Postfix - antispam and relay package
-
Hello marcelloc,
thank you for your work and this package… Is there any documentation on how to enable postfix as smarthost and to relay via gmail smtp?
I'm trying to configure it as the old package (in pfsense 2.2x) that was working as smarthost for the internal lan, with relay via my gmail account: the only instruction I've found are http://ghanima.net/doku.php?id=wiki:pfsense:postfixmailrelay but I can't make it work (different paths) and various errors in /var/log/system.log
Apr 7 17:42:38 pfSense0 php-fpm[64394]: /pkg_edit.php: Writing out configuration
Apr 7 17:42:40 pfSense0 php-fpm[64394]: /pkg_edit.php: Writing rc_file
Apr 7 17:42:41 pfSense0 php-fpm[64394]: /pkg_edit.php: Stopping postfix
Apr 7 17:42:41 pfSense0 postfix/postfix-script[73787]: fatal: the Postfix mail system is not running
Apr 7 17:42:42 pfSense0 php-fpm[64394]: /pkg_edit.php: The command stop' returned exit code '1', the output was ''
…
Apr 7 17:45:43 pfSense0 php-fpm[67433]: /pkg_edit.php: Writing out configuration
Apr 7 17:45:45 pfSense0 php-fpm[67433]: /pkg_edit.php: Writing rc_file
Apr 7 17:45:46 pfSense0 php-fpm[67433]: /pkg_edit.php: Reloading/starting postfix
Apr 7 17:45:46 pfSense0 postfix/postfix-script[98918]: fatal: the Postfix mail system is not running
Apr 7 17:45:47 pfSense0 php-fpm[67433]: /pkg_edit.php: Postfix setup completed
Apr 7 17:45:58 pfSense0 postfix/smtp[70787]: fatal: SASL library initialization
Apr 7 17:46:59 pfSense0 postfix/smtp[3068]: fatal: SASL library initialization
Apr 7 17:48:00 pfSense0 postfix/smtp[24940]: fatal: SASL library initializationExecuting via ssh the command "/usr/local/etc/rc.d/postfix.sh start" gives the following output:
kern.ipc.nmbclusters: 379268
sysctl: kern.ipc.nmbclusters=65536: Invalid argument
kern.ipc.somaxconn: 16384 -> 16384
kern.maxfiles: 131072 -> 131072
kern.maxfilesperproc: 104856 -> 104856
kern.threads.max_threads_per_proc: 4096 -> 4096
postfix: Postfix is running with backwards-compatible default settings
postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details
postfix: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
postfix/postfix-script: fatal: the Postfix mail system is already runningWhat can I check? Thank you for your time…
Riccardo. -
New pkg version includes postwhite integration 8)
Thanks for Postwhite, spf-tools projects and Bismarck
-
@pf-disa - you could try (untested but would make sense)
cd /root fetch https://raw.githubusercontent.com/marcelloc/Unofficial-pfSense-packages/master/pkg-postfix/files/install_postfix_23.sh nano install_postfix_23.sh
go down to line 81 and edit like this:
Install postfix package
pkg install postfix**-sasl** libspf2 opendkim libmilter py27-postfix-policyd-spf-python p5-perl-ldap
and then
sh ./install_postfix_23.sh
to get rid of the compatibility warning add
smtputf8_enable=yes compatibility_level=2
to the custom main.cf options
This package is getting in a really beautiful shape, its so sad that its not be in the official repo. :'(
Anyway excellent work! :)
-
I'll include the sasl option in the install. The idea of this package is to give sysadmins an excellent smtp layer 7 filtering /proxy.
-
Hello,
@Bismark thanks for the info now everything works as desired! 8)
In /var/log/system.log remain the fatal error, even if all works…
Apr 9 12:26:55 pfSense0 pkg: postfix-3.1.4,1 deinstalled Apr 9 12:26:56 pfSense0 pkg: pkg reinstalled: 1.10.1 -> 1.10.1 Apr 9 12:27:00 pfSense0 pkg: postfix-sasl-3.1.4,1 installed Apr 9 12:27:01 pfSense0 pkg: tiff-4.0.7_1 installed ... Apr 9 12:28:45 pfSense0 php-fpm[47768]: /pkg_edit.php: Writing out configuration Apr 9 12:28:47 pfSense0 php-fpm[47768]: /pkg_edit.php: Writing rc_file Apr 9 12:28:48 pfSense0 php-fpm[47768]: /pkg_edit.php: Reloading/starting postfix Apr 9 12:28:48 pfSense0 postfix/postfix-script[17508]: fatal: the Postfix mail system is not running Apr 9 12:28:49 pfSense0 php-fpm[47768]: /pkg_edit.php: Postfix setup completed
Excellent work @Marcelloc, thank you!
Riccardo. -
The fatal maybe related to a restart call to a process that is not ruining.
Good to see that this package is useful for community.
-
I just update my install on 2.3.2-p1 with your new script without any problems ( with sasl changes from Bismark ).
Thank you all.
-
These changes will be merged soon.
There are other improvements that will be merged soon.
