Postfix/Spamassassin/Milter 错误

tag-icon tag-icon postfix spamassassin
Postfix/Spamassassin/Milter 错误

我按照以下方式设置了一个 Postfix 电子邮件服务器来自 Linux Babe 的系列文章在我的公司,它似乎运行良好,只有几个例外。在邮件日志中,我看到以下警告:

  • postfix/10025/smtpd[169161]: warning: milter inet:127.0.0.1:783: unreasonable packet length: 1397768525 > 1073741823
  • postfix/10025/smtpd[169161]: warning: milter inet:127.0.0.1:783: read error in initial handshake

有人遇到过这种类型的错误吗?

  • Alma Linux 8
  • Postfix 版本 2:3.5.8-4.el8
  • Postgrey 版本 1.37-9.el8
  • Spamass-milter 版本 0.4.0-13.el8
  • Spamassassin 版本 3.4.6-1.el8
postfix/main.cf section:
<--- Start --->
policyd-spf_time_limit = 3600
smtpd_recipient_restrictions =
   permit_mynetworks
   permit_sasl_authenticated
   reject_unauth_destination
   check_policy_service unix:private/policyd-spf
   check_policy_service unix:postgrey/socket
   check_client_access hash:/etc/postfix/rbl_override
   reject_rhsbl_helo dbl.spamhaus.org
   reject_rhsbl_reverse_client dbl.spamhaus.org
   reject_rhsbl_sender dbl.spamhaus.org
   permit_dnswl_client list.dnswl.org=127.0.[0..255].[1..3]
   reject_rbl_client zen.spamhaus.org

##Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:783,unix:/run/spamass-milter/spamass-milter.sock
non_smtpd_milters = $smtpd_milters

content_filter = smtp-amavis:[127.0.0.1]:10024
smtpd_proxy_options = speed_adjust
<--- end --->


postfix/master.cf section:
<--- start --->
#==========================================================================
#service type  private unpriv  chroot  wakeup  maxproc command + args
#(yes)   (yes)   (no)    (never) (100)
#==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
submission inet n       -       n       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o content_filter=smtp-amavis:[127.0.0.1]:10026
smtps     inet  n       -       n       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o content_filter=smtp-amavis:[127.0.0.1]:10026
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
        -o syslog_name=postfix/$service_name
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
postlog   unix-dgram n  -       n       -       1       postlogd
policyd-spf  unix  -       n       n       -       0       spawn user=policyd-spf argv=/usr/libexec/postfix/policyd-spf
smtp-amavis  unix  -       -       n       -       2       smtp
        -o syslog_name=postfix/amavis
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
        -o disable_dns_lookups=yes
        -o max_use=20
        -o smtp_tls_security_level=none

127.0.0.1:10025   inet   n    -     n     -     -    smtpd
        -o syslog_name=postfix/10025
        -o content_filter=
        -o mynetworks_style=host
        -o mynetworks=127.0.0.0/8
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o strict_rfc821_envelopes=yes
        -o smtp_tls_security_level=none
        -o smtpd_tls_security_level=none
        -o smtpd_restriction_classes=
        -o smtpd_delay_reject=no
        -o smtpd_client_restrictions=permit_mynetworks,reject
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o smtpd_end_of_data_restrictions=
        -o smtpd_error_sleep_time=0
        -o smtpd_soft_error_limit=1001
        -o smtpd_hard_error_limit=1000
        -o smtpd_client_connection_count_limit=0
        -o smtpd_client_connection_rate_limit=0
        -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
<--- end --->

sysconfig/spamass-milter section:
<--- start --->
EXTRA_FLAGS="-e mydomainname.com -u sa-milt -m -r 8 -R SPAM_ARE_NOT_ALLOWED_HERE -i 127.0.0.1 -g sa-milt -- --max-size=5120000"
<--- end --->

sysconfig/spamassassin section:
<--- Start --->
SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog' --nouser-config --virtual-config-dir=/var/vmail/%d/%l/spamassassin --username=vmail"
<--- end --->

答案1

怀疑spamc您最紧迫的配置问题是您将 spamassassin 守护程序(通常与或 之类的程序对话spamass-milter)添加到使用 Sendmail Milter 协议的 Postfix 接口。

此行现在两次提到 spamassassin,更重要的是,一次指的是不使用此配置的条目所期望的 Milter 协议后缀的端口:

smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:783,unix:/run/spamass-milter/spamass-milter.sock

删除该条目,您已经在此处列出了 spamassass-milter,它在 unix 套接字上监听,清楚地拼写出名称:

smtpd_milters = inet:127.0.0.1:8891,unix:/run/spamass-milter/spamass-milter.sock

完成此更改后,您将不是完成后,您仍需要调查为什么调用 Milters 两次。您的全局配置设置了影响 smtpd 服务的 milters,它们在 amavis 之前(会产生类似这样的日志前缀postfix/smtpd)和之后(这就是postfix/10025/smtpd日志行所指的内容)调用它们。

相关内容