -
      > s /etc/certs/dk-filter/mail.private.pem -S mail -C dnserror=tempfail
      > -H -D

      A brave soul!

      Mark
    • Tony Earnshaw
      ... Hmmm ... ps auxwww|grep dk- postfix 14702 0.0 0.0 14284 1160 ? Ssl 11:35 0:00 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl - s
      Message 2 of 10 , Aug 1, 2006
      • 0 Attachment
        ty den 01.08.2006 Klokka 10:46 (+0200) skreiv Mark Martinec:

        > On Tuesday August 1 2006 08:17, Tony Earnshaw wrote:
        > > ps aux | grep dk-filter
        > > root 31123 0.0 0.1 46392 1644 ? Ssl Jul26
        > ^^^^
        > > 0:05 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl -
        > > s /etc/certs/dk-filter/mail.private.pem -S mail -C dnserror=tempfail
        > > -H -D
        >
        > A brave soul!

        Hmmm ...

        ps auxwww|grep dk-
        postfix 14702 0.0 0.0 14284 1160 ? Ssl 11:35
        0:00 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl -
        s /etc/certs/dk-filter/mail.private.pem -S mail -C dnserror=tempfail -u
        postfix -H -D

        Seems to work, still signs mail ... now I'll have to change all my rpm
        stuff, bother.

        Thanks anyway :)

        --Tonni

        --
        Tony Earnshaw
        tonni at barlaeus.nl
      • Mark Martinec
        Tony, ... ^^^^^^^^^^^^^ Mark
        Message 3 of 10 , Aug 1, 2006
        • 0 Attachment
          Tony,

          > ty den 01.08.2006 Klokka 10:46 (+0200) skreiv Mark Martinec:
          > > On Tuesday August 1 2006 08:17, Tony Earnshaw wrote:
          > > > ps aux | grep dk-filter
          > > > root 31123 0.0 0.1 46392 1644 ? Ssl Jul26
          > > ^^^^
          > > > 0:05 /usr/bin/dk-filter -l -p inet:10003 ...
          > >
          > > A brave soul!

          > Hmmm ...
          > ps auxwww|grep dk-
          > postfix 14702 0.0 0.0 14284 1160 ? Ssl 11:35
          ^^^^^^^
          > 0:00 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl -
          > s /etc/certs/dk-filter/mail.private.pem -S mail -C dnserror=tempfail -u
          > postfix -H -D
          >
          > Seems to work, still signs mail ... now I'll have to change all my rpm
          > stuff, bother.


          http://www.postfix.org/MILTER_README.html :

          | To run a Milter application, see the documentation of the filter for
          | options. A typical command looks like this:
          | # /some/where/dk-filter -u userid -p inet:portnumber@localhost ...
          | Please specify a userid value that isn't used for other applications
          | (not "postfix", not "www", etc.).
          ^^^^^^^^^^^^^

          Mark
        • Tuan Van
          ... Thanks for response. I have postfix 2.3.2 and dk-milter 0.4.1 but dk-milter isn t the one that rejects mail. I took sid-milter (0.2.13) out then mail from
          Message 4 of 10 , Aug 1, 2006
          • 0 Attachment
            Tony Earnshaw wrote:
            > This doesn't happen on our site running Postfix 2.3.2 and dk-milter
            > 1.4.1 with Wietse's patch as documented in the 2.3.2 MILTER_README.html.
            > Maybe your startup parameters are wrong?
            >
            > ps aux | grep dk-filter
            > root 31123 0.0 0.1 46392 1644 ? Ssl Jul26
            > 0:05 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl -
            > s /etc/certs/dk-filter/mail.private.pem -S mail -C dnserror=tempfail -H
            > -D
            >
            > Make sure you don't have -C nosignature=reject or similar.
            >
            > --Tonni
            >
            >

