Teergrube and postfix?

plug@arcticmail.com plug@arcticmail.com
Tue, 7 Nov 2000 22:36:05 -0700 

I don't know what I'm doing, and I've never done this
before, and JLF will be your savior, but I did skim over:

    http://www.iks-jena.de/mitarb/lutz/usenet/antispam.html


sendmail (and I assume postfix) can be configured to
be spawned from inetd (inetd listens on port 25 and
hands the connection off to the MTA) or it can be
configured to run "standalone" ("-bd", inetd is not
involved at all, sendmail (or whatever MTA) listens
to port 25 and handles everything all by itself.

Anyway, it sounds like you have postfix set up in
"standalone" mode, listening on a non-standard smtp
port (your "fakesmtp").  However, from the URL above,
it sounds like "antispam" functions like inetd, listening
on port 25 and handing the connection off to postfix.
So, your postfix config shouldn't need to know ANYTHING
about the port to listen on.  Basically, try re-configuring
postfix for "inetd" mode (you could even run it from
the real inetd to ensure your postfix config is correct).
After it's running in an "inetd" configuration, comment
the line out of inetd.conf, send a HUP to inetd, and
re-try using "antispam" in place of inetd.

The logs are also showing "relaying denied."  I would
suspect that you need to configure teergrube to permit
relaying from your internal IP network address(es).
You ARE using non-routeable (RFC 1918) IP addresses
for your internal network, (and blocking same on your
external interface(s)) right? :)

Remember to configure your teergrube delay to be zero
seconds for friendlies, 30-60 seconds for unknowns,
and I believe that JLF recommends 9999999999999999999999999999999999999999999999
for slimers.


D

* On Tue, Nov 07, 2000 at 10:12:01AM -0700, Rusty Carruth wrote:
> Well, so close and yet so far.
> 
> I've got about 90% of the way to having teergrube run in front
> of postfix.  I set up postfix, got it working, then changed
> master.cf to say 'fakesmtp' as the port (and added a new
> port to /etc/services called fakesmtp) and reloaded postfix.
> Then I started './antispam ./teergrube.config', and looked
> with netstat to see that all the ports were listening that I
> expected to be listening.
> 
> They were, and everything seemed to work, until I tried to 
> send mail out from behind the firewall (including from on
> the firewall machine itself - the one running postfix, 
> antispam, etc).
> 
> What I got then was:
> 
> Nov  7 09:44:14 fw postfix/qmgr[17695]: warning: connect to transport smtp: Connection refused
> Nov  7 09:44:41 fw teergrube[17884]: mclib: Got signal 15. Closing connections and exit.
> 
> Antispam says:
> 
> Nov  7 09:38:10 fw teergrube[17884]: [6] from 210.154.8.242:12317, 10 sec delay (match default), relaying denied (match (null)).
> Nov  7 09:38:13 fw teergrube[17884]: [6] coprocess 17920 started. Bind descriptors 8->6->13 10->syslog
> Nov  7 09:38:13 fw teergrube[17884]: [10] remote close. pid 17920
> 
> earlier on in the logs.
> 
> Has anyone tried this?  (teergrube and postfix)
> 
> Am I crazy (don't answer that!) for trying it this way?
> Should I punt back to normal sendmail?
> 
> Anybody?
> 
> thanks!
> 
> rusty
> 
> 
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> 
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss