Loading ...
Sorry, an error occurred while loading the content.

Unable to write a very simple access policy server

Expand Messages
  • Jeremie Le Hen
    Hi list, I m experiencing SMTP Access Policy Delegation. I ve written a very dumb policy daemon: % #!/usr/bin/perl % % open LOG, /tmp/policystub.log ; %
    Message 1 of 7 , Aug 1 5:33 AM
    • 0 Attachment
      Hi list,

      I'm experiencing SMTP Access Policy Delegation.
      I've written a very dumb policy daemon:

      % #!/usr/bin/perl
      %
      % open LOG, '>> /tmp/policystub.log';
      % while (<STDIN>) {
      % print LOG $_;
      % print LOG "HEX: ".(unpack "H*", $_)."\n";
      % chomp;
      % print "action=DUNNO\n\n" if ($_ eq '');
      % }
      % close LOG;

      Testing it manually, it seems to work as expected:
      % postfix1# printf 'attribute=value\n\n' | /root/policystub.pl
      % action=DUNNO
      %
      % postfix1# cat /tmp/policystub.log
      % attribute=value
      % HEX: 6174747269627574653d76616c75650a
      %
      % HEX: 0a

      I've set it up in master.cf(5):
      % stub unix - n n - 0 spawn user=nobody argv=/root/policystub.pl

      And main.cf(5):
      % smtpd_recipient_restrictions =
      % check_policy_service unix:private/stub,
      % permit_mynetworks,
      % reject_unauth_destination

      Unfortunately, this simply doesn't work. I'm pretty sure I've missed
      something, but I didn't manage to understand what. I've tried to use
      an inet socket as well, without success. Nevertheless when I look in
      /tmp/policystub.log I can see all attributes sent by Postfix as well
      as the final empty line, which means the communication from Postfix
      to the policy server though spawn(8) works correctly, but the reply
      doesn't find its path.

      I've added -v to smtpd and spawn, but saw nothing relevant.
      I've not attached the log file with this mail as it contains more than
      500 lines, but it is available here:
      http://tataz.chchile.org/~tataz/postfix.log.gz

      Thank you very much for your future help :-).
      Best regards,
      --
      Jeremie Le Hen
      < jeremie at le-hen dot org >< ttz at chchile dot org >
    • Martin Schmitt
      ... $| = 1; # to disable Perl s buffering of output. ... This works because policystub.pl terminates after EOF. Under master s control, the smtpd remains
      Message 2 of 7 , Aug 1 6:18 AM
      • 0 Attachment
        Jeremie Le Hen schrieb:

        > % #!/usr/bin/perl

        $| = 1; # to disable Perl's buffering of output.

        > % open LOG, '>> /tmp/policystub.log';
        > % while (<STDIN>) {
        > % print LOG $_;
        > % print LOG "HEX: ".(unpack "H*", $_)."\n";
        > % chomp;
        > % print "action=DUNNO\n\n" if ($_ eq '');
        > % }
        > % close LOG;
        >
        > Testing it manually, it seems to work as expected:
        > % postfix1# printf 'attribute=value\n\n' | /root/policystub.pl
        > % action=DUNNO

        This works because policystub.pl terminates after EOF. Under master's
        control, the smtpd remains connected to the policy service, which
        buffers output and therefore doesn't answer immediately.

        -martin


        --
        Martin Schmitt - Schmitt Systemberatung - http://www.scsy.de
        DE 35415 Pohlheim, Gießener Str. 18
        DE 65307 Bad Schwalbach, Am Bräunchesberg 9
        Linux/UNIX - Internet - E-Mail Infrastructure - Antispam/Antivirus
        - "What goes up, must come down. Ask any system administrator." -
      • Doug
        I m running postfix on SuSE Linux 10.2. I have set relay_domains = $mynetworks. I am concerned because when I go into Webmin and look at the Mail Queue for
        Message 3 of 7 , Aug 1 6:44 AM
        • 0 Attachment
          I'm running postfix on SuSE Linux 10.2. I have set relay_domains =
          $mynetworks.

