get rid of "Open relay?" and set up DKIM
Dusan Obradovic
dusan at euracks.net
Thu Oct 18 23:48:21 CEST 2018
> On Oct 18, 2018, at 16:31, Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:
>
> Hello,
>
> I am trying to get rid of annoying "Open relay?" messages and later set up
> DKIM signing, which both I believe are doable by properly setting
> @mynetworks.
>
> the README.lookups says:
>
> @mynetworks_maps = (read_array('/etc/amavisd-mynetworks'), \@mynetworks);
>
> or
>
> @mynetworks_maps = (read_hash('/etc/amavisd-mynetworks'), \@mynetworks);
>
> and https://sourceforge.net/p/amavis/mailman/message/24573173/ recommends
> "not to forget to re-evaluate the @client_ipaddr_policy after/if
> @mynetworks_maps is changed:"
>
> @client_ipaddr_policy = map(($_,'MYNETS'), @mynetworks_maps);
>
>
> I have tried it all.
>
> I have even assigned direct IP addresses to @mynetworks:
>
> @mynetworks = qw(127.0.0.1 192.168.20.40 );
>
> but the message still appears:
>
> Oct 18 16:15:48 smtp2 amavis[1814]: (01814-15) Checking: WwuVqzvm1fVY AM.PDP-SOCK [192.168.20.40] <censored> -> <censored>
> Oct 18 16:15:48 smtp2 amavis[1814]: (01814-15) Open relay? Nonlocal recips but not originating: censored
>
> I am using amavisd-milter to process mail at SMTP level. do I need to play with policy banks?
> amavisd-new-2.10.1, Debian 8.
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> You have the right to remain silent. Anything you say will be misquoted,
> then used against you.
I have it working using read_cidr().
@mynetworks = @{ read_cidr('/etc/postfix/mynetworks') };
$policy_bank{'MYNETS'} = {
originating => 1,
os_fingerprint_method => undef,
};
amavisd-new-2.8.0 release notes:
- added a subroutine read_cidr() which can read a Postfix style CIDR file,
with a syntax interpreted according a Postfix cidr_table(5) man page.
The subroutine returns a ref to an array by default (but can also
produce a hash, and is able to add data to an existing array or hash).
Typical use:
@mynetworks_maps = ( read_cidr('/etc/postfix/mynetworks.cidr') );
@client_ipaddr_policy = map(($_,'MYNETS'), @mynetworks_maps);
or:
@mynetworks = @{ read_cidr('/etc/postfix/mynetworks.cidr') };
For details and more complex usage see leading comments in the read_cidr
subroutine;
More information about the amavis-users
mailing list