Failing to bypass outgoing emails: Can't connect to TCP port 10024 on 10026

Gary V mr88talent at gmail.com
Sat Mar 26 14:07:32 CET 2011 

On 3/24/11, Loic Condette <yanek at altern.org> wrote:
> Hello all,
>
> Sorry if this has been answered before (it probably has, but, AFAIK,
> there's no way to search the list archives, only dig through one post
> after the other... Do I miss something?)
>
> I want to bypass Amavis scanning for outgoing emails (I know there is some
> point to allow outgoing emails scanning, but this is another question
> IMHO), so I've done a few searchs and ended-up on that:
>
> http://marc.info/?l=amavis-user&m=113415019700881
>
> I tried to apply advise #2, i.e.: what follows the "Another way is more
> specific" sentence.
>
> So:
>
> - I added: "check_client_access hash:/etc/postfix/amavis_internal" to
> Postfix's main.cf
>
> - I wrote these two lines to: /etc/postfix/amavis_internal
> 10.10.10.11 FILTER amavis:[10.10.10.11]:10026
> 88.191.xxx.xxx FILTER amavis:[10.10.10.11]:10026
> (The email server is a linux-vserver, which is listening on 10.10.10.11,
> while amavis is running on another linux-vserver, with the 10.10.10.15 IP
> address).
> Then I postmap'ed amavis_internal and reloaded Postfix.
>
> - Finally, I commented-out:
> $inet_socket_port = undef
>
> and added:
>
> $inet_socket_port = [10024, 10026];
> $interface_policy{'10026'} = 'INTERNAL';
> $policy_bank{'INTERNAL'} = {  # mail originating from the internal server
>   bypass_spam_checks_maps   => [1],  # don't spam-check outgoing mail
>   bypass_banned_checks_maps => [1],  # don't banned-check outgoing mail
>   final_spam_destiny   => D_PASS, # insure spam passes
>   final_banned_destiny => D_PASS, # insure banned files pass
> };
>
> in /etc/amavis/conf.d/50-user (this is a Debian vserver), then I restarted
> Amavis.
>
> Using this setup, emails are not delivered anymore. Here's what the logs
> say (vscan1 is the Amavis server, with the 10.10.10.15 IP address):
>
> mail.info.2.gz:Mar 12 03:16:30 vscan1 amavis[17484]: (!)Net::Server:
> 2011/03/12-03:16:30 Can't connect to TCP port 10024 on 10026 [Cannot as
> sign requested address]\n  at line 88 in file
> /usr/share/perl5/Net/Server/Proto/TCP.pm
>
> I dig the web a bit and believe that I found a post saying that amavisd
> can't listen on two different ports. I'm not sure as I can't find it
> anymore. Should I then consider that this kind of "mini-howto" is wrong?
> Do I miss something?
>
> Answers will be, of course, greatly appreciated :)
>
> Thanks,
>
> --
> Loic
>
>

Amavisd-new can listen on more than one port. Here NET::Server is
trying to open the standard amavisd-new port 10024 on an IP address of
10026? Something we are not seeing is misconfigured.

You might instead use the MYNETS example until it's sorted out. Maybe
you changed $inet_socket_bind by mistake. $inet_socket_bind  should be
an IP address, not a port.

Also, since amavisd-new 2.5 you should also add originating => 1, to
the example, but this will not solve the problem.:

$policy_bank{'INTERNAL'} = {  # mail originating from the internal server
  originating => 1,
  bypass_spam_checks_maps   => [1],  # don't spam-check outgoing mail
  bypass_banned_checks_maps => [1],  # don't banned-check outgoing mail
  final_spam_destiny   => D_PASS, # insure spam passes
  final_banned_destiny => D_PASS, # insure banned files pass
};

http://www200.pair.com/mecham/spam/bypassing.html

-- 
Gary V

More information about the amavis-users mailing list