From owner-freebsd-questions@FreeBSD.ORG Thu Apr 30 18:36:25 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F2A471F9 for ; Thu, 30 Apr 2015 18:36:24 +0000 (UTC) Received: from mail-ig0-x229.google.com (mail-ig0-x229.google.com [IPv6:2607:f8b0:4001:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BA9541CFB for ; Thu, 30 Apr 2015 18:36:24 +0000 (UTC) Received: by igbhj9 with SMTP id hj9so21585093igb.1 for ; Thu, 30 Apr 2015 11:36:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=2bZhVFEaUXGLLGG28ma1d685n/59o6mnX+j7GJ/h/y4=; b=fmf2FHSHQaT69AYbMSKcBMY5gH6ley27qAKlAImHFhb8lwFzhI9PWBlNXVHDC2XKrw P+wbVktPfIPNZ6JdaOLNr4618Oe7QbzuL4tZhkbb5SjPXO+J3uhtAAiHVXcxepxtUJIO Ao/YAb2M7hTRTpVrL9TPU1ocr0dFwODPldk4pihDi55t6UjSFuqY/Ka7A3Vd1MyTD09t BYsQEYeLRIMaC4Xtl+gEEKx6HqRzIt9Eyh6NVR2gw5bIYPzP+DTazdVto4jXPdarBknV YQs3qVaYNrX1r4Iuf5kX+7+06fZLt2A4JJ8IqKif+Af2eoP61V4U/6HRbBw2nivnIo+u ihsQ== X-Received: by 10.50.97.33 with SMTP id dx1mr3207544igb.1.1430418984155; Thu, 30 Apr 2015 11:36:24 -0700 (PDT) Received: from [10.0.10.5] (cpe-76-190-244-6.neo.res.rr.com. [76.190.244.6]) by mx.google.com with ESMTPSA id l128sm1989889iol.1.2015.04.30.11.36.22 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 30 Apr 2015 11:36:23 -0700 (PDT) Message-ID: <55427638.7020206@gmail.com> Date: Thu, 30 Apr 2015 14:36:40 -0400 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Noel CC: freebsd-questions@freebsd.org Subject: Re: using pkg for postfix/spamassassin install References: <55416FEB.3020101@gmail.com> <55418DF3.4000102@gmail.com> <554211DC.8030502@gmail.com> <55422DE7.2010506@gmail.com> In-Reply-To: <55422DE7.2010506@gmail.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Apr 2015 18:36:25 -0000 Noel wrote: > On 4/30/2015 6:28 AM, Ernie Luzar wrote: >> Noel wrote: >>> On 4/29/2015 6:57 PM, Ernie Luzar wrote: >>>> Hello list. >>>> >>>> For many years been using postfix/qpopper for email service on my >>>> lan with no problems. Now I want to add spamassassin in >>>> preperation so I can also admin my public domain name on my own >>>> computer instead of having my domain hoster do it for me. >>>> >>>> This is a list of my goals, >>>> make email password required to send/receive email. >>>> have email tagged with word "spam" in email subject line. >>>> have spam email list all the spamassassin tests with scores in >>>> the >>>> header so they can be seen. >>>> don't have postfix duplicate any test that spamassassion is >>>> doing. >>>> Use the pkg version of postfix & spamassassin. >>>> Don't use any custom scripts >>>> Can NOT be used as a relay email server by the public. >>>> Auto-forward some old unused email address to a current email >>>> address. >>>> use port 5225 instead of port 25. >>>> >>>> >>>> Now I have read many postfix spamassassin config howtos, but they >>>> are all out dated, using previous versions of freebsd or old >>>> versions of postfix and or spamassassin. And for sure none of them >>>> talk about using the new pkg versions. I have based my config on >>>> this howto http://www.freebsdonline.com/content/view/556/506/ >>>> >>>> When I run with the following config files I get this error over >>>> and over again until I postfix stop. Any help would be greatly >>>> appreciated. >>>> >>>> Apr 29 17:58:25 powerman sendmail[1915]: t3TLwPYV001915: >>>> SYSERR(spamd): Too many hops 27 (25 max): from MAILER-DAEMON via >>>> localhost, to bob@powerman.com >>>> Apr 29 17:58:40 powerman sendmail[1941]: t3TLweS4001941: >>>> SYSERR(spamd): Too many hops 27 (25 max): from MAILER-DAEMON via >>>> localhost, to MAILER-DAEMON@powerman.com >>>> >>>> /usr/local/etc/postfix/master.cf >>>> # >>>> # Postfix master process configuration file. For details on the >>>> format >>>> # of the file, see the master(5) manual page (command: "man 5 >>>> master" or >>>> # on-line: http://www.postfix.org/master.5.html). >>>> # >>>> # Do not forget to execute "postfix reload" after editing this >>>> file. >>>> # >>>> # >>>> ========================================================================== >>>> >>>> # service type private unpriv chroot wakeup maxproc command + >>>> args >>>> # (yes) (yes) (no) (never) (100) >>>> # >>>> ========================================================================== >>>> >>>> smtp inet n - n - - smtpd >>>> -o content_filter=spamassassin >>>> >>>> #smtp inet n - n - 1 postscreen >>>> #smtpd pass - - n - - smtpd >>>> #dnsblog unix - - n - 0 dnsblog >>>> #tlsproxy unix - - n - 0 tlsproxy >>>> #submission inet n - n - - smtpd >>>> # -o syslog_name=postfix/submission >>>> # -o smtpd_tls_security_level=encrypt >>>> # -o smtpd_sasl_auth_enable=yes >>>> # -o smtpd_reject_unlisted_recipient=no >>>> # -o smtpd_client_restrictions=$mua_client_restrictions >>>> # -o smtpd_helo_restrictions=$mua_helo_restrictions >>>> # -o smtpd_sender_restrictions=$mua_sender_restrictions >>>> # -o smtpd_recipient_restrictions= >>>> # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject >>>> # -o milter_macro_daemon_name=ORIGINATING >>>> #smtps inet n - n - - smtpd >>>> # -o syslog_name=postfix/smtps >>>> # -o smtpd_tls_wrappermode=yes >>>> # -o smtpd_sasl_auth_enable=yes >>>> # -o smtpd_reject_unlisted_recipient=no >>>> # -o smtpd_client_restrictions=$mua_client_restrictions >>>> # -o smtpd_helo_restrictions=$mua_helo_restrictions >>>> # -o smtpd_sender_restrictions=$mua_sender_restrictions >>>> # -o smtpd_recipient_restrictions= >>>> # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject >>>> # -o milter_macro_daemon_name=ORIGINATING >>>> #628 inet n - n - - qmqpd >>>> pickup unix n - n 60 1 pickup >>>> cleanup unix n - n - 0 cleanup >>>> qmgr unix n - n 300 1 qmgr >>>> #qmgr unix n - n 300 1 oqmgr >>>> tlsmgr unix - - n 1000? 1 tlsmgr >>>> rewrite unix - - n - - >>>> trivial-rewrite >>>> bounce unix - - n - 0 bounce >>>> defer unix - - n - 0 bounce >>>> trace unix - - n - 0 bounce >>>> verify unix - - n - 1 verify >>>> flush unix n - n 1000? 0 flush >>>> proxymap unix - - n - - proxymap >>>> proxywrite unix - - n - 1 proxymap >>>> smtp unix - - n - - smtp >>>> relay unix - - n - - smtp >>>> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 >>>> showq unix n - n - - showq >>>> error unix - - n - - error >>>> retry unix - - n - - error >>>> discard unix - - n - - discard >>>> local unix - n n - - local >>>> virtual unix - n n - - virtual >>>> lmtp unix - - n - - lmtp >>>> anvil unix - - n - 1 anvil >>>> scache unix - - n - 1 scache >>>> # >>>> # >>>> ==================================================================== >>>> >>>> # Interfaces to non-Postfix software. >>>> # >>>> spamassassin unix - n n - - pipe >>>> user=spamd argv=/usr/local/bin/spamc -f -e >>>> /usr/sbin/sendmail -oi -f ${sender} ${recipient} >>>> >>>> >>>> >>>> /usr/local/etc/postfix/main.cf >>>> biff = no >>>> syslog_facility = local5 >>>> disable_dns_lookups = yes >>>> mailbox_size_limit = 100000000 >>>> message_size_limit = 100000000 >>>> ## 9999 value disables compatibility function >>>> compatibility_level = 9999 >>>> smtputf8_enable = no >>>> >>>> >>>> >>>> >>>> /usr/local/etc/mail/spamassassin/local.cf >>>> # This is the right place to customize your installation of >>>> SpamAssassin. >>>> # >>>> # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be >>>> # tweaked. >>>> # >>>> # Only a small subset of options are listed below >>>> # >>>> ########################################################################### >>>> >>>> >>>> >>>> # Add *****SPAM***** to the Subject header of spam e-mails >>>> # >>>> rewrite_header Subject *****SPAM***** >>>> >>>> >>>> # Save spam messages as a message/rfc822 MIME attachment >>>> instead of >>>> # modifying the original message (0: off, 2: use text/plain >>>> instead) >>>> # >>>> report_safe 1 >>>> >>>> >>>> # Set which networks or hosts are considered 'trusted' by your >>>> mail >>>> # server (i.e. not spammers) >>>> # >>>> # trusted_networks 212.17.35. >>>> >>>> >>>> # Set file-locking method (flock is not safe over NFS, but is >>>> faster) >>>> # >>>> # lock_method flock >>>> >>>> >>>> # Set the threshold at which a message is considered spam >>>> (default: 5.0) >>>> # >>>> # required_score 5.0 >>>> >>>> >>>> # Use Bayesian classifier (default: 1) >>>> # >>>> # use_bayes 1 >>>> >>>> >>>> # Bayesian classifier auto-learning (default: 1) >>>> # >>>> # bayes_auto_learn 1 >>>> >>>> >>>> # Set headers which may provide inappropriate cues to the >>>> Bayesian >>>> # classifier >>>> # >>>> # bayes_ignore_header X-Bogosity >>>> # bayes_ignore_header X-Spam-Flag >>>> # bayes_ignore_header X-Spam-Status >>>> >>>> >>>> # Some shortcircuiting, if the plugin is enabled >>>> # >>>> ifplugin Mail::SpamAssassin::Plugin::Shortcircuit > >>>> # >>>> # default: strongly-whitelisted mails are *really* whitelisted >>>> now, if the >>>> # shortcircuiting plugin is active, causing early exit to save >>>> CPU load. >>>> # Uncomment to turn this on >>>> # >>>> # shortcircuit USER_IN_WHITELIST on >>>> # shortcircuit USER_IN_DEF_WHITELIST on >>>> # shortcircuit USER_IN_ALL_SPAM_TO on >>>> # shortcircuit SUBJECT_IN_WHITELIST on >>>> >>>> # the opposite; blacklisted mails can also save CPU >>>> # >>>> # shortcircuit USER_IN_BLACKLIST on >>>> # shortcircuit USER_IN_BLACKLIST_TO on >>>> # shortcircuit SUBJECT_IN_BLACKLIST on >>>> >>>> # if you have taken the time to correctly specify your >>>> "trusted_networks", >>>> # this is another good way to save CPU >>>> # >>>> # shortcircuit ALL_TRUSTED on >>>> >>>> # and a well-trained bayes DB can save running rules, too >>>> # >>>> # shortcircuit BAYES_99 spam >>>> # shortcircuit BAYES_00 ham >>>> >>>> endif # Mail::SpamAssassin::Plugin::Shortcircuit >>>> >>>> >>>> >>> You have the sendmail package installed, along with postfix. >> Remove >>> or disable sendmail. >>> >>> What's happening is that sendmail submits mail via SMTP back to >>> postfix, which causes a mail loop. >>> >> sendmail is what comes with the basic freebsd install IE, no package. >> sendmail is disabled in rc.conf so that is not the problem. >> >> > > > Of course it's the problem. You're using the real sendmail(TM) > sendmail command and it's causing a mailer loop. Your logs show the > proof. If you were using postfix, it would log as pickup, not > sendmail. I suppose you forgot to edit /etc/mail/mailer.conf to > enable postfix. > https://www.freebsd.org/doc/en/books/handbook/mail-changingmta.html > > > > -- Noel Jones > > During the pkg install postfix, it asks this question: Would you like to activate Postfix in /etc/mail/mailer.conf [n]? I just hit enter and took the NO default. From what you are saying I should have entered Y to that question. To verify this I did service postfix stop pkg remove postfix-x.x.x pkg install postfix Answered Y to the question Would you like to activate Postfix in /etc/mail/mailer.conf [n]? service postfix restart sent a spam email from a LAN PC and then received that email back. Did not get the to many hops error message, but the email was not flagged as spam and it should have been. I want to test spamassassin on the host using emails from a lan PC before I change my hosting domain config to send email to my postfix server. Is there some other tweak I need to make that happen? Thanks Ernie