I have been running through the installation of SpamSnake and have hit on a problem. http://howtoforge.com/the-perfect-spamsnake-ubuntu-8.04-p6 After installing the SPF for postfix I get the following error: postfix/smtpd[6743]: fatal: dict_unix_open: unknown map name: private/policy I have checked and double checked everything on the above page and can't find the solution. I have searched Google and the only thing I can find is about postfix being the wrong version. I have only downloaded postfix using get-apt a few days ago so I am assuming it is a current version (not sure where to check). I have installed Mail::SPF NetAddr::IP added to /etc/postfix/master.cf policy unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl added to main.cf (after reject_unauth_destination) check_policy_service unixrivate/policy and I've rebooted
You have to append the following exactly as you see it in the master.cf file: Code: policy unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl It requires the leading spaces. Can you post your main.cf and master.cf file?
Oops, should have posted in code tags. I do have a space. main.cf (changed domain names and ip) Code: append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = myspamsnake.company.local alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = company.com mydestination = relayhost = myisprelay.com mynetworks = 127.0.0.0/8, 192.168.1.21/32 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all message_size_limit = 10485760 local_transport = error:No local mail delivery local_recipient_maps = virtual_alias_maps = hash:/etc/postfix/virtual relay_recipient_maps = hash:/etc/postfix/relay_recipients transport_maps = hash:/etc/postfix/transport relay_domains = hash:/etc/postfix/relay_domains smtpd_helo_required = yes smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain smtpd_recipient_restrictions = reject_non_fqdn_sender reject_unknown_sender_domain reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks reject_unauth_destination check_policy_sevice unix:private/policy reject_unauth_pipelining reject_invalid_helo_hostname reject_non_fqdn_helo_hostname reject_rbl_client zen.spamhaus.org check_policy_service inet:127.0.0.1:2525 smtpd_data_restrictions = reject_unauth_pipelining header_checks = regexp:/etc/postfix/header_checks master.cf (removed some hashed out stuff) Code: # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd pickup fifo n - - 60 1 pickup -o content_filter= -o receive_override_options=no_header_body_checks cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} policy unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl I should add that running the stand alone spf test works. No 4 on http://www.howtoforge.com/postfix_spf
Ok everything looks good on your end and I'm sure you've install postfix-policyd-spf-perl correctly. I noticed one difference between my main.cf and yours. Please add commas to your recipient_restrictions as follows: Code: smtpd_recipient_restrictions = reject_non_fqdn_sender[B],[/B] reject_unknown_sender_domain[B],[/B] reject_non_fqdn_recipient[B], [/B] reject_unknown_recipient_domain[B],[/B] permit_mynetworks[B],[/B] reject_unauth_destination[B], [/B] check_policy_sevice unix:private/policy[B], [/B] reject_unauth_pipelining[B], [/B] reject_invalid_helo_hostname[B], [/B] reject_non_fqdn_helo_hostname[B], [/B] reject_rbl_client zen.spamhaus.org[B],[/B] [B]check_policy_service unix:private/policy,[/B] check_policy_service inet:127.0.0.1:2525 Try that and let me know if it works. Thanks,
Well I'll take the reward for idiot techie of the year. I had tried it with and with out commas, in line and separate. I spent the whole day going through it and checking everything. Only after moving it further down the list to match yours did I notice the missing r in service. DOH. Thanks for taking the time to help me out (and time taken to write the guide).
LOL.. Hey man, it happens, I missed it too. Good luck with the rest and it's no problem at all. Rocky