Postfix - antispam and relay package

pyrodex

Just setup this with an AWS SES setup for mail relay and I notice I am dropping mail with the following issue in the logs:

Jun  4 11:13:32 firewall postfix/smtpd[62200]: connect from beast-areca.localhome.com[192.168.XX.XX]
Jun  4 11:14:02 firewall postfix/smtpd[62200]: warning: connect to Milter service inet:localhost:8893: Operation timed out

Any ideas?

marcelloc

There are services not running. Check all milters enabled, opendkim, spf, etc..

Rene.vandenBroek

A few posts back I had some problems with installing the postfix and mailscanner packages. As a result some of the permissions / ownerships were not set correctly and the DKIM and SPF milter failed to install correctly.
I've set the ownership to the postfix and mailscanner folders (/incoming ..etc) to user postfix so the temporary databases and incoming folders could be made ( my mails were stuck in the "on hold" queue)

I've then re-installed the CPAN modules as noted in the mailscanner package , and afterwards installed the failed modules with the command;

perl -MCPAN -e "install Mail::DKIM"
(source https://forum.ivorde.com/spamassassin-sa-update-complains-about-not-installed-modules-t32.html

Replace the packagename where required offcourse.

It might not be the same problem as I had, but maybe it helps you.

Igor Filth

Hi, marcelloc! I think I found some minor bugs

1. Auto whitelist doesn't work until I created manually «postscreen_spf_whitelist.cidr» file

2. When I try to watch postfix configuration files «relay_recipients» I see blank page.

Bismarck

@Igor:

2. When I try to watch postfix configuration files «relay_recipients» I see blank page.

You can see this only, if you have  "Enable LDAP/URL fetch" ind the Recipients tab enabled.

Igor Filth

Bismarck, "Enable LDAP/URL fetch" is already enabled, file "relay_recipients" contains 248 emails.

Bismarck

@Igor:

Bismarck, "Enable LDAP/URL fetch" is already enabled, file "relay_recipients" contains 248 emails.

Mine is just working fine with aprox 750 lines, maybe you could have a look in /usr/local/www/postfix_view_config.php around line 33

        		'recipients'=> POSTFIX_LOCALBASE . "/etc/postfix/relay_recipients",

and check the paths etc. the code is pretty self explained.

Igor Filth

Yeah, I found mistake.

Line 33 in my postfix_view_config.php is right
But line 99```

• relay_recipients

Should be```
*   [relay_recipients](#)

Not "relay", but "recipients"  ;)

marcelloc

@Igor:

Yeah, I found mistake.

This way?

https://github.com/marcelloc/Unofficial-pfSense-packages/commit/833483889f73243affe6ba71ce4465bf3f325dec

Igor Filth

This way?

https://github.com/marcelloc/Unofficial-pfSense-packages/commit/833483889f73243affe6ba71ce4465bf3f325dec

Yes

What can i say about

1)  Auto whitelist doesn't work until I created manually «postscreen_spf_whitelist.cidr» file

I'm delete «postscreen_spf_whitelist.cidr» file, and start test again.
Domains in file "auto_whitelisted_domains" and CIDR in "auto_whitelisted_cidr" created automatically (previously has been the same), but recipients has not received emails (stasus "soft bounce") from this domains again.

I swapped the lines "cidr:/usr/local/etc/postfix/auto_whitelisted_cidr" and "cidr:/usr/local/etc/postfix/postscreen_spf_whitelist.cidr" in my "main.cf" (without creating file "postscreen_spf_whitelist.cidr")

postscreen_access_list = permit_mynetworks,
			cidr:/usr/local/etc/postfix/cal_cidr,
			cidr:/usr/local/etc/postfix/auto_whitelisted_cidr,
			cidr:/usr/local/etc/postfix/postscreen_spf_whitelist.cidr

And now all emails were delivered to recipients, auto whitelisting works fine.

Rene.vandenBroek

Hi Marcelloc,

it appears that the FreeBSD repo has upgraded the MailScanner pkg to version 5.0.3 ( from 4.85.2 ). Unfortunately this breaks the mailscanner functionality. Since i'm not very good (i've actualy got no clue at all) in tracing back all the possible issues in the new package I thought I'd let you know.

