Postfix - antispam and relay package
-
To get postfix working on pfSense 2.2, follow these steps:
Remember, do it at your own risk ;)
fetch -o /usr/local/www/postfix.php http://e-sac.siteseguro.ws/px22/postfix.txt fetch -o /usr/local/www/widgets/widgets/postfix.widget.php http://e-sac.siteseguro.ws/px22/postfix.widget.txt pbi_delete postfix-2.11.3_2-amd64 rm -rf /usr/pbi/bin/libexec/postfix rm -rf /usr/local/etc/postfix rm -rf /var/spool/postfix rm -rf /var/mail/postfix rm -rf /var/db/postfix pkg install postfix libspf2
fix postfix.inc file with this patch via system patcher package
add this patch via package system patcher
**description:**postfix_inc
patch:--- postfix.orig.inc 2015-08-18 08:15:00.000000000 +0000 +++ postfix.inc 2015-08-18 08:18:10.000000000 +0000 @@ -36,11 +36,11 @@ require_once("globals.inc"); $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); -if ($pfs_version == "2.1" || $pfs_version == "2.2") { - define('POSTFIX_LOCALBASE', '/usr/pbi/postfix-' . php_uname("m")); -} else { +//if ($pfs_version == "2.1" || $pfs_version == "2.2") { +// define('POSTFIX_LOCALBASE', '/usr/pbi/postfix-' . php_uname("m")); +//} else { define('POSTFIX_LOCALBASE','/usr/local'); -} +//} $uname=posix_uname(); if ($uname['machine']=='amd64')
directory:/usr/local/pkg/
-
Hello,
What is the stable version of pfSense where Postfix Forwarder works perfectly?I'm tryna the pfSense 2.2.4-RELEASE (amd64) with Postfix 2.4.2 Forwarder, but not this cool not.
Hugs.
-
look at the post above yours…
-
Hello,
I saw it, I do not want is to have to do this!
What version of pfsense and postfix stable so I do not have to do what Marcello recommend?
Grateful. -
2.1
but you can savely do that.
-
The only workaround I found for this is
-
install package from pfsense gui
-
go to console, remove pbi packages(not the gui)
-
Install postfix package via pkg ng
The main postfix binary works fine but all other sub process it starts die with missing libs.
I don't know if writing a guide to use pkg ng will help or add a lot of extra problems.
The main problem with this(and many others) package is that pbi messes up bin and lib location. I have the gui fixed for sqlite2 /sqlite3 but for now, just removing pbi and installing postfix pkg will keep postfix working on 2.2
If I push the gui fix for 2.2 on github, it will broke package gui on 2.1first of all, great work =)
so… 2.1 is old/out of production already, right?
-
-
so… 2.1 is old/out of production already, right?
pfsense 2.1, yes but the package is working on both(2.1 normal install and on 2.2 with the fix above).
-
pfsense 2.1, yes but the package is working on both(2.1 normal install and on 2.2 with the fix above).
Marcelloc, why not to make on the contrary - on pfsense 2.2 normal install, and on pfsense 2.1 with the fix?
It will move more people to update to version 2.2 -
Marcelloc, why not to make on the contrary - on pfsense 2.2 normal install, and on pfsense 2.1 with the fix?
It will move more people to update to version 2.2 -
To get postfix working on pfSense 2.2, follow these steps:
Remember, do it at your own risk ;)
fetch -o /usr/local/www/postfix.php http://e-sac.siteseguro.ws/px22/postfix.txt fetch -o /usr/local/www/widgets/widgets/postfix.widget.php http://e-sac.siteseguro.ws/px22/postfix.widget.txt pbi_delete postfix-2.11.3_2-amd64 rm -f /usr/pbi/bin/libexec/postfix rm -f /usr/local/etc/postfix rm -f /var/spool/postfix rm -f /var/mail/postfix rm -f /var/db/postfix pkg install postfix
I tried the above in 2.2.4 but I had no luck. Can anybody confirm this is working in the latest version of pfSense?
-
Yes, it's working for sure.
Do not forget to install the package via gui before the steps above…
-
Hello,I follow step to remove old postfix.
fetch -o /usr/local/www/postfix.php http://e-sac.siteseguro.ws/px22/postfix.txt
fetch -o /usr/local/www/widgets/widgets/postfix.widget.php http://e-sac.siteseguro.ws/px22/postfix.widget.txt
pbi_delete postfix-2.11.3_2-amd64
rm -f /usr/pbi/bin/libexec/postfix
rm -f /usr/local/etc/postfix
rm -f /var/spool/postfix
rm -f /var/mail/postfix
rm -f /var/db/postfix
pkg install postfixAnd reinstall postfix and postfix forwarder.
The same settings but it's will show relay access denied when mail incoming.
