使用 postfix 調試 spamassassin
我正在嘗試在我的 postfix 郵件伺服器上設置 spamassassin milter。
SpamAssassin Server version 3.4.1 running on Perl 5.20.2 with SSL support (IO::Socket::SSL 2.019) with zlib support (Compress::Zlib 2.064) Postfix mail_version = 2.11.3
當我通過將其添加到此行來啟動 milter 時:
smtpd_milters = unix:/spamassassin/spamd.sock unix:/clamav/clamav-milter.ctl unix:/opendkim/opendkim.sock
奇怪的是,發送郵件需要更長的時間才能完成(我認為 spamassassin 僅適用於收到的電子郵件),我得到以下日誌:
Jan 28 15:39:38 mymailserver spamd[22388]: spamd: got connection over /var/spool/postfix/spamassassin/spamd.sock Jan 28 15:40:08 mymailserver spamd[22388]: spamd: timeout: (30 second socket timeout reading input from client) Jan 28 15:40:08 mymailserver postfix/smtpd[29865]: warning: milter unix:/spamassassin/spamd.sock: unreasonable packet length: 1397768525 > 1073741823 Jan 28 15:40:08 mymailserver postfix/smtpd[29865]: warning: milter unix:/spamassassin/spamd.sock: read error in initial handshake
最後一個錯誤隨機變化,有時它抱怨期待某些東西但收到其他東西,這聽起來很合理,因為它在從套接字讀取時遇到問題。
我想學習如何調試它,但我什至不知道從哪裡開始。至少我確定套接字存在並且擁有正確的所有者,至少從
got connection over ...
我們可以排除套接字的存在和權限來看。還有一些其他警告我不確定它們是否相關,但我正在考慮在之後解決這些問題
Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: Pigeonhole version 0.4.8 (0c4ae064f307+) initializing Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: file storage: Storage path `/var/mail/vmail/mydomain.com/me/sieve' not found Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: file storage: Using Sieve script path: /var/mail/vmail/mydomain.com/me/.dovecot.sieve Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: file storage: Storage path `/var/mail/vmail/mydomain.com/me/.dovecot.sieve' not found Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: storage: No default script location configured Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: User has no personal script Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: file storage: Storage path `/var/mail/vmail/sieve-before' not found Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: Location for sieve_before not found: /var/mail/vmail/sieve-before Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: file storage: Storage path `/var/mail/vmail/sieve-after' not found Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: Location for sieve_after not found: /var/mail/vmail/sieve-after Jan 28 15:40:09 mymailserver dovecot: lda(me@mydomain.com): Debug: sieve: No scripts to execute: reverting to default delivery.
** 更新 1 **
這是我的 main.cf 的內容
alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 default_destination_concurrency_limit = 5 disable_vrfy_command = yes inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mailbox_size_limit = 0 message_size_limit = 104857600 milter_connect_macros = j {daemon_name} v {if_name} _ milter_default_action = accept mydestination = localhost.$mydomain, localhost, $mydomain mydomain = example.com myhostname = mail.example.com mynetworks = 127.0.0.0/8 10.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname non_smtpd_milters = $smtpd_milters readme_directory = no recipient_delimiter = + relay_destination_concurrency_limit = 1 smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit smtpd_milters = unix:/clamav/clamav-milter.ctl unix:/opendkim/opendkim.sock smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_sender smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_login_maps = $virtual_mailbox_maps smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_checks, reject_unknown_sender_domain, reject_sender_login_mismatch smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_tls_ask_ccert = yes smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/private/mail_example_com.pem smtpd_tls_ciphers = high smtpd_tls_key_file = /etc/ssl/private/mail_example_com.key smtpd_tls_loglevel = 0 smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_address_reject_code = 550 unknown_client_reject_code = 550 unknown_hostname_reject_code = 550 unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual virtual_mailbox_base = /var/mail/vmail virtual_mailbox_domains = hash:/etc/postfix/virtual-mailbox-domains virtual_mailbox_maps = hash:/etc/postfix/virtual-mailbox-users virtual_transport = dovecot
如果我理解正確,則 spamassassin(或 spamd,如您在此處使用的)不能直接用作 milter。
除了 spamassassin 之外,您還需要 spamass-milter。
請參閱此處: http: //www.stefan-seelmann.de/wiki/mailserver-postfix-dovecot 或此處: https ://www.nesono.com/node/220 以供參考。
正如公認的答案所指出的,有幾個組件可以使它起作用。我已經安裝了 spamassassin 和 spamass-milter。
但是,在設置過程中,我誤解瞭如何設置套接字,所以這裡是相關的文件/行
首先 /etc/default/spamassassin :
OPTIONS="-x --max-children 5 --nouser-config --helper-home-dir /var/lib/spamassassin -u debian-spamd -g debian-spamd --siteconfigpath /etc/spamassassin --socketpath=/var/run/spamassassin/spamd.sock --socketowner=debian-spamd --socketgro$
第二個 /etc/default/spamass-milter :
OPTIONS="-u spamass-milter -i 127.0.0.1 -m -I -- --socket=/var/run/spamassassin/spamd.sock"
最後,/etc/postfix/main.cf
smtpd_milters = unix:/spamass/spamass.sock
所以總而言之,據我了解,使用了幾個套接字。一種用於 milter 和 spamassassin (spamd.sock) 之間的通信,另一種用於 Postfix 和 milter (spamass.sock) 之間的通信。以前我強迫他們都使用同一個套接字,這解釋了為什麼有時它會工作(偶然),有時錯誤會指出一些意想不到的東西……
因此,在正確設置這些之後,有關 spamassassin 的錯誤消失了,性能恢復了。我也沒有看到更多與篩子相關的消息,但我不完全確定它們是否相關。除了上述之外,我沒有進行任何其他配置更改。