I only saw it removes (or doesn't create) the file /usr/local/sbin/mailscanner .

fo now I've just downloaded the former package from http://pkg.freebsd.org/FreeBSD:11:amd64/release_0/All/MailScanner-4.85.2.txz and installed that on top of the 5.0.3 version, and that restores the mailscanner functionality.

marcelloc

@Rene.vandenBroek:

it appears that the FreeBSD repo has upgraded the MailScanner pkg to version 5.0.3 ( from 4.85.2 ). Unfortunately this breaks the mailscanner functionality. Since i'm not very good (i've actualy got no clue at all) in tracing back all the possible issues in the new package I thought I'd let you know.

Need some changed, I've already did some but it still have other things to fix.

ralf.kirmis

Good Morning,

has somebody tested the postfix installer script on the 2.4 RC Version?
Just to be ready when the 2.4 is released.  ::)

regards,
Ralf

Igor Filth

+1)
Postfix is one of most important packages for me. I hope to see it on version 2.4  ::)

pf-disa

Hi Marcelloc,

first of all thank you for your great work…

While waiting for the package for 2.4 ;) I've upgraded pfSense to version 2.3.5 but postfix doesn't start, with the following message in the log:

Nov 3 18:41:51 	php-fpm 	70404 	/pkg_edit.php: Postfix setup completed
Nov 3 18:41:51 	php-fpm 	70404 	/pkg_edit.php: Reloading/starting postfix
Nov 3 18:41:50 	php-fpm 	70404 	/pkg_edit.php: Writing rc_file
Nov 3 18:41:50 	php-fpm 	70404 	/pkg_edit.php: The command '/usr/local/sbin/postmap /usr/local/etc/postfix/sender_access' returned exit code '1', the output was 'Shared object "libicuuc.so.58" not found, required by "postmap"'
Nov 3 18:41:50 	php-fpm 	70404 	/pkg_edit.php: The command '/usr/local/sbin/postmap /usr/local/etc/postfix/transport' returned exit code '1', the output was 'Shared object "libicuuc.so.58" not found, required by "postmap"'
Nov 3 18:41:50 	php-fpm 	70404 	/pkg_edit.php: Writing out configuration 

What can I try?

Thanks…
R.

Update: after a couple of reboot and a reinstallation now postfix starts and works correctly...
I'll wait for the 2.4 version of the script... Thanks!

marcelloc

@pf-disa:

What can I try?

Try to reinstall the package. It's missing some libs from freebsd.

Bismarck

@marcelloc:

@pf-disa:

What can I try?

Try to reinstall the package. It's missing some libs from freebsd.

After update from 2.3.4 to 2.3.5, postfix need to be reinstalled:

pkg install postfix

or

pkg install postfix-sasl

will fix the missing libs, and postfix is operation normal again.

Igor Filth

Hi! I installed postfix on my pf 2.4.1 with marcelloc script.

I changed "2.3" to "2.4" at line 25 and run script, but packages was not found in repos.

I unlock the FreeBSD repo in

/usr/local/etc/pkg/repos/FreeBSD.conf > enabled: yes

/usr/local/etc/pkg/repos/pfSense.conf > enabled: yes

Then create xmlrpc.inc, because postfix.inc requires it

touch /etc/inc/xmlrpc.inc

I run script again, but have error "postwhite.conf not found"

I do action from this post

https://forum.pfsense.org/index.php?topic=40622.msg710038#msg710038

and run srcipt again.

In the end i have this error:

updating soft bounce message status on databases..
/var/db/postfix/20*dbError: near line 1: no such table: mail_noqueue
ok

I think it's not good, but postfix work fine. Massages transfered to my Exchange server, soft bounce work too.  ;)

winsonfa

@marcelloc Hi Marcello Hola Marcelloc, i just install pfsense 2.3.5 and postfix forwarder from your script, i can watch and edit postfix menu in pfsense but postfix no start, even pfsense no has the postfix command, i've tried to reinstall postfix from unofficial repo but got errors.

please help

winsonfa

@winsonfa unofficial repo no found postfix packets