amavisd stopped working after updating Gentto perl modules

Christian Rößner cr at sys4.de
Fri May 31 17:52:22 CEST 2013 

Hi,

I am running amavisd on Gentoo hardened. Two days ago I upgrade the @world-set and since that amavsid does not work with my LDAP anymore:

May 31 17:37:11 mx0 amavis[25881]: (25881) Request: AM.PDP  /var/amavis/tmp/afXXXXCiVpd4: <root at mon.deltaweb.de> -> <christian at roe
ssner-net.com>
May 31 17:37:11 mx0 amavis[25881]: (25881) Checking: DHAhpZauCKH6 AM.PDP-SOCK [193.239.107.23] <root at mon.deltaweb.de> -> <christia
n at roessner-net.com>
May 31 17:37:11 mx0 amavis[25882]: (25882) (!)connect_to_ldap: unable to connect to host ldap://db.roessner-net.de
May 31 17:37:11 mx0 amavis[25882]: (25882) (!!)TROUBLE in check_mail: check-banned FAILED: connect_to_ldap: unable to connect at (
eval 108) line 149.
May 31 17:37:11 mx0 amavisd-milter[4575]: 3bMVCC3jp8zGp2X: log_id=25882
May 31 17:37:11 mx0 amavisd-milter[4575]: 3bMVCC3jp8zGp2X: return_value=tempfail
May 31 17:37:11 mx0 postfix/cleanup[26028]: 3bMVCC3jp8zGp2X: milter-reject: END-OF-MESSAGE from relay.deltaweb.de[193.239.107.23]:
 4.5.0 Error in processing, id=25882, check-banned FAILED: connect_to_ldap: unable to connect at (eval 108) line 149.; from=<root@
mon.deltaweb.de> to=<christian at roessner-net.com> proto=ESMTP helo=<relay.deltaweb.de>


This is the part of amavisd which was working perfectly:

$enable_ldap = 1;
$default_ldap = {
  hostname      => [ 'ldap://db.roessner-net.de' ],
  tls           => 1,
  base          => 'ou=people,ou=it,dc=roessner-net,dc=de',
  scope         => 'sub',
  verify        => 'require',
  clientcert    => '/etc/ssl/certs/mx0.roessner-net.de.pem',
  clientkey     => '/etc/ssl/private/mx0.roessner-net.de.key.pem',
  cafile        => '/etc/ssl/certs/ca-certificates.crt',
  sasl          => 1,
  sasl_mech     => 'EXTERNAL',
  query_filter  => '(&(objectClass=rnsMSPostfixAccount)(rnsMSRecipientAddress=%m))',
};

Both, db.roessner-net.de.pem and mx0…pem are still valid, so it is nothing with the certs. Also all other LDAP services as i.e. opendkim still works with LDAP on the same machine.

The Gentoo system is a stable system. Only amavisd itself is ~amd64:

mail-filter/amavisd-new-2.8.0

Any ideas what could have changed? Which perl module does handle the LDAP stuff?

Thanks in advance

-Christian Rößner

--
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

More information about the amavis-users mailing list