como whitelist domínio no amavis?

1

Eu tenho alguns problemas para receber e-mails de domínios específicos. Meu servidor recebe e-mails do Gmail, por exemplo, sem problemas. Tentei um monte de guias para whitelist domínio remetente, mas ainda receber a mesma mensagem no log. Você pode me ajudar a consertar isso? Já tentei whitelist (ler método hash) e adicionando manualmente o domínio com pontuação negativa em amavisd.conf.in. Não há sucesso.

Esta é a mensagem do log

Oct 10 16:55:45 mail postfix/smtpd[31680]: NOQUEUE: filter: RCPT from smtp-senderdomain.com[10.10.10.10]: <[email protected]>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<smtp-out.senderdomain.com>
    Oct 10 16:55:45 mail postfix/smtpd[31680]: NOQUEUE: filter: RCPT from smtp-out.senderdomain.com[10.10.10.10]: <[email protected]>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<smtp-out.senderdomain.com>
    Oct 10 16:55:46 mail postfix/smtpd[31680]: 5E01FA5EA9: client=smtp-out.senderdomain.com[10.10.10.10]

isto é postconf -n

address_verify_negative_refresh_time = 10m
address_verify_poll_count = ${stress?3}${stress:5}
address_verify_poll_delay = 3s
address_verify_positive_refresh_time = 12h
alias_maps = lmdb:/etc/aliases
allow_mail_to_commands =
allow_mail_to_files =
always_add_missing_headers = yes
bounce_notice_recipient = postmaster
bounce_queue_lifetime = 5d
broken_sasl_auth_clients = yes
canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-canonical.cf
command_directory = /opt/zimbra/common/sbin
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /opt/zimbra/common/libexec
data_directory = /opt/zimbra/data/postfix/data
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
default_process_limit = 100
delay_warning_time = 0h
header_checks =
hopcount_limit = 50
html_directory = no
import_environment =
in_flow_delay = 1s
inet_protocols = ipv4
lmdb_map_size = 16777216
lmtp_connection_cache_destinations =
lmtp_connection_cache_time_limit = 4s
lmtp_host_lookup = dns
lmtp_tls_CAfile =
lmtp_tls_CApath =
lmtp_tls_ciphers = export
lmtp_tls_exclude_ciphers =
lmtp_tls_loglevel = 0
lmtp_tls_mandatory_ciphers = medium
lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3
lmtp_tls_protocols = !SSLv2, !SSLv3
lmtp_tls_security_level = may
local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /opt/zimbra/common/sbin/mailq
manpage_directory = /opt/zimbra/common/share/man
max_use = 100
maximal_backoff_time = 4000s
maximal_queue_lifetime = 5d
message_size_limit = 10240000
meta_directory = /opt/zimbra/common/conf
milter_command_timeout = 30s
milter_connect_timeout = 30s
milter_content_timeout = 300s
milter_default_action = tempfail
minimal_backoff_time = 300s
mydestination = localhost
myhostname = mail.mydomain.com
mynetworks = 127.0.0.0/8 [::1]/128 192.168.0.0/24
mynetworks_style = subnet
newaliases_path = /opt/zimbra/common/sbin/newaliases
non_smtpd_milters =
notify_classes = resource, software
postscreen_access_list = permit_mynetworks
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = ignore
postscreen_cache_cleanup_interval = 12h
postscreen_cache_retention_time = 7d
postscreen_command_count_limit = 20
postscreen_dnsbl_action = ignore
postscreen_dnsbl_max_ttl = ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h
postscreen_dnsbl_min_ttl = 60s
postscreen_dnsbl_reply_map =
postscreen_dnsbl_sites =
postscreen_dnsbl_threshold = 1
postscreen_dnsbl_ttl = 1h
postscreen_dnsbl_whitelist_threshold = 0
postscreen_greet_action = ignore
postscreen_greet_ttl = 1d
postscreen_non_smtp_command_action = drop
postscreen_non_smtp_command_enable = no
postscreen_non_smtp_command_ttl = 30d
postscreen_pipelining_action = enforce
postscreen_pipelining_enable = no
postscreen_pipelining_ttl = 30d
postscreen_upstream_proxy_protocol =
postscreen_watchdog_timeout = 10s
postscreen_whitelist_interfaces = static:all
propagate_unmatched_extensions = canonical
queue_directory = /opt/zimbra/data/postfix/spool
queue_run_delay = 300s
readme_directory = no
recipient_delimiter =
relayhost =
sample_directory = /opt/zimbra/common/conf
sender_canonical_maps =
sendmail_path = /opt/zimbra/common/sbin/sendmail
setgid_group = postdrop
shlib_directory = no
smtp_cname_overrides_servername = no
smtp_dns_support_level = enabled
smtp_fallback_relay =
smtp_generic_maps =
smtp_helo_name = $myhostname
smtp_sasl_auth_enable = no
smtp_sasl_mechanism_filter =
smtp_sasl_password_maps =
smtp_sasl_security_options = noplaintext,noanonymous
smtp_tls_CAfile =
smtp_tls_CApath =
smtp_tls_ciphers = export
smtp_tls_dane_insecure_mx_policy = dane
smtp_tls_loglevel = 0
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_protocols =
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtp_transport_rate_delay = $default_transport_rate_delay
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_auth_rate_limit = 0
smtpd_client_port_logging = no
smtpd_client_restrictions = reject_unauth_pipelining
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions =
smtpd_error_sleep_time = 1s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_milters =
smtpd_proxy_timeout = 100s
smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_invalid_helo_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_rbl_client cbl.abuseat.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client bl.spamcop.net, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_reverse_client rhsbl.sorbs.net, reject_rhsbl_sender multi.surbl.org, reject_rhsbl_sender rhsbl.sorbs.net, reject_rhsbl_sender dbl.spamhaus.org, reject_rhsbl_sender bl.spamcop.net, permit
smtpd_reject_unlisted_recipient = no
smtpd_reject_unlisted_sender = no
smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sender_login_maps =
smtpd_sender_restrictions = check_sender_access regexp:/opt/zimbra/common/conf/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, permit_tls_clientcerts, check_sender_access regexp:/opt/zimbra/common/conf/tag_as_foreign.re
smtpd_soft_error_limit = 10
smtpd_tls_CAfile =
smtpd_tls_CApath =
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = yes
smtpd_tls_ccert_verifydepth = 9
smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
smtpd_tls_ciphers = export
smtpd_tls_dh1024_param_file = /opt/zimbra/conf/dhparam.pem
smtpd_tls_exclude_ciphers =
smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = no
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtputf8_enable = no
tls_append_default_CA = no
transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf
unknown_local_recipient_reject_code = 550
unverified_recipient_defer_code = 250
virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf
virtual_alias_expansion_limit = 10000
virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf
virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf
virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf
virtual_transport = error

