NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2006-01

Re: running two postfix instances and amavisd

From: Alexey Koptsevich (kopts+asg654haboob.atmosp.physics.utoronto.ca)
Date: Sun Jan 08 2006 - 03:43:44 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Alexey Koptsevich a écrit :
>>
>> Hello,
>>
>> I am trying to run two postfix instances and amavisd on one host.
>> The second postfix instance is needed because I want to pass some
>> mail through amavisd, whereas some mail, relayed elsewhere
>> (to host whirlwind.atmosp.physics.utoronto.ca), should not
>> be scanned. The problem is that I cannot make it work. I read that
>> each instance should be running on a separate hostname or IP. I
>> tried both, no difference: bounce with "loops back to myself".
>>
>> Here are excerpts from configs for the case of 2 separate IPs,
>> 128.100.80.90 for haboob.atmosp.physics.utoronto.ca,
>> 128.100.80.98 for webmail.atmosp.physics.utoronto.ca.
>
> you're playing with 2 IPs here but still use 127.0.0.1 for the second
> instance. you don't need a second public IP if 127.0.0.1 is enough.
>
>>
>> What is wrong here? Your advice is greatly appreciated.
>>
>> Alex
>>
>>
>>
>> /etc/postfix.front/master.cf:
>>
>> smtp inet n - n - 64 smtpd
>> -o smtpd_client_connection_count_limit=32
>> smtp-amavis unix - - n - 64 smtp
>> -o smtp_data_done_timeout=1200
>> -o disable_dns_lookups=yes
>> -o smtp_send_xforward_command=yes
>>
>> /etc/postfix.front/main.cf:
>>
>> myhostname = haboob.atmosp.physics.utoronto.ca
>> mydomain = atmosp.physics.utoronto.ca
>> mail_spool_directory = /var/spool/maildir.front/
>> queue_directory = /var/spool/postfix.front
>> inet_interfaces = $myhostname
>
> why? remove this and try again.
>
>> myorigin = atmosp.physics.utoronto.ca
>> mydestination =
>> relay_domains = $myhostname, localhost, $mydomain,
>> haboob.atmosp.physics.utoronto.ca
> [snip]
>> transport_maps = hash:/etc/postfix.front/transport
>>
>> /etc/postfix.front/transport:
>>
>> testuseratmosp.physics.utoronto.ca
>> smtp-amavis:[haboob.atmosp.physics.utoronto.ca]:10024
>> rootatmosp.physics.utoronto.ca
>> smtp-amavis:[haboob.atmosp.physics.utoronto.ca]:10024
>> atmosp.physics.utoronto.ca
>> smtp:[whirlwind.atmosp.physics.utoronto.ca]:25
>>
>> /etc/amavisd.conf:
>>
>> $inet_socket_port = 10024;
>> $myhostname = "haboob.atmosp.physics.utoronto.ca";
>> $forward_method = 'smtp:[128.100.80.98]:10025';
>>
>> /etc/postfix/master.cf:
>>
>> 127.0.0.1:10025 inet n - n - - smtpd
>> -o content_filter=
>> -o smtpd_authorized_xforward_hosts=127.0.0.0/8
>> -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>
>
> so your second instance listens on 127.0.0.1 but your amavisd forwards
> to 128.100.80.98?
>
>>
>> /etc/postfix/main.cf:
>>
>> myhostname = webmail.atmosp.physics.utoronto.ca
>> mydomain = atmosp.physics.utoronto.ca
>> mynetworks = 127.0.0.0/8 128.100.80.90 128.100.80.98
>> mail_spool_directory = /var/spool/maildir/
>> queue_directory = /var/spool/postfix
>> mail_owner = postfix
>> inet_interfaces = $myhostname
>
> Why? remove this and try again.
>
>> myorigin = atmosp.physics.utoronto.ca
>> mydestination = $myhostname, localhost, $mydomain,
>> haboob.atmosp.physics.utoronto.ca
>> relay_domains = $myhostname, localhost, $mydomain,
>> haboob.atmosp.physics.utoronto.ca
>
> aaahhhhhhhhhhhhhhhhhhhhh.
> Do not mix domain classes. a domain is either in mydestination, in
> virtual_alias_domain, in virtual_mailbox_domains or in relay_domains,
> but in any two of these.
>
>
> Here is a possible setup:
> - configure both instances almost similarly, and as "usual" (with the
> exceptions below)
> - don't set any param unless you need it
> - on the first instance, set local_transport (and virtual_transport) to
> relay (Thus, all mail is relayed, none is delivered via local or
> virtual).
> - on the first instance, set various options (timeout, ...) as you did
> for the amavis transport. but no need to pollute master.cf. just define
> them in main.cf.
> - on the first instance, set the relay host to be the second instance
> (so that mail goes there by default)
> - on the first instance, configure your transport map to post to amavisd
> (so that you can use transport entries to send specifc mail to amavis).
> [of course, you can reverse things: default=amavis, exceptions=transport
> to 2d instance).
> - on the 1st instance, disable rewrite (receive_override_mapping)
> - configure the 2d instance normally (forget about the other instance
> and use what is documented on the website).
>
> That's it. no inet_interfaces, and no different

I added inet_interfaces because it was mentioned in multiple places,
e.g., at http://www.postfix.org/faq.html#incoming

> mydestination/relay_domains....

I tried your advices, still have the same "loops back to myself".
I think I am missing something basic, but what?
Why two instances do not distinguish between each other?

Thanks,
Alex

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]