OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
few problems with domain

From: J Zakhar (jzakhargmail.com)
Date: Sat Mar 01 2008 - 15:12:32 CST

I have a few problems. One is that when sending the wrong domain name
is put on to the user. So it looks like userdkjhsdf.sdfsdfkj