Open relay? Nonlocal recips but not originating: in my maillog

Dino Edwards dino.edwards at mydirectmail.net
Sat Feb 10 01:44:09 CET 2018


This has been a well publicized issue. As far as I can tell there is no fix, it seems to be a perl issue. Are you using Fedora?


________________________________
From: Karol Augustin <karol at augustin.pl>
Sent: Friday, February 9, 2018 7:32 PM
To: amavis-users at amavis.org
Subject: Re: Open relay? Nonlocal recips but not originating: in my maillog

Hi,

I have the same problem when I upgraded to 2.11. It looks like
originating -> 1 is not respected and Amavis decides that all e-mail is
send from non-local addresses.


As soon as I update to 2.11 I get this problem:

amavis[24157]: (24157-01) Passed CLEAN {AcceptedInternal}, AM.PDP-SOCK
LOCAL [66.220.155.153] [66.220.155.153] /AM.PDP <external_address> ->
<local_address>
amavis[23558]: (23558-01) Passed CLEAN {RelayedOpenRelay}, ORIGINATING
[127.0.0.1]:43008 ESMTP/ESMTP <local_address> -> <external_address>
amavis[23371]: (23371-01) Passed CLEAN {RelayedInbound}, ORIGINATING
[86.47.99.235]:57284 [86.47.99.235] ESMTP/ESMTP <local_address> ->
<local_address>

With 2.10 (same config):

amavis[25242]: (25242-01) Passed CLEAN {AcceptedInbound}, AM.PDP-SOCK
[2607:f8b0:4001:c0b::234] [2607:f8b0:4001:c0b::234] /AM.PDP
<external_address> -> <local_address>,
amavis[25244]: (25244-01) Passed CLEAN {RelayedOutbound}, ORIGINATING
LOCAL [127.0.0.1]:43684 ESMTP/ESMTP <local_address> ->
<external_address>
amavis[25250]: (25250-01) Passed CLEAN {RelayedInternal}, ORIGINATING
LOCAL [127.0.0.1]:43838 ESMTP/ESMTP <local_address> -> <local_address>


I have following relevant config:

$inet_socket_port = [10026,10027];
$interface_policy{'10026'} = 'ORIGINATING';
$interface_policy{'10027'} = 'PICKUP';

$policy_bank{'AM.PDP-SOCK'} = {
  protocol => 'AM.PDP',
  originating => [1],
};



$policy_bank{'PICKUP'} = {  # mail originating from @mynetworks
originating => [1],
enable_dkim_verification => 1,
  enable_dkim_signing => 0,
  bypass_spam_checks_maps   => 1,  # don't spam-check internal mail
  bypass_banned_checks_maps => 1,  # don't banned-check internal mail
#  spam_kill_level_maps => 4,
  bypass_decode_parts => 1,
  bypass_header_checks_maps => 1,
  bypass_virus_checks_maps  => 1,
  bypass_banned_checks_maps => 1,
#  remove_existing_x_scanned_headers => 1.
};

$policy_bank{'ORIGINATING'} = {  # mail originating from our users
  originating => 0,
  enable_dkim_verification => 1,
  final_virus_destiny      => D_BOUNCE,
  final_banned_destiny     => D_BOUNCE,
  final_spam_destiny       => D_BOUNCE,

};

$sql_select_policy = 'SELECT name, 3.5 as spam_tag2_level, 9 as
spam_kill_level FROM virtual_domains WHERE CONCAT("@",name) IN (%k)';



Thanks,
Karol




--
Karol Augustin
karol at augustin.pl
http://karolaugustin.pl/
+353 85 775 5312
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20180210/b013103d/attachment.html>


More information about the amavis-users mailing list