我按照以下方式设置了一个 Postfix 电子邮件服务器来自 Linux Babe 的系列文章在我的公司,它似乎运行良好,只有几个例外。在邮件日志中,我看到以下警告:
postfix/10025/smtpd[169161]: warning: milter inet:127.0.0.1:783: unreasonable packet length: 1397768525 > 1073741823
postfix/10025/smtpd[169161]: warning: milter inet:127.0.0.1:783: read error in initial handshake
有人遇到过这种类型的错误吗?
- Alma Linux 8
- Postfix 版本 2:3.5.8-4.el8
- Postgrey 版本 1.37-9.el8
- Spamass-milter 版本 0.4.0-13.el8
- Spamassassin 版本 3.4.6-1.el8
postfix/main.cf section:
<--- Start --->
policyd-spf_time_limit = 3600
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
check_policy_service unix:private/policyd-spf
check_policy_service unix:postgrey/socket
check_client_access hash:/etc/postfix/rbl_override
reject_rhsbl_helo dbl.spamhaus.org
reject_rhsbl_reverse_client dbl.spamhaus.org
reject_rhsbl_sender dbl.spamhaus.org
permit_dnswl_client list.dnswl.org=127.0.[0..255].[1..3]
reject_rbl_client zen.spamhaus.org
##Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:783,unix:/run/spamass-milter/spamass-milter.sock
non_smtpd_milters = $smtpd_milters
content_filter = smtp-amavis:[127.0.0.1]:10024
smtpd_proxy_options = speed_adjust
<--- end --->
postfix/master.cf section:
<--- start --->
#==========================================================================
#service type private unpriv chroot wakeup maxproc command + args
#(yes) (yes) (no) (never) (100)
#==========================================================================
smtp inet n - n - - smtpd
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o content_filter=smtp-amavis:[127.0.0.1]:10026
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o content_filter=smtp-amavis:[127.0.0.1]:10026
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o syslog_name=postfix/$service_name
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
postlog unix-dgram n - n - 1 postlogd
policyd-spf unix - n n - 0 spawn user=policyd-spf argv=/usr/libexec/postfix/policyd-spf
smtp-amavis unix - - n - 2 smtp
-o syslog_name=postfix/amavis
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
-o smtp_tls_security_level=none
127.0.0.1:10025 inet n - n - - smtpd
-o syslog_name=postfix/10025
-o content_filter=
-o mynetworks_style=host
-o mynetworks=127.0.0.0/8
-o local_recipient_maps=
-o relay_recipient_maps=
-o strict_rfc821_envelopes=yes
-o smtp_tls_security_level=none
-o smtpd_tls_security_level=none
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
<--- end --->
sysconfig/spamass-milter section:
<--- start --->
EXTRA_FLAGS="-e mydomainname.com -u sa-milt -m -r 8 -R SPAM_ARE_NOT_ALLOWED_HERE -i 127.0.0.1 -g sa-milt -- --max-size=5120000"
<--- end --->
sysconfig/spamassassin section:
<--- Start --->
SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog' --nouser-config --virtual-config-dir=/var/vmail/%d/%l/spamassassin --username=vmail"
<--- end --->
答案1
我怀疑spamc
您最紧迫的配置问题是您将 spamassassin 守护程序(通常与或 之类的程序对话spamass-milter
)添加到使用 Sendmail Milter 协议的 Postfix 接口。
此行现在两次提到 spamassassin,更重要的是,一次指的是不使用此配置的条目所期望的 Milter 协议后缀的端口:
smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:783,unix:/run/spamass-milter/spamass-milter.sock
删除该条目,您已经在此处列出了 spamassass-milter,它在 unix 套接字上监听,清楚地拼写出名称:
smtpd_milters = inet:127.0.0.1:8891,unix:/run/spamass-milter/spamass-milter.sock
完成此更改后,您将不是完成后,您仍需要调查为什么调用 Milters 两次。您的全局配置设置了影响 smtpd 服务的 milters,它们在 amavis 之前(会产生类似这样的日志前缀postfix/smtpd
)和之后(这就是postfix/10025/smtpd
日志行所指的内容)调用它们。