isto é main.cf

# The debugger_command specifies the external command that is executed
# when a Postfix daemon program is run with the -D option.
#
# Use "command .. & sleep 5" so that the debugger can attach before
# the process marches on. If you use an X-based debugger, be sure to
# set up your XAUTHORITY environment variable before starting Postfix.
# debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5

# If you can't use X, use this to capture the call stack when a
# daemon crashes. The result is in a file in the configuration
# directory, and is named after the process name and the process ID.
#
# debugger_command =
#       PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
#       echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
#       >$config_directory/$process_name.$process_id.log & sleep 5
#
# Another possibility is to run gdb under a detached screen session.
# To attach to the screen sesssion, su root and run "screen -r
# <id_string>" where <id_string> uniquely matches one of the detached
# sessions (from "screen -list").
#
# debugger_command =
#       PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen
#       -dmS $process_name gdb $daemon_directory/$process_name
#       $process_id & sleep 1

# INSTALL-TIME CONFIGURATION INFORMATION
#
# The following parameters are used when installing a new Postfix version.
#
# sendmail_path: The full pathname of the Postfix sendmail command.
# This is the Sendmail-compatible mail posting interface.
# sendmail_path = /opt/zimbra/common/sbin/sendmail

# newaliases_path: The full pathname of the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases.
# newaliases_path = /opt/zimbra/common/sbin/newaliases

# mailq_path: The full pathname of the Postfix mailq command.  This
# is the Sendmail-compatible mail queue listing command.
# mailq_path = /opt/zimbra/common/sbin/mailq

# setgid_group: The group for mail submission and queue management
# commands.  This must be a group name with a numerical group ID that
# is not shared with other accounts, not even with the Postfix account.
# setgid_group = postdrop

# html_directory: The location of the Postfix HTML documentation.
# html_directory = no

# manpage_directory: The location of the Postfix on-line manual pages.
# manpage_directory = /opt/zimbra/common/share/man

# sample_directory: The location of the Postfix sample configuration files.
# This parameter is obsolete as of Postfix 2.1.
# sample_directory = /opt/zimbra/common/conf

# readme_directory: The location of the Postfix README files.
# readme_directory = no inet_protocols = ipv4

#
# Zimbra changes.
#

virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf

virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf

virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf

virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf

virtual_transport = error

canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-canonical.cf

transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf

# If (email domain name == host name), we don't want $myhostname in
# mydestination for testing purposes. mydestination = localhost

# Disable NIS which is in the default alias_maps = lmdb:/etc/aliases

# for security... allow_mail_to_commands = allow_mail_to_files =

smtpd_helo_required = yes

smtpd_client_restrictions = reject_unauth_pipelining

smtpd_data_restrictions = reject_unauth_pipelining

smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_invalid_helo_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_rbl_client cbl.abuseat.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client bl.spamcop.net, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_reverse_client rhsbl.sorbs.net, reject_rhsbl_sender multi.surbl.org, reject_rhsbl_sender rhsbl.sorbs.net, reject_rhsbl_sender dbl.spamhaus.org, reject_rhsbl_sender bl.spamcop.net, permit

broken_sasl_auth_clients = yes

smtpd_use_tls = yes smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key smtpd_tls_loglevel = 1 smtputf8_enable = no

