Postfix - antispam and relay package
-
Just noticed on the Access Lists page I couldn't edit sender, MIME or body filters and spotted the 'a' tag was still open… Line 109 of /usr/local/pkg/postfix_acl.xml is missing the closing tag
Fixed. Thanks for the feedback
-
Ok so widget crashed now due to memory allocation error…
I've updated the widget file to allow more php memory use.
-
Was not getting any sqllite db's from the logs despite all settings being correct then found an old post referencing an issue if you have other characters in the hostname (- for instance
I've changed the preg_match from (\w+) to (\S+)
https://github.com/marcelloc/Unofficial-pfSense-packages/commit/0893d4a2e523688ccd56d419ff1d7c8be5c51cd2
-
I've changed the preg_match from (\w+) to (\S+)
https://github.com/marcelloc/Unofficial-pfSense-packages/commit/0893d4a2e523688ccd56d419ff1d7c8be5c51cd2
Re- ran the installer and all looks good so far, thanks! :)
-
Noticed that the options for 'SPF lookup HELO' and 'SPF lookup Mail From' are missing 'Fail' option..
Looks like option Null for 'HELO' has value Fail set as well as option Fail so 'Fail' never displays (also would mean selecting Null didn't do what you expect).
For 'Mail From' option Null shouldn't be an option (according to the commented policyd-spf.conf) so removing this will correct the available options.
-
Noticed that the options for 'SPF lookup HELO' and 'SPF lookup Mail From' are missing 'Fail' option..
Looks like option Null for 'HELO' has value Fail set as well as option Fail so 'Fail' never displays (also would mean selecting Null didn't do what you expect).
For 'Mail From' option Null shouldn't be an option (according to the commented policyd-spf.conf) so removing this will correct the available options.
thanks for the pull request on github :)
-
Widget start to display strange data…
![2017-04-22 20.53.41.jpg](/public/imported_attachments/1/2017-04-22 20.53.41.jpg)
![2017-04-22 20.53.41.jpg_thumb](/public/imported_attachments/1/2017-04-22 20.53.41.jpg_thumb)
![2017-04-22 18.48.31.jpg](/public/imported_attachments/1/2017-04-22 18.48.31.jpg)
![2017-04-22 18.48.31.jpg_thumb](/public/imported_attachments/1/2017-04-22 18.48.31.jpg_thumb) -
Are you waiting first refresh?
-
Looks good so far here. :)
marcelloc postfwd pkg is missing in the setup script? I've installed it manually and set postfwd.cf and the port to 10045 in the rc file, now its running.
![2017-04-22 19.41.54.png](/public/imported_attachments/1/2017-04-22 19.41.54.png)
![2017-04-22 19.41.54.png_thumb](/public/imported_attachments/1/2017-04-22 19.41.54.png_thumb) -
Looks good so far here. :)
marcelloc postfwd pkg is missing in the setup script? I
I'll check but I remember including it on install script. Maybe I forgot to push it to GitHub repo
-
I'll check but I remember including it on install script. Maybe I forgot to push it to GitHub repo
Gui creates the file when there are rules on it. what's the behavior on your box?
-
I'll check but I remember including it on install script. Maybe I forgot to push it to GitHub repo
Gui creates the file when there are rules on it. what's the behavior on your box?
I had to manually install postfix-postfwd-1.35_1 to make it run and listen on 127.0.0.1:10045, otherwise postfix will give warnings about it.
Apr 21 16:40:16 zonk postfix/smtpd[4740]: warning: connect to 127.0.0.1:10045: Operation timed out Apr 21 16:40:16 zonk postfix/smtpd[4740]: warning: problem talking to server 127.0.0.1:10045: Operation timed out
-
I had to manually install postfix-postfwd-1.35_1 to make it run and listen on 127.0.0.1:10045, otherwise postfix will give warnings about it.