            Thanks for response. I have postfix 2.3.2 and dk-milter 0.4.1 but
            dk-milter isn't the one that rejects mail. I took sid-milter (0.2.13)
            out then mail from <someone> goes through (I should have tried that
            before.). I've posted in the wrong forum. Just want to correct thing
            I've mis-reported.

            dk-milter and sid-milter start with:
            # ps aux | grep -- -filter
            milter 11417 0.0 0.2 20612 1064 ? Ssl 08:32 0:00
            /usr/bin/dk-filter -u milter -l -p inet:8025@localhost -c simple -d
            mytestmail.gotdns.org -s /etc/mail/dk-filter/test.private -S test
            milter 13985 0.0 0.1 27612 824 ? Ssl 09:07 0:00
            /usr/bin/sid-filter -u milter -l -p inet:8026@localhost -d
            mytestmail.gotdns.com

            below is the verbose logs

            dk-milter only:
            Aug 1 08:42:26 mail postfix/smtpd[11706]: connection established
            Aug 1 08:42:26 mail postfix/smtpd[11706]: master_notify: status 0
            Aug 1 08:42:26 mail postfix/smtpd[11706]: name_mask: resource
            Aug 1 08:42:26 mail postfix/smtpd[11706]: name_mask: software
            Aug 1 08:42:26 mail postfix/smtpd[11706]: xsasl_cyrus_server_create:
            SASL service=smtp, realm=(null)
            Aug 1 08:42:26 mail postfix/smtpd[11706]: name_mask: noanonymous
            Aug 1 08:42:26 mail postfix/smtpd[11706]: connect from localhost[127.0.0.1]
            Aug 1 08:42:26 mail postfix/smtpd[11706]: match_list_match: localhost:
            no match
            Aug 1 08:42:26 mail postfix/smtpd[11706]: match_list_match: 127.0.0.1:
            no match
            Aug 1 08:42:26 mail postfix/smtpd[11706]: match_list_match: localhost:
            no match
            Aug 1 08:42:26 mail postfix/smtpd[11706]: match_list_match: 127.0.0.1:
            no match
            Aug 1 08:42:26 mail postfix/smtpd[11706]: match_hostname: localhost ~?
            127.0.0.0/8
            Aug 1 08:42:26 mail postfix/smtpd[11706]: match_hostaddr: 127.0.0.1 ~?
            127.0.0.0/8
            Aug 1 08:42:26 mail postfix/smtpd[11706]: report connect to all milters
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter_macro_lookup: "j"
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter_macro_lookup: result
            "mail.mytestmail.gotdns.org"
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{daemon_name}"
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter_macro_lookup: result
            "mail.mytestmail.gotdns.org"
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter_macro_lookup: "v"
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter_macro_lookup: result
            "Postfix 2.3.2"
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect: non-protocol
            events for protocol version 2: SMFIP_NOUNKNOWN SMFIP_NODATA 0xfffffc00
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect:
            transport=inet endpoint=localhost:8026
            Aug 1 08:42:26 mail postfix/smtpd[11706]: trying... [127.0.0.1]
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect: my_version=0x2
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect:
            my_actions=0x3d SMFIF_ADDHDRS SMFIF_ADDRCPT SMFIF_DELRCPT SMFIF_CHGHDRS
            SMFIF_QUARANTINE
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect:
            my_events=0x7f SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL SMFIP_NORCPT
            SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect: milter
            inet:localhost:8026 version 2
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect: events
            SMFIP_NOHELO SMFIP_NORCPT SMFIP_NOBODY
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_connect: requests
            SMFIF_ADDHDRS SMFIF_CHGHDRS
            Aug 1 08:42:26 mail postfix/smtpd[11706]: milter8_conn_event: milter
            inet:localhost:8026: connect localhost/127.0.0.1
            Aug 1 08:42:26 mail postfix/smtpd[11706]: event: SMFIC_CONNECT; macros:
            j=mail.mytestmail.gotdns.org {daemon_name}=mail.mytestmail.gotdns.org
            v=Postfix 2.3.2
            Aug 1 08:42:26 mail postfix/smtpd[11706]: reply: SMFIR_CONTINUE data 0
            bytes
            Aug 1 08:42:26 mail postfix/smtpd[11706]: > localhost[127.0.0.1]: 220
            mail.mytestmail.gotdns.org ESMTP Postfix
            Aug 1 08:42:43 mail postfix/smtpd[11706]: < localhost[127.0.0.1]: EHLO
            example.com
            Aug 1 08:42:43 mail postfix/smtpd[11706]: report helo to all milters
            Aug 1 08:42:43 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{tls_version}"
            Aug 1 08:42:43 mail postfix/smtpd[11706]: milter_macro_lookup: "{cipher}"
            Aug 1 08:42:43 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{cipher_bits}"
            Aug 1 08:42:43 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{cert_subject}"
            Aug 1 08:42:43 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{cert_issuer}"
            Aug 1 08:42:43 mail postfix/smtpd[11706]: milter8_helo_event: milter
            inet:localhost:8026: helo example.com
            Aug 1 08:42:43 mail postfix/smtpd[11706]: event: SMFIC_HELO; macros: (none)
            Aug 1 08:42:43 mail postfix/smtpd[11706]: skipping event SMFIC_HELO for
            milter inet:localhost:8026
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]:
            250-mail.mytestmail.gotdns.org
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]:
            250-PIPELINING
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]:
            250-SIZE 10240000
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]: 250-VRFY
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]: 250-ETRN
            Aug 1 08:42:43 mail postfix/smtpd[11706]: match_list_match: localhost:
            no match
            Aug 1 08:42:43 mail postfix/smtpd[11706]: match_list_match: 127.0.0.1:
            no match
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]:
            250-AUTH PLAIN
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]:
            250-ENHANCEDSTATUSCODES
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]:
            250-8BITMIME
            Aug 1 08:42:43 mail postfix/smtpd[11706]: > localhost[127.0.0.1]: 250 DSN
            Aug 1 08:42:51 mail postfix/smtpd[11706]: < localhost[127.0.0.1]: MAIL
            FROM:<someone>
            Aug 1 08:42:51 mail postfix/smtpd[11706]: extract_addr: input: <someone>
            Aug 1 08:42:51 mail postfix/smtpd[11706]: smtpd_check_addr: addr=someone
            Aug 1 08:42:51 mail postfix/smtpd[11706]: ctable_locate: leave existing
            entry key someone
            Aug 1 08:42:51 mail postfix/smtpd[11706]: extract_addr: in: <someone>,
            result: someone
            Aug 1 08:42:51 mail postfix/smtpd[11706]: report sender to all milters
            Aug 1 08:42:51 mail postfix/smtpd[11706]: milter_macro_lookup: "i"
            Aug 1 08:42:51 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{auth_type}"
            Aug 1 08:42:51 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{auth_authen}"
            Aug 1 08:42:51 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{auth_author}"
            Aug 1 08:42:51 mail postfix/smtpd[11706]: milter_macro_lookup:
            "{mail_addr}"
            Aug 1 08:42:51 mail postfix/smtpd[11706]: milter_macro_lookup: result
            "someone"
            Aug 1 08:42:51 mail postfix/smtpd[11706]: milter8_mail_event: milter
            inet:localhost:8026: mail <someone>
            Aug 1 08:42:51 mail postfix/smtpd[11706]: event: SMFIC_MAIL; macros:
            {mail_addr}=someone
            Aug 1 08:42:51 mail postfix/smtpd[11706]: reply: SMFIR_TEMPFAIL data 0
            bytes
            Aug 1 08:42:51 mail postfix/smtpd[11706]: NOQUEUE: milter-reject: MAIL
            from localhost[127.0.0.1]: 451 4.7.1 Service unavailable - try again
            later; proto=ESMTP helo=<example.com>
            Aug 1 08:42:51 mail postfix/smtpd[11706]: > localhost[127.0.0.1]: 451
            4.7.1 Service unavailable - try again later