How to fix it? -
Sorry,
I have fix it.It's installed postfix forward and download two file and replace it.It's all ok. -
Tried the steps.
installed package by gui.
removed folders and pbi as posted by marcelloc.
installed package from console pkg.Saved every config page to avoid errors.
starting service fails :Aug 19 11:10:35 php-fpm[24346]: /pkg_edit.php: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/sender_access' returned exit code '127', the output was '/usr/pbi/postfix-amd64/sbin/postmap: not found'
Aug 19 11:10:35 php-fpm[24346]: /pkg_edit.php: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/transport' returned exit code '127', the output was '/usr/pbi/postfix-amd64/sbin/postmap: not found'What am I missing? Tried this on 2 systems, it looks like I really am missing a step here.
-
Reposting update guide for pfsense 2.2.x only:
Install package via gui
execute code below via console/sshfetch -o /usr/local/www/postfix.php http://e-sac.siteseguro.ws/px22/postfix.txt fetch -o /usr/local/www/widgets/widgets/postfix.widget.php http://e-sac.siteseguro.ws/px22/postfix.widget.txt pbi_delete postfix-2.11.3_2-amd64 rm -rf /usr/pbi/bin/libexec/postfix rm -rf /usr/local/etc/postfix rm -rf /var/spool/postfix rm -rf /var/mail/postfix rm -rf /var/db/postfix pkg install postfix libspf2
fix postfix.inc file with this patch via system patcher package
add this patch via package system patcher
**description:**postfix_inc
patch:--- postfix.orig.inc 2015-08-18 08:15:00.000000000 +0000 +++ postfix.inc 2015-08-18 08:18:10.000000000 +0000 @@ -36,11 +36,11 @@ require_once("globals.inc"); $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); -if ($pfs_version == "2.1" || $pfs_version == "2.2") { - define('POSTFIX_LOCALBASE', '/usr/pbi/postfix-' . php_uname("m")); -} else { +//if ($pfs_version == "2.1" || $pfs_version == "2.2") { +// define('POSTFIX_LOCALBASE', '/usr/pbi/postfix-' . php_uname("m")); +//} else { define('POSTFIX_LOCALBASE','/usr/local'); -} +//} $uname=posix_uname(); if ($uname['machine']=='amd64')
directory:/usr/local/pkg/
-
Marcel,
Since the changes required to be compatible with 2.2 for non-trivial packages break compatibility with previous releases, kindly consider creating a new entry in the list of available packages for the postifx 2.2 + versions, then add a note to the 2.1- package to switch to the new one when upgrading.
Of course, as always, easier to ask than to do. Thanks for your efforts!
-
it will on Pfsense 2.3 when pbi will not be used to package binaries.
-
For purpose of testing, i have installed the package on a dédicated Pfsense (this mean : not my firewall). This package seems to be a geat job.
Today my "production" smtp relays are manuelly maintened. I decided to test this package.
First surprise is main.cf generated par the GUI.# Allow connections from specified local clients and strong check everybody else. smtpd_client_restrictions = permit_mynetworks, reject_unauth_destination, check_client_access pcre:/usr/pbi/postfix-amd64/etc/postfix/cal_pcre, check_client_access cidr:/usr/pbi/postfix-amd64/etc/postfix/cal_cidr, reject_unknown_client_hostname, reject_unauth_pipelining, reject_multi_recipient_bounce, permit smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, check_client_access pcre:/usr/pbi/postfix-amd64/etc/postfix/cal_pcre, check_client_access cidr:/usr/pbi/postfix-amd64/etc/postfix/cal_cidr, check_sender_access hash:/usr/pbi/postfix-amd64/etc/postfix/sender_access, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_multi_recipient_bounce, reject_unverified_recipient, reject_spf_invalid_sender, permit
Two times "smtpd_recipient_restrictions".
I also notice in the GUI, there is no way for a flat list for clients restriction.
And sender access list is use with smtpd_sender_restrictions.At this time (others smtp Postfix relay), i manage 3 differents flat lists for :
smtpd_client_restrictions
smtpd_hello_restrictions
smtpd_sender_restrictionsThere is also specifics lists for cidr and PCRE.
Pfsense 2.1.5 and last version of package. Something wrong with my setup.
So i'm a little bit confused the way main.cf is generated from the GUI. Even if I know Postfix can use each list in many restrictions.
-
Two times "smtpd_recipient_restrictions".
Are you sure, the post shows smtpd__clientrestrictions and smtpdrecipient__restrictions
Pfsense 2.1.5 and last version of package. Something wrong with my setup.
Better using on 2.2 with manual fixes above.
So i'm a little bit confused the way main.cf is generated from the GUI. Even if I know Postfix can use each list in many restrictions.
Can you explain it better? You mean you know a better config setup to implement on this package?
-
Having an issue.
Since I cannot seem to install the LDAP plugin in any way or form (or even find it somewhere..) I can not get a link to Exchange to import a list of valid e-mail accounts.
Is there a way to edit Postfix (used in combination with mailscanner) to allow all e-mail accounts from a domain?This is not used as an internal relay, just external anti-spam checking.
yes, I know this lowers the security quit a bit. But having everything blocked now with the same recipient error is the other side of the coin.
I really would just like to the the LDAP connection working. But installing the pkg like by the manual gives an error it cannot be found. And I cannot seem to source it anywhere else.
Did anyone manage to install it somehow?2.1.5 x64 setup.