Fixed the install script to include the pkg add, Thanks again :)
I'll push it to repo soon
-
Hi,
Is this re-instalation completed successfully as I also see in /root ?
drwxr-xr-x 5 root wheel 512 Apr 25 17:07 spf-tools-master
/root: sh ./install_postfix_23.sh Message from syslogd@fwpl at Apr 25 17:05:19 ... fwpl php-fpm[61287]: /index.php: Successful loginsh ./install_postfix_23.sh fetching /usr/local/bin/adexport.pl from github fetching /usr/local/pkg/postfix.inc from github fetching /usr/local/pkg/postfix.xml from github fetching /usr/local/pkg/postfix_acl.xml from github fetching /usr/local/pkg/postfix_antispam.xml from github fetching /usr/local/pkg/postfix_domains.xml from github fetching /usr/local/pkg/postfix_recipients.xml from github fetching /usr/local/pkg/postfix_sync.xml from github fetching /usr/local/share/pfSense-pkg-postfix/info.xml from github fetching /usr/local/www/postfix.php from github fetching /usr/local/www/postfix_about.php from github fetching /usr/local/www/postfix_queue.php from github fetching /usr/local/www/postfix_recipients.php from github fetching /usr/local/www/postfix_search.php from github fetching /usr/local/www/postfix_view_config.php from github fetching /usr/local/www/shortcuts/pkg_postfix.inc from github fetching /usr/local/www/widgets/widgets/postfix.widget.php from github fetching /usr/local/pkg/postfix_dkim.inc from github fetching /usr/local/www/vendor/datatable/se-1.2.0.zip from github fetching /usr/local/www/vendor/datatable/css/jquery.dataTables.min.css from github fetching /usr/local/www/vendor/datatable/js/jquery.dataTables.min.js from github fetching /usr/local/www/postfix.sql.php from github fetching /usr/local/bin/postwhite from github fetching /usr/local/pkg/postfix_postwhite.template from github Updating FreeBSD repository catalogue... Fetching meta.txz: 100% 944 B 0.9kB/s 00:01 Fetching packagesite.txz: 100% 6 MiB 3.0MB/s 00:02 Processing entries: 100% FreeBSD repository update completed. 26278 packages processed. Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... Fetching meta.txz: 100% 944 B 0.9kB/s 00:01 Child process pid=77716 terminated abnormally: Segmentation fault fetch: https://github.com/jsarenik/spf-tools/archive/master.zip: size of remote file is not known master.zip 49 kB 195 kBps 00m01s Archive: master.zip d spf-tools-master replace spf-tools-master/.gitignore? [y]es, [n]o, [A]ll, [N]one, [r]ename: y extracting: spf-tools-master/.gitignore replace spf-tools-master/.simplecov? [y]es, [n]o, [A]ll, [N]one, [r]ename: A extracting: spf-tools-master/.simplecov extracting: spf-tools-master/.travis.yml extracting: spf-tools-master/AUTHORS extracting: spf-tools-master/LICENSE extracting: spf-tools-master/README.md extracting: spf-tools-master/circle.yml extracting: spf-tools-master/cloudflare.sh extracting: spf-tools-master/compare.sh extracting: spf-tools-master/despf.sh extracting: spf-tools-master/genspfzone.sh d spf-tools-master/include extracting: spf-tools-master/include/despf.inc.sh extracting: spf-tools-master/include/global.inc.sh extracting: spf-tools-master/include/isincidrange.sh extracting: spf-tools-master/iprange.sh d spf-tools-master/misc extracting: spf-tools-master/misc/ci-runtest.sh extracting: spf-tools-master/misc/ci-setup.sh extracting: spf-tools-master/misc/tmpl extracting: spf-tools-master/mkblocks.sh extracting: spf-tools-master/mkzoneent.sh extracting: spf-tools-master/normalize.sh extracting: spf-tools-master/route53.sh extracting: spf-tools-master/runspftools.sh extracting: spf-tools-master/shippable.yml extracting: spf-tools-master/simplify.sh d spf-tools-master/tests d spf-tools-master/tests/a24 extracting: spf-tools-master/tests/a24/cmd extracting: spf-tools-master/tests/a24/in extracting: spf-tools-master/tests/a24/out d spf-tools-master/tests/brokendns extracting: spf-tools-master/tests/brokendns/cmd extracting: spf-tools-master/tests/brokendns/in