            sid-milter only:
            Aug 1 08:48:35 mail postfix/smtpd[11874]: connection established
            Aug 1 08:48:35 mail postfix/smtpd[11874]: master_notify: status 0
            Aug 1 08:48:35 mail postfix/smtpd[11874]: name_mask: resource
            Aug 1 08:48:35 mail postfix/smtpd[11874]: name_mask: software
            Aug 1 08:48:35 mail postfix/smtpd[11874]: xsasl_cyrus_server_create:
            SASL service=smtp, realm=(null)
            Aug 1 08:48:35 mail postfix/smtpd[11874]: name_mask: noanonymous
            Aug 1 08:48:35 mail postfix/smtpd[11874]: connect from localhost[127.0.0.1]
            Aug 1 08:48:35 mail postfix/smtpd[11874]: match_list_match: localhost:
            no match
            Aug 1 08:48:35 mail postfix/smtpd[11874]: match_list_match: 127.0.0.1:
            no match
            Aug 1 08:48:35 mail postfix/smtpd[11874]: match_list_match: localhost:
            no match
            Aug 1 08:48:35 mail postfix/smtpd[11874]: match_list_match: 127.0.0.1:
            no match
            Aug 1 08:48:35 mail postfix/smtpd[11874]: match_hostname: localhost ~?
            127.0.0.0/8
            Aug 1 08:48:35 mail postfix/smtpd[11874]: match_hostaddr: 127.0.0.1 ~?
            127.0.0.0/8
            Aug 1 08:48:35 mail postfix/smtpd[11874]: report connect to all milters
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter_macro_lookup: "j"
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter_macro_lookup: result
            "mail.mytestmail.gotdns.org"
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{daemon_name}"
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter_macro_lookup: result
            "mail.mytestmail.gotdns.org"
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter_macro_lookup: "v"
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter_macro_lookup: result
            "Postfix 2.3.2"
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect: non-protocol
            events for protocol version 2: SMFIP_NOUNKNOWN SMFIP_NODATA 0xfffffc00
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect:
            transport=inet endpoint=localhost:8025
            Aug 1 08:48:35 mail postfix/smtpd[11874]: trying... [127.0.0.1]
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect: my_version=0x2
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect:
            my_actions=0x3d SMFIF_ADDHDRS SMFIF_ADDRCPT SMFIF_DELRCPT SMFIF_CHGHDRS
            SMFIF_QUARANTINE
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect:
            my_events=0x7f SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL SMFIP_NORCPT
            SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect: milter
            inet:localhost:8025 version 2
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect: events
            SMFIP_NOHELO SMFIP_NORCPT
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_connect: requests
            SMFIF_ADDHDRS SMFIF_CHGHDRS
            Aug 1 08:48:35 mail postfix/smtpd[11874]: milter8_conn_event: milter
            inet:localhost:8025: connect localhost/127.0.0.1
            Aug 1 08:48:35 mail postfix/smtpd[11874]: event: SMFIC_CONNECT; macros:
            j=mail.mytestmail.gotdns.org {daemon_name}=mail.mytestmail.gotdns.org
            v=Postfix 2.3.2
            Aug 1 08:48:35 mail postfix/smtpd[11874]: reply: SMFIR_CONTINUE data 0
            bytes
            Aug 1 08:48:35 mail postfix/smtpd[11874]: > localhost[127.0.0.1]: 220
            mail.mytestmail.gotdns.org ESMTP Postfix
            Aug 1 08:48:42 mail postfix/smtpd[11874]: < localhost[127.0.0.1]: EHLO
            example.com
            Aug 1 08:48:42 mail postfix/smtpd[11874]: report helo to all milters
            Aug 1 08:48:42 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{tls_version}"
            Aug 1 08:48:42 mail postfix/smtpd[11874]: milter_macro_lookup: "{cipher}"
            Aug 1 08:48:42 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{cipher_bits}"
            Aug 1 08:48:42 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{cert_subject}"
            Aug 1 08:48:42 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{cert_issuer}"
            Aug 1 08:48:42 mail postfix/smtpd[11874]: milter8_helo_event: milter
            inet:localhost:8025: helo example.com
            Aug 1 08:48:42 mail postfix/smtpd[11874]: event: SMFIC_HELO; macros: (none)
            Aug 1 08:48:42 mail postfix/smtpd[11874]: skipping event SMFIC_HELO for
            milter inet:localhost:8025
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]:
            250-mail.mytestmail.gotdns.org
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]:
            250-PIPELINING
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]:
            250-SIZE 10240000
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]: 250-VRFY
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]: 250-ETRN
            Aug 1 08:48:42 mail postfix/smtpd[11874]: match_list_match: localhost:
            no match
            Aug 1 08:48:42 mail postfix/smtpd[11874]: match_list_match: 127.0.0.1:
            no match
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]:
            250-AUTH PLAIN
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]:
            250-ENHANCEDSTATUSCODES
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]:
            250-8BITMIME
            Aug 1 08:48:42 mail postfix/smtpd[11874]: > localhost[127.0.0.1]: 250 DSN
            Aug 1 08:48:48 mail postfix/smtpd[11874]: < localhost[127.0.0.1]: MAIL
            FROM:<someone>
            Aug 1 08:48:48 mail postfix/smtpd[11874]: extract_addr: input: <someone>
            Aug 1 08:48:48 mail postfix/smtpd[11874]: smtpd_check_addr: addr=someone
            Aug 1 08:48:48 mail postfix/smtpd[11874]: ctable_locate: leave existing
            entry key someone
            Aug 1 08:48:48 mail postfix/smtpd[11874]: extract_addr: in: <someone>,
            result: someone
            Aug 1 08:48:48 mail postfix/smtpd[11874]: report sender to all milters
            Aug 1 08:48:48 mail postfix/smtpd[11874]: milter_macro_lookup: "i"
            Aug 1 08:48:48 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{auth_type}"
            Aug 1 08:48:48 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{auth_authen}"
            Aug 1 08:48:48 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{auth_author}"
            Aug 1 08:48:48 mail postfix/smtpd[11874]: milter_macro_lookup:
            "{mail_addr}"
            Aug 1 08:48:48 mail postfix/smtpd[11874]: milter_macro_lookup: result
            "someone"
            Aug 1 08:48:48 mail postfix/smtpd[11874]: milter8_mail_event: milter
            inet:localhost:8025: mail <someone>
            Aug 1 08:48:48 mail postfix/smtpd[11874]: event: SMFIC_MAIL; macros:
            {mail_addr}=someone
            Aug 1 08:48:48 mail postfix/smtpd[11874]: reply: SMFIR_CONTINUE data 0
            bytes
            Aug 1 08:48:48 mail postfix/smtpd[11874]: fsspace: .: block size 4096,
            blocks free 89226
            Aug 1 08:48:48 mail postfix/smtpd[11874]: smtpd_check_queue: blocks
            4096 avail 89226 min_free 0 msg_size_limit 10240000
            Aug 1 08:48:48 mail postfix/smtpd[11874]: > localhost[127.0.0.1]: 250
            2.1.0 Ok
          • Tony Earnshaw
            ... Okok .. 1075 [root:mercurius.intern] /etc/sysconfig # ps aux |grep dk- milter 6422 0.0 0.0 15376 1160 ? Ssl 18:41 0:00 /usr/bin/dk-filter -l
            Message 5 of 10 , Aug 1, 2006
            • 0 Attachment
              ty den 01.08.2006 Klokka 16:59 (+0200) skreiv Mark Martinec:

              > > ty den 01.08.2006 Klokka 10:46 (+0200) skreiv Mark Martinec:
              > > > On Tuesday August 1 2006 08:17, Tony Earnshaw wrote:
              > > > > ps aux | grep dk-filter
              > > > > root 31123 0.0 0.1 46392 1644 ? Ssl Jul26
              > > > ^^^^
              > > > > 0:05 /usr/bin/dk-filter -l -p inet:10003 ...
              > > >
              > > > A brave soul!
              >
              > > Hmmm ...
              > > ps auxwww|grep dk-
              > > postfix 14702 0.0 0.0 14284 1160 ? Ssl 11:35
              > ^^^^^^^
              > > 0:00 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl -
              > > s /etc/certs/dk-filter/mail.private.pem -S mail -C dnserror=tempfail -u
              > > postfix -H -D
              > >
              > > Seems to work, still signs mail ... now I'll have to change all my rpm
              > > stuff, bother.
              >
              >
              > http://www.postfix.org/MILTER_README.html :
              >
              > | To run a Milter application, see the documentation of the filter for
              > | options. A typical command looks like this:
              > | # /some/where/dk-filter -u userid -p inet:portnumber@localhost ...
              > | Please specify a userid value that isn't used for other applications
              > | (not "postfix", not "www", etc.).
              > ^^^^^^^^^^^^^