meta_directory = /opt/zimbra/common/conf shlib_directory = no postscreen_dnsbl_min_ttl = 60s in_flow_delay = 1s postscreen_dnsbl_whitelist_threshold = 0 postscreen_command_count_limit = 20 smtp_dns_support_level = enabled smtpd_sasl_security_options = noanonymous address_verify_positive_refresh_time = 12h postscreen_pipelining_ttl = 30d default_process_limit = 100 smtpd_tls_ask_ccert = no smtpd_tls_ccert_verifydepth = 9 smtpd_error_sleep_time = 1s lmtp_tls_security_level = may smtp_tls_CApath = smtpd_reject_unlisted_sender = no hopcount_limit = 50 address_verify_poll_delay = 3s lmtp_host_lookup = dns lmtp_tls_loglevel = 0 smtpd_banner = $myhostname ESMTP $mail_name lmtp_tls_ciphers = export postscreen_greet_action = ignore smtp_sasl_security_options = noplaintext,noanonymous postscreen_blacklist_action = ignore smtp_tls_ciphers = export postscreen_pipelining_enable = no delay_warning_time = 0h bounce_queue_lifetime = 5d smtpd_tls_auth_only = yes local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated postscreen_watchdog_timeout = 10s postscreen_access_list = permit_mynetworks mailbox_size_limit = 0 notify_classes = resource, software bounce_notice_recipient = postmaster lmtp_tls_protocols = !SSLv2, !SSLv3 smtp_sasl_auth_enable = no mynetworks = 127.0.0.0/8 [::1]/128 192.168.0.0/24 message_size_limit = 10240000 smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtp_helo_name = $myhostname address_verify_poll_count = ${stress?3}${stress:5} maximal_queue_lifetime = 5d postscreen_whitelist_interfaces = static:all smtp_tls_loglevel = 0 myhostname = mail.mydomain.com smtpd_sasl_auth_enable = yes postscreen_dnsbl_reply_map = virtual_alias_expansion_limit = 10000 postscreen_non_smtp_command_ttl = 30d smtpd_client_port_logging = no relayhost = postscreen_greet_ttl = 1d smtp_sasl_password_maps = smtpd_tls_CAfile = smtpd_tls_security_level = may postscreen_bare_newline_enable = no import_environment = max_use = 100 milter_content_timeout = 300s minimal_backoff_time = 300s postscreen_dnsbl_sites = recipient_delimiter = unverified_recipient_defer_code = 250 postscreen_upstream_proxy_protocol = postscreen_non_smtp_command_action = drop smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 postscreen_dnsbl_ttl = 1h smtp_tls_mandatory_ciphers = medium smtpd_sender_login_maps = lmtp_connection_cache_destinations = content_filter = smtp-amavis:[127.0.0.1]:10024 queue_run_delay = 300s lmtp_tls_mandatory_ciphers = medium smtp_generic_maps = milter_connect_timeout = 30s milter_default_action = tempfail address_verify_negative_refresh_time = 10m lmtp_tls_exclude_ciphers = smtpd_end_of_data_restrictions = smtp_tls_security_level = may smtpd_tls_mandatory_ciphers = medium postscreen_non_smtp_command_enable = no lmtp_tls_CAfile = lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3 postscreen_bare_newline_action = ignore postscreen_cache_retention_time = 7d smtpd_milters = smtpd_sender_restrictions = check_sender_access regexp:/opt/zimbra/common/conf/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, permit_tls_clientcerts, check_sender_access regexp:/opt/zimbra/common/conf/tag_as_foreign.re smtp_tls_protocols = !SSLv2, !SSLv3 smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_tls_CApath = smtpd_soft_error_limit
= 10 postscreen_dnsbl_action = ignore postscreen_pipelining_action = enforce smtp_transport_rate_delay = $default_transport_rate_delay smtp_fallback_relay = lmtp_tls_CApath = smtp_cname_overrides_servername = no postscreen_dnsbl_threshold = 1 postscreen_bare_newline_ttl = 30d smtpd_proxy_timeout = 100s smtpd_tls_dh1024_param_file = /opt/zimbra/conf/dhparam.pem postscreen_cache_cleanup_interval = 12h propagate_unmatched_extensions
= canonical smtp_sasl_mechanism_filter = milter_command_timeout = 30s smtpd_client_auth_rate_limit = 0 non_smtpd_milters = smtpd_tls_ciphers
= export lmdb_map_size = 16777216 smtpd_sasl_authenticated_header = no smtpd_hard_error_limit = 20 maximal_backoff_time = 4000s smtp_tls_CAfile = smtpd_reject_unlisted_recipient = no smtpd_tls_protocols = !SSLv2, !SSLv3 tls_append_default_CA = no smtp_tls_dane_insecure_mx_policy = dane smtp_tls_mandatory_protocols = postscreen_dnsbl_max_ttl = ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h sender_canonical_maps = smtpd_tls_received_header = no always_add_missing_headers = yes lmtp_connection_cache_time_limit = 4s smtpd_tls_exclude_ciphers = smtpd_helo_required = yes
    
por zimbraproblems 10.10.2018 / 16:17

0 respostas

Tags