extracting: spf-tools-master/tests/brokendns/out d spf-tools-master/tests/cname extracting: spf-tools-master/tests/cname/cmd extracting: spf-tools-master/tests/cname/in extracting: spf-tools-master/tests/cname/out d spf-tools-master/tests/despf extracting: spf-tools-master/tests/despf/cmd extracting: spf-tools-master/tests/despf/in extracting: spf-tools-master/tests/despf/out d spf-tools-master/tests/despf_chain extracting: spf-tools-master/tests/despf_chain/cmd extracting: spf-tools-master/tests/despf_chain/in extracting: spf-tools-master/tests/despf_chain/out d spf-tools-master/tests/despf_help extracting: spf-tools-master/tests/despf_help/cmd extracting: spf-tools-master/tests/despf_help/in extracting: spf-tools-master/tests/despf_help/out d spf-tools-master/tests/despf_qualifier extracting: spf-tools-master/tests/despf_qualifier/cmd extracting: spf-tools-master/tests/despf_qualifier/in extracting: spf-tools-master/tests/despf_qualifier/out d spf-tools-master/tests/despf_qualifier2 extracting: spf-tools-master/tests/despf_qualifier2/cmd extracting: spf-tools-master/tests/despf_qualifier2/in extracting: spf-tools-master/tests/despf_qualifier2/out d spf-tools-master/tests/despf_skip extracting: spf-tools-master/tests/despf_skip/cmd extracting: spf-tools-master/tests/despf_skip/in extracting: spf-tools-master/tests/despf_skip/out d spf-tools-master/tests/despf_skip_t extracting: spf-tools-master/tests/despf_skip_t/cmd extracting: spf-tools-master/tests/despf_skip_t/in extracting: spf-tools-master/tests/despf_skip_t/out d spf-tools-master/tests/despf_torn extracting: spf-tools-master/tests/despf_torn/cmd extracting: spf-tools-master/tests/despf_torn/in extracting: spf-tools-master/tests/despf_torn/out d spf-tools-master/tests/despf_upper_case extracting: spf-tools-master/tests/despf_upper_case/cmd extracting: spf-tools-master/tests/despf_upper_case/in extracting: spf-tools-master/tests/despf_upper_case/out d spf-tools-master/tests/fix_32 extracting: spf-tools-master/tests/fix_32/cmd extracting: spf-tools-master/tests/fix_32/in extracting: spf-tools-master/tests/fix_32/out d spf-tools-master/tests/mkblocks-help extracting: spf-tools-master/tests/mkblocks-help/cmd extracting: spf-tools-master/tests/mkblocks-help/in extracting: spf-tools-master/tests/mkblocks-help/out d spf-tools-master/tests/mkblocks-start extracting: spf-tools-master/tests/mkblocks-start/cmd extracting: spf-tools-master/tests/mkblocks-start/in extracting: spf-tools-master/tests/mkblocks-start/out d spf-tools-master/tests/mkblocks extracting: spf-tools-master/tests/mkblocks/cmd extracting: spf-tools-master/tests/mkblocks/in extracting: spf-tools-master/tests/mkblocks/out d spf-tools-master/tests/mx20 extracting: spf-tools-master/tests/mx20/cmd extracting: spf-tools-master/tests/mx20/in extracting: spf-tools-master/tests/mx20/out d spf-tools-master/tests/mx20_upper_case extracting: spf-tools-master/tests/mx20_upper_case/cmd extracting: spf-tools-master/tests/mx20_upper_case/in extracting: spf-tools-master/tests/mx20_upper_case/out d spf-tools-master/tests/norm_ignore extracting: spf-tools-master/tests/norm_ignore/cmd extracting: spf-tools-master/tests/norm_ignore/in extracting: spf-tools-master/tests/norm_ignore/out d spf-tools-master/tests/normalize extracting: spf-tools-master/tests/normalize/cmd extracting: spf-tools-master/tests/normalize/in extracting: spf-tools-master/tests/normalize/out d spf-tools-master/tests/normalize_empty extracting: spf-tools-master/tests/normalize_empty/cmd extracting: spf-tools-master/tests/normalize_empty/in extracting: spf-tools-master/tests/normalize_empty/out d spf-tools-master/tests/nospf extracting: spf-tools-master/tests/nospf/cmd extracting: spf-tools-master/tests/nospf/in extracting: spf-tools-master/tests/nospf/out d spf-tools-master/tests/redirect extracting: spf-tools-master/tests/redirect/cmd extracting: spf-tools-master/tests/redirect/in unzip: skipping non-regular entry 'spf-tools-master/tests/redirect/out' d spf-tools-master/tests/simplify extracting: spf-tools-master/tests/simplify/cmd extracting: spf-tools-master/tests/simplify/in extracting: spf-tools-master/tests/simplify/out extracting: spf-tools-master/tests/test-shell.sh extracting: spf-tools-master/tests/test-subdirs.sh extracting: spf-tools-master/tests/test-unit.sh extracting: spf-tools-master/xsel.sh mv: rename spf-tools-master to /usr/local/bin/spf-tools/spf-tools-master: Directory not empty