              Okok ..

              1075 [root:mercurius.intern] /etc/sysconfig # ps aux |grep dk-

              milter 6422 0.0 0.0 15376 1160 ? Ssl 18:41
              0:00 /usr/bin/dk-filter -l -p inet:10003 -d barlaeus.nl -
              s /etc/certs/dk-filter/mail.private.pem -S mail -C dnserror=tempfail -u
              milter -H -D

              "Nu is het welletjes" as they say here in Holland, "No kan det vera nok"
              in my homeland. I absolutely refuse to add a new milter user for each
              milter application I add; I'm amenable to every security push I get,
              until things begin to get ridiculous.

              Thanks again (dunno what we'd do without amavisd.new 2.4)

              --Tonni

              --
              Tony Earnshaw
              tonni at barlaeus.nl
            • Noel Jones
              ... Sounds as if you need to add localhost and internal networks to sid-milter s peerlist. See the sid-milter docs and support forums for more details. % man
              Message 6 of 10 , Aug 1, 2006
              • 0 Attachment
                At 12:44 PM 7/31/2006, Tuan Van wrote:
                >Hi list,
                >when a local user send an email with an address without
                >the domain part,
                >{dk,sid}-milter reject it.
                > I wonder if there is a fix for this except force local
                > user to use
                >fully qualified email address.

                Sounds as if you need to add localhost and internal
                networks to sid-milter's peerlist. See the sid-milter docs
                and support forums for more details.

                % man 8 sid-filter
                ...
                -a peerlist
                Identifies a file of "peers" which
                identifies clients whose con-
                nections should be accepted without
                processing by this filter.
                The peerlist should contain on each line a
                hostname, domain name
                (e.g. ".example.com"), IP address, or
                CIDR-style IP specifica-
                tion (e.g. "192.168.1.0/24").
                ...


                --
                Noel Jones
              • Geoff W
                ... That s all well and good (and sensible!) but it complicates matters a whole lot when you use sockets (especially if they are in a directory not owned by
                Message 7 of 10 , Aug 2, 2006
                • 0 Attachment
                  On Tue, 1 Aug 2006 16:59:07 +0200, Mark Martinec wrote:

                  >http://www.postfix.org/MILTER_README.html :
                  >
                  >| To run a Milter application, see the documentation of the filter for
                  >| options. A typical command looks like this:
                  >| # /some/where/dk-filter -u userid -p inet:portnumber@localhost ...
                  >| Please specify a userid value that isn't used for other applications
                  >| (not "postfix", not "www", etc.).
                  > ^^^^^^^^^^^^^

                  That's all well and good (and sensible!) but it complicates matters a whole lot when you use sockets (especially if they are in a directory not owned by 'mail' group)!

                  Geoff
                Your message has been successfully submitted and would be delivered to recipients shortly.