Long life for community contributors :D
-
Noticed 3 little things,
1. postfix_postwhite.template isn't copied to /usr/local/etc/postwhite.conf
//save file $postwhite_domains = preg_replace("/\s+/"," ",$domains); include("/usr/local/pkg/postfix_postwhite.template"); file_put_contents($postwhite_conf , POSTFIX_LOCALBASE . "/etc/postwhite.conf" , LOCK_EX);
2. additional domains don't get added to postwhite.conf, maybe because of 1.
3. postwhite is looking for postwhite.conf in a different place anyway
# Read config file options if [ -s /etc/postwhite.conf ] ; then printf "\nReading options from /etc/postwhite.conf...\n" source /etc/postwhite.conf else printf "\nCan't find /etc/postwhite.conf. Exiting.\n\n" exit 1 fi
and I had a cronjob for this every morning, cant see where postwhite is executed here?
Thanks. :)
/edit
We need policyd-spf_time_limit = 3600 in main.cf if SPF Lookup is enabled or we get a lot of those lines in maillog:
Mar 5 14:03:26 mail postfix/spawn[57894]: warning: /usr/local/bin/policyd-spf: process id 58877: command time limit exceeded Mar 5 14:32:21 mail postfix/spawn[57894]: warning: /usr/local/bin/policyd-spf: process id 60423: command time limit exceeded Mar 5 15:13:00 mail postfix/spawn[62387]: warning: /usr/local/bin/policyd-spf: process id 62501: command time limit exceeded Mar 5 15:30:07 mail postfix/spawn[62387]: warning: /usr/local/bin/policyd-spf: process id 63269: command time limit exceeded
-
Great job! Package works fine.
Thank you very much guys!I found a little mistake.
On "Access Lists" page, when i click on field "Sender" and "MIME" i'm redirected to http://www.postfix.org/pcre_table.5.html page :) -
Another bug ??
I found that widget is not displaying correct status.
I have configured postfix as backup relay MX2 on Site2 - it receive external mail from WAN if primary mail server MX1 on Site1 is unreachable and it store and forward all email by VPN Site - to - Site.
I also receive all emails from Site2 - from all LANs - and forward them to primary email server on Site1 by VPN Site - to - Site.But until it receive a email from WAN ( Update Sqlite was on 1h and now is on 10 min), widget is not display anything for that day; emails from LAN are not showed;
As you can see it is missing day 10 and day 11 was displayed only if I blocked primary mail server to receive emails from WAN and email was delivered to MX2 and then forwarded to MX1…p.s.
I just found also this one in log probably related to Postwhite:postfix/postscreen[34560]: error: open /usr/local/etc/postfix/postscreen_spf_whitelist.cidr: No such file or directory
-
@ecfx:
p.s.
I just found also this one in log probably related to Postwhite:postfix/postscreen[34560]: error: open /usr/local/etc/postfix/postscreen_spf_whitelist.cidr: No such file or directory
Because you need to run /usr/local/bin/postwhite manually first, can't find any code atm in the package, which would trigger it automatically.
Just running Postfix as a Mail Proxy and my widget stats are very accurate.
-
no luck:
/usr/local/bin: ./postwhite ./postwhite: Permission denied. ... /usr/local/bin: ls -la post* -rw-r--r-- 1 root wheel 9789 Apr 9 14:59 postwhite /usr/local/bin: chmod 755 postwhite /usr/local/bin: ls -la post* -rwxr-xr-x 1 root wheel 9789 Apr 9 14:59 postwhite /usr/local/bin: ./postwhite ./postwhite: Command not found.
-
nano /usr/local/bin/postwhite
1 line change from
#! /bin/bash
to
#! /usr/local/bin/bash
next
fetch -q -o /usr/local/etc/postwhite.conf https://raw.githubusercontent.com/stevejenkins/postwhite/master/postwhite.conf
and
ln -s /usr/local/etc/postwhite.conf /etc/postwhite.conf nano /usr/local/etc/postwhite.conf
edit paths
# FILE PATHS spftoolspath=/usr/local/bin/spf-tools postfixpath=/usr/local/etc/postfix postfixbinarypath=/usr/local/sbin whitelist=postscreen_spf_whitelist.cidr blacklist=postscreen_spf_blacklist.cidr yahoo_static_hosts=/usr/local/etc/postfix/yahoo_static_hosts.txt
now run
/usr/local/bin/postwhite
Good luck!
-
Thank you but is exactly the same as before.
I can live without postwhite and widget as before… -
@ecfx:
Thank you but is exactly the same as before.
I can live without postwhite and widget as before…fixed postwhite config file creation and etc path call
-
Thanks, the widget shortcuts are handy. :)
-
Can I run "install_postfix_23.sh" script again or I must remove all installed packages first ::)
-
Can I run "install_postfix_23.sh" script again or I must remove all installed packages first ::)
As far as I can see, it should not be a issue, just run the script again.
-
Included postfwd functions to limit messages per user and time based on package.
To use this funcion you must run the install cpan modules script from pkg-mailscanner
https://raw.githubusercontent.com/marcelloc/Unofficial-pfSense-packages/master/pkg-mailscanner/files/install_cpan_modules_23.sh
Fist time implementation, not used to run postfwd, so feedbacks are always welcome.