edit:
deleted /usr/local/bin/spf-tools/spf-tools-master
and retry the install and now it looks ok -
Yesterday, a fresh Pfsense 2.3.3 install. 64bits version, on a vm (esx) with 2Go ram. This Pfsense is not used as firewall, the purpose is testing Pfsense + Postfix package as mail gateway. Runing install from scrip as provide on github. No error except if i miss something.
Setting a few parameters in Postfix and i can start it.
Now the problems.
In SystemPackage ManagerInstalled Packages : There are no packages currently installed.The only way i find to acces Posrfix setup is via Status / Services and clicj icon Related settings.
Postfix don(t appear in menu Services. Is this normal ?In my actual Postfix gateway (5/6 clients with it) i use access lists for denied domain : one list for domain and another one with regular expresion. In main.cf I have :
smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated check_client_access cidr:/etc/postfix/access_cidr check_client_access hash:/etc/postfix/access_client check_client_access regexp:/etc/postfix/access_client_regexp reject_rbl_client zen.spamhaus.org
I'm not sure to understand howto implement cidr:/etc/postfix/access_cidr and hash:/etc/postfix/access_client.
etc/postfix/access_cidr is something likeoffrecadeau.ovh REJECT spammeur
hash:/etc/postfix/access_client is like
243.200.171.0/24 REJECT Spammeur
This package is a great job. Thanks.
-
In SystemPackage ManagerInstalled Packages : There are no packages currently installed.
That's right. As an Unofficial package, It will not be there.
The only way i find to acces Posrfix setup is via Status / Services and clicj icon Related settings.
Postfix don(t appear in menu Services. Is this normal ?try to install cron package for example. Install process includes postfix on service menu but for some reason, on some boxes, you may need to install a package. I suggest system patches or cron.
This package is a great job. Thanks.
Thanks :)
-
Thanks Marcelloc,
installing the cron package solve the problem about smtp in menu Services. Postfix Forwarder is now visible.
-
I thing an access client list is missing for denying a domains list such as
diglobaltoday.com REJECT
When looking at configuration i have :
smtpd_client_restrictions = permit_mynetworks, reject_unauth_destination, check_client_access pcre:/usr/local/etc/postfix/cal_pcre, check_client_access cidr:/usr/local/etc/postfix/cal_cidr, reject_unknown_client_hostname, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
I thing it will be nice to have one more line with :
check_client_access hash:/usr/local/etc/postfix/cal_hash,
I have 3900 domains rejected at command connect (smtpd_client_restrictions) in my ClearOS Gateway.
-
Just add a // between domains you have on pcre field.
/\.dsl\./ REJECT DSLs not allowed [HS001] /\.dynamic\./ REJECT DSLs not allowed[HS003] /mkt/ REJECT Spam is not marketing [HS007]
TABLE FORMAT
The general form of a PCRE table is:/pattern/flags result
When pattern matches the input string, use the corresponding
result value.!/pattern/flags result
When pattern does not match the input string, use the corre-
sponding result value. -
Ok I will try. But I'm not sure howto reject the domain who appear in the commande connect.
I add the Postfix widget, but it remain empty. Mails are correctly routed to internet but nothing in the widget.