Hallo liebe Community,

 

ich hab da auch einmal ein paar Fragen und ich hoffe Ihr könnt einem noch nicht ganz so fitten
postfixer wie mir helfen. Wäre nett wenn Ihr mal drüber schaut. Bin für jede Empfehlung offen,
bzw. was könnte ich verbessern.

Installiert habe ich bis jetzt, Postfix, Amavis mit ClamAv (Eicar-Test-Signature wird erkannt) , Dovecot mit POP3.

Funktioniert soweit auch alles ganz gut. (laut logs)

Es folgt noch:  SASL Auth, Dovecot mit IMAP und Spamassassin.

FRAGEN:
1. Ist meine Config bislang so OK? Beachten: Mynetworks ist ABSICHTLICH nicht vorhanden.(s.u)

 

2. Zum Testen habe ich habe MyNetworks auskommentiert, trotzdem lässt mich Postfix relayen, Warum?
Schein irgendwie ein Problem mit Amavis zu sein, oder? Oder doch alles richtig?

3. Kann ich mit IMAP eine Gruppenmailbox nutzen/erstellen?  Z.B. Unsere Service-Abteilung besteht aus 4 Leuten, die immer das Problem haben,
das Sie nicht wissen, wer eine Mail gerade bearbeitet.
Aktuell verteile ich intern die Mails an die verschiedenen Personen.  Das ist aber wie gesagt ziemlich blöd.
Ist so etwas mit IMAP möglich, sodass die Kollegen sehen, das die Mail gerade von jemanden Anderem bearbeitet wird?
Hoffe Ihr versteht was ich meine.

Hier nun meine Configs und logs:

 

postconf –n

 

address_verify_map = btree:/var/spool/postfix/verified_senders

address_verify_negative_cache = no

alias_maps = hash:/etc/aliases

bounce_queue_lifetime = 1d

command_directory = /usr/sbin

config_directory = /etc/postfix

content_filter = amavisfeed:[127.0.0.1]:10024

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

html_directory = /usr/share/doc/packages/postfix-doc/html

mail_owner = postfix

mail_spool_directory = /var/mail

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

maximal_queue_lifetime = 4d

mydestination = $mydomain, $myhostname, localhost, localhost.$mydomain

mydomain = example.com

myhostname = dsmail.example.com

myorigin = $mydomain

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

relayhost = mail.draht-schutz.com

sample_directory = /usr/share/doc/packages/postfix-doc/samples

sendmail_path = /usr/sbin/sendmail

setgid_group = maildrop

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth

smtpd_data_restrictions = reject_multi_recipient_bounce

smtpd_delay_reject = yes

smtpd_helo_required = yes

smtpd_recipient_restrictions =

  reject_non_fqdn_recipient 

  reject_non_fqdn_sender  

  reject_unknown_sender_domain 

  reject_unknown_recipient_domain  

  permit_mynetworks  

  reject_sender_login_mismatch  

  check_client_access hash:/etc/postfix/internal_networks  

  check_sender_access hash:/etc/postfix/not_our_domain_as_sender  

  reject_unauth_destination  

  check_recipient_access hash:/etc/postfix/roleaccount_exceptions  

  reject_multi_recipient_bounce  

  reject_invalid_helo_hostname  

  check_helo_access pcre:/etc/postfix/helo_checks  

  check_sender_mx_access cidr:/etc/postfix/bogus_mx  

  reject_rbl_client zen.spamhaus.org  

  reject_rbl_client dnsbl.sorbs.net  

  reject_unverified_sender  

  check_sender_access regexp:/etc/postfix/common_spam_senderdomain_keywords  

  permit

 

smtpd_restriction_classes = has_our_domain_as_sender

transport_retry_time = 600

unknown_local_recipient_reject_code = 550

 

***************************************************************************

 

#Master.cf

smtp      inet  n       -       n       -       -       smtpd

#submission inet n      -       n       -       -       smtpd

#       -o smtpd_etrn_restrictions=reject

#       -o smtpd_client_restrictions=permit_sasl_authenticated,reject

#smtps    inet  n       -       n       -       -       smtpd -o smtpd_tls_wrappermode=yes

#  -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

#submission   inet    n       -       n       -       -       smtpd

#  -o smtpd_etrn_restrictions=reject

#  -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes

#628      inet  n       -       n       -       -       qmqpd

pickup    fifo  n       -       n       60      1       pickup

cleanup   unix  n       -       n       -       0       cleanup

qmgr      fifo  n       -       n       300     1       qmgr

#qmgr     fifo  n       -       n       300     1       oqmgr

#tlsmgr    unix  -       -       n       1000?   1       tlsmgr

rewrite   unix  -       -       n       -       -       trivial-rewrite

bounce    unix  -       -       n       -       0       bounce

defer     unix  -       -       n       -       0       bounce

trace     unix  -       -       n       -       0       bounce

verify    unix  -       -       n       -       1       verify

flush     unix  n       -       n       1000?   0       flush

proxymap  unix  -       -       n       -       -       proxymap

smtp      unix  -       -       n       -       -       smtp

# When relaying mail as backup MX, disable fallback_relay to avoid MX loops

relay     unix  -       -       n       -       -       smtp

        -o fallback_relay=

#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

showq     unix  n       -       n       -       -       showq

error     unix  -       -       n       -       -       error

discard   unix  -       -       n       -       -       discard

local     unix  -       n       n       -       -       local

virtual   unix  -       n       n       -       -       virtual

lmtp      unix  -       -       n       -       -       lmtp

anvil     unix  -       -       n       -       1       anvil

#localhost:10025 inet   n       -       n       -       -       smtpd -o content_filter=

scache    unix  -       -       n       -       1       scache

 

amavisfeed  unix  -      -       n       -       2       smtp

  -o smtp_data_done_timeout=1200

  -o smtp_send_xforward_command=yes

  -o smtp_tls_note_starttls_offer=no

 

127.0.0.1:10025  inet  n       -       n       -       -      smtpd

  -o content_filter=

  -o smtpd_delay_reject=no

  -o smtpd_client_restrictions=permit_mynetworks,reject

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtp_recipient_restrictions=permit_mynetworks,reject

  -o smtpd_data_restrictions=reject_unauth_pipelining

  -o smtpd_end_of_data_restrictions=

  -o smtpd_restriction_classes=

  -o mynetworks=127.0.0.0/8

  -o smtpd_error_sleep_time=0

  -o smtpd_soft_error_limit=1001

  -o smtpd_hard_error_limit=1000

  -o smtpd_client_connection_cont_limit=0

  -o smtpd_client_connection_rate_limit=0

  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters

  -o smtpd_milters=

  -o local_recipient_maps=

  -o relay_recipient_maps=

 

# maildrop. See the Postfix MAILDROP_README file for details.

# Also specify in main.cf: maildrop_destination_recipient_limit=1

#

maildrop  unix  -       n       n       -       -       pipe

  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}

cyrus     unix  -       n       n       -       -       pipe

  user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}

uucp      unix  -       n       n       -       -       pipe

  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail    unix  -       n       n       -       -       pipe

  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)

bsmtp     unix  -       n       n       -       -       pipe

  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

procmail  unix  -       n       n       -       -       pipe

  flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}

retry     unix  -       -       n       -       -       error

proxywrite unix -       -       n       -       1       proxymap

 

 

***************************************************************************

 

/var/log/mail:

Feb  7 15:51:25 dsmail postfix/smtpd[24496]: connect from unknown[192.168.78.193]

Feb  7 15:51:26 dsmail postfix/smtpd[24496]: warning: restriction `reject_authenticated_sender_login_mismatch' ignored: no SASL support

Feb  7 15:51:26 dsmail postfix/smtpd[24496]: warning: restriction `reject_unauthenticated_sender_login_mismatch' ignored: no SASL support

Feb  7 15:51:26 dsmail postfix/smtpd[24496]: 533F354837A: client=unknown[192.168.78.193]

Feb  7 15:51:26 dsmail postfix/cleanup[24500]: 533F354837A: message-id=<000e01caa805$014e6c20$03eb4460$@test@example.com>

Feb  7 15:51:26 dsmail postfix/qmgr[24233]: 533F354837A: from=<test@example.com>, size=2666, nrcpt=1 (queue active)

Feb  7 15:51:29 dsmail postfix/smtpd[24496]: disconnect from unknown[192.168.78.193]

Feb  7 15:51:46 dsmail postfix/smtpd[24504]: connect from localhost[127.0.0.1]

Feb  7 15:51:46 dsmail postfix/smtpd[24504]: A6E7654838A: client=localhost[127.0.0.1]

Feb  7 15:51:46 dsmail postfix/cleanup[24500]: A6E7654838A: message-id=<000e01caa805$014e6c20$03eb4460$@test@example.com>

Feb  7 15:51:46 dsmail postfix/smtpd[24504]: disconnect from localhost[127.0.0.1]

Feb  7 15:51:46 dsmail postfix/qmgr[24233]: A6E7654838A: from=<test@example.com>, size=3118, nrcpt=1 (queue active)

Feb  7 15:51:46 dsmail amavis[22273]: (22273-02) Passed CLEAN, MYNETS LOCAL [192.168.78.193] [192.168.78.193] <test@example.com> -> <ms-icarus@gmx.de>, Message-ID: <000e01caa805$014e6c20$03eb4460$@test@example.com>, mail_id: vDShC64ofj0G, Hits: -0.997, size: 2666, queued_as: A6E7654838A, 19896 ms

Feb  7 15:51:46 dsmail postfix/smtp[24501]: 533F354837A: to=<ms-icarus@gmx.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=20, delays=0.56/0.02/0/20, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as A6E7654838A)

Feb  7 15:51:46 dsmail postfix/qmgr[24233]: 533F354837A: removed

Feb  7 15:51:47 dsmail postfix/smtp[24506]: A6E7654838A: to=<ms-icarus@gmx.de>, relay=mail.draht-schutz.com[213.131.227.36]:25, delay=0.49, delays=0.01/0.01/0.26/0.21, dsn=2.0.0, status=sent (250 ok 1265554357 qp 2223)

Feb  7 15:51:47 dsmail postfix/qmgr[24233]: A6E7654838A: removed

 

Mit freundlichen Grüßen

Mario