Installing SPF-postfix in SpamSnake Howto

I have been running through the installation of SpamSnake and have hit on a problem.

http://howtoforge.com/the-perfect-spamsnake-ubuntu-8.04-p6

After installing the SPF for postfix I get the following error:

postfix/smtpd[6743]: fatal: dict_unix_open: unknown map name: private/policy

I have checked and double checked everything on the above page and can't find the solution. I have searched Google and the only thing I can find is about postfix being the wrong version. I have only downloaded postfix using get-apt a few days ago so I am assuming it is a current version (not sure where to check).

I have installed

Mail::SPF
NetAddr::IP

added to /etc/postfix/master.cf

policy unix - n n - - spawn
user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl

added to main.cf (after reject_unauth_destination)

check_policy_service unixrivate/policy

and I've rebooted

 

You have to append the following exactly as you see it in the master.cf file:

Code:

policy unix - n n - - spawn
   user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl

It requires the leading spaces.

Can you post your main.cf and master.cf file?

 

Oops, should have posted in code tags. I do have a space.

main.cf
(changed domain names and ip)

Code:

append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = myspamsnake.company.local
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = company.com
mydestination = 
relayhost = myisprelay.com
mynetworks = 127.0.0.0/8, 192.168.1.21/32
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
message_size_limit = 10485760
local_transport = error:No local mail delivery
local_recipient_maps = 
virtual_alias_maps = hash:/etc/postfix/virtual
relay_recipient_maps = hash:/etc/postfix/relay_recipients
transport_maps = hash:/etc/postfix/transport
relay_domains = hash:/etc/postfix/relay_domains
smtpd_helo_required = yes
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_recipient_restrictions =
   reject_non_fqdn_sender
   reject_unknown_sender_domain
   reject_non_fqdn_recipient
   reject_unknown_recipient_domain
   permit_mynetworks
   reject_unauth_destination
   check_policy_sevice unix:private/policy
   reject_unauth_pipelining
   reject_invalid_helo_hostname
   reject_non_fqdn_helo_hostname
   reject_rbl_client zen.spamhaus.org
   check_policy_service inet:127.0.0.1:2525
smtpd_data_restrictions = reject_unauth_pipelining
header_checks = regexp:/etc/postfix/header_checks

master.cf
(removed some hashed out stuff)

Code:

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
pickup    fifo  n       -       -       60      1       pickup
	-o content_filter=
	-o receive_override_options=no_header_body_checks
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
	-o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache

maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}

uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
policy    unix  -       n       n       -       -       spawn
  user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl

I should add that running the stand alone spf test works. No 4 on http://www.howtoforge.com/postfix_spf

 

Ok everything looks good on your end and I'm sure you've install postfix-policyd-spf-perl correctly. I noticed one difference between my main.cf and yours. Please add commas to your recipient_restrictions as follows:

Code:

 
smtpd_recipient_restrictions =
            reject_non_fqdn_sender[B],[/B]
            reject_unknown_sender_domain[B],[/B]
            reject_non_fqdn_recipient[B],
[/B]            reject_unknown_recipient_domain[B],[/B]
            permit_mynetworks[B],[/B]
            reject_unauth_destination[B],
[/B]            check_policy_sevice unix:private/policy[B],
[/B]            reject_unauth_pipelining[B],
[/B]            reject_invalid_helo_hostname[B],
[/B]            reject_non_fqdn_helo_hostname[B],
[/B]            reject_rbl_client zen.spamhaus.org[B],[/B]
            [B]check_policy_service unix:private/policy,[/B]
            check_policy_service inet:127.0.0.1:2525

Try that and let me know if it works.

Thanks,

 

Well I'll take the reward for idiot techie of the year. I had tried it with and with out commas, in line and separate. I spent the whole day going through it and checking everything. Only after moving it further down the list to match yours did I notice the missing r in service. DOH.

Thanks for taking the time to help me out (and time taken to write the guide).

 

LOL..

Hey man, it happens, I missed it too.

Good luck with the rest and it's no problem at all.

Rocky