          I am concerned because when I go into Webmin and look at the Mail Queue for
          Postfix, I see entries like this:

          merrowydfip@... postmaster@... 20.08 kB connect to
          com.com[216.239.113.101]: Connection timed out

          This could not have come from any of my users. Right now I have 4 messages to
          postmaster@..., and one to root@.... The status on one of them
          is "Connection Timed Out"

          I do get lots of spam, which I have managed to cut in half with postfix and
          spamassassin.

          Doug
        • Brett Dikeman
          ... com.com is the domain used by CNET and company to enable cross-site popups, cookie sharing, and such. Brett
          Message 4 of 7 , Aug 1 7:19 AM
          • 0 Attachment
            On 8/1/07, Doug <doug@...> wrote:

            > This could not have come from any of my users. Right now I have 4 messages to
            > postmaster@..., and one to root@.... The status on one of them
            > is "Connection Timed Out"

            com.com is the domain used by CNET and company to enable cross-site
            popups, cookie sharing, and such.

            Brett
          • Barry Irwin
            ... Hi Doug What these look to possibly be is bounce messages? Although without seeing a full snippet of your mailq and particularly the mail logs its
            Message 5 of 7 , Aug 1 7:22 AM
            • 0 Attachment
              Doug wrote:
              > I'm running postfix on SuSE Linux 10.2. I have set relay_domains =
              > $mynetworks.
              >
              > I am concerned because when I go into Webmin and look at the Mail Queue for
              > Postfix, I see entries like this:
              >
              > merrowydfip@... postmaster@... 20.08 kB connect to
              > com.com[216.239.113.101]: Connection timed out
              >
              > This could not have come from any of my users. Right now I have 4 messages to
              > postmaster@..., and one to root@.... The status on one of them
              > is "Connection Timed Out"
              >
              > I do get lots of spam, which I have managed to cut in half with postfix and
              > spamassassin.
              >
              > Doug

              Hi Doug

              What these look to possibly be is bounce messages? Although without
              seeing a full snippet of your mailq and particularly the mail logs its
              difficult to say.

              If you trace these addresses in your maillogs form which hosts were they
              received ? What is your domain? without all the pieces its a little
              hard for people to assist you. PLease revisit the welcome message you
              got when you joined the list for details on what kind of information to
              provide to aid in debugging.

              Barry
            • Doug
              Well, I didn t want to take up too much time here. My main concern is that I m not being a relay for spam. Here s a grep of /var/logs/mail. customosas.com,
              Message 6 of 7 , Aug 1 8:28 AM
              • 0 Attachment
                Well, I didn't want to take up too much time here. My main concern is that I'm
                not being a relay for spam.

                Here's a grep of /var/logs/mail. customosas.com, mentioned near the end, is
                one of my mail domains, the other being dougnc.com

                Thanks!


                venture:/var/log # grep com.com mail | grep "Aug 1" | more
                Aug 1 01:09:15 venture postfix/smtp[23700]: connect to
                com.com[216.239.122.102]: Connection timed ou
                t (port 25)
                Aug 1 01:09:45 venture postfix/smtp[23700]: connect to
                com.com[216.239.113.101]: Connection timed ou
                t (port 25)
                Aug 1 01:09:45 venture postfix/smtp[23700]: 616B76CBD9:
                to=<postmaster@...>, orig_to=<mail@custo
                mosas.com>, relay=none, delay=60, delays=0.08/0.02/60/0, dsn=4.4.1,
                status=deferred (connect to com.c
                om[216.239.113.101]: Connection timed out)
                Aug 1 01:18:05 venture postfix/qmgr[4402]: A7BFC6C9E9: from=<root@...>,
                size=501, nrcpt=1 (queue
                active)
                Aug 1 01:18:35 venture postfix/smtp[23766]: connect to
                com.com[216.239.113.101]: Connection timed ou
                t (port 25)
                Aug 1 01:18:35 venture postfix/smtp[23765]: connect to
                com.com[216.239.113.101]: Connection timed ou
                t (port 25)
                Aug 1 01:18:35 venture postfix/smtp[23768]: connect to
                com.com[216.239.122.102]: Connection timed ou
                t (port 25)
                Aug 1 01:18:35 venture postfix/smtp[23767]: connect to
                com.com[216.239.113.101]: Connection timed ou
                t (port 25)
                Aug 1 01:19:05 venture postfix/smtp[23766]: connect to
                com.com[216.239.122.102]: Connection timed ou
                t (port 25)
                Aug 1 01:19:05 venture postfix/smtp[23765]: connect to
                com.com[216.239.122.102]: Connection timed ou
                t (port 25)
                Aug 1 01:19:05 venture postfix/smtp[23767]: connect to
                com.com[216.239.122.102]: Connection timed ou
                t (port 25)
                Aug 1 01:19:05 venture postfix/smtp[23768]: connect to
                com.com[216.239.113.101]: Connection timed ou
                t (port 25)
                Aug 1 01:19:06 venture postfix/smtp[23768]: 5F2C96CBDA:
                to=<postmaster@...>, orig_to=<mail@custo
                mosas.com>, relay=none, delay=70102, delays=70042/0.14/60/0, dsn=4.4.1,
                status=deferred (connect to c
                om.com[216.239.113.101]: Connection timed out)
                Aug 1 01:19:06 venture postfix/smtp[23766]: 1D3F36CBD6:
                to=<postmaster@...>, orig_to=<mail@custo
                mosas.com>, relay=none, delay=404546, delays=404485/0.03/60/0, dsn=4.4.1,
                status=deferred (connect to

                Doug


                On Wednesday 01 August 2007 10:22, Barry Irwin wrote:
                > Doug wrote:
                > > I'm running postfix on SuSE Linux 10.2. I have set relay_domains =
                > > $mynetworks.
                > >
                > > I am concerned because when I go into Webmin and look at the Mail Queue
                > > for Postfix, I see entries like this:
                > >
                > > merrowydfip@... postmaster@... 20.08 kB connect to
                > > com.com[216.239.113.101]: Connection timed out
                > >
                > > This could not have come from any of my users. Right now I have 4
                > > messages to postmaster@..., and one to root@.... The status on
                > > one of them is "Connection Timed Out"
                > >
                > > I do get lots of spam, which I have managed to cut in half with postfix
                > > and spamassassin.
                > >
                > > Doug
                >
                > Hi Doug
                >
                > What these look to possibly be is bounce messages? Although without
                > seeing a full snippet of your mailq and particularly the mail logs its
                > difficult to say.
                >
                > If you trace these addresses in your maillogs form which hosts were they
                > received ? What is your domain? without all the pieces its a little
                > hard for people to assist you. PLease revisit the welcome message you
                > got when you joined the list for details on what kind of information to
                > provide to aid in debugging.
                >
                > Barry
              • Jeremie Le Hen
                Hi, Martin, ... Indeed, after studying the example greylist.pl, it appeared the only difference was the lack of $| = 1. Thank you for your help! Best regards,
                Message 7 of 7 , Aug 1 8:31 AM
                • 0 Attachment
                  Hi, Martin,

                  On Wed, Aug 01, 2007 at 03:18:25PM +0200, Martin Schmitt wrote:
                  > Jeremie Le Hen schrieb:
                  >
                  > > % #!/usr/bin/perl
                  >
                  > $| = 1; # to disable Perl's buffering of output.
                  >
                  > > % open LOG, '>> /tmp/policystub.log';
                  > > % while (<STDIN>) {
                  > > % print LOG $_;
                  > > % print LOG "HEX: ".(unpack "H*", $_)."\n";
                  > > % chomp;
                  > > % print "action=DUNNO\n\n" if ($_ eq '');
                  > > % }
                  > > % close LOG;
                  > >
                  > > Testing it manually, it seems to work as expected:
                  > > % postfix1# printf 'attribute=value\n\n' | /root/policystub.pl
                  > > % action=DUNNO
                  >
                  > This works because policystub.pl terminates after EOF. Under master's
                  > control, the smtpd remains connected to the policy service, which
                  > buffers output and therefore doesn't answer immediately.

                  Indeed, after studying the example greylist.pl, it appeared the only
                  difference was the lack of $| = 1. Thank you for your help!

                  Best regards,
                  --
                  Jeremie Le Hen
                  < jeremie at le-hen dot org >< ttz at chchile dot org >
                Your message has been successfully submitted and would be delivered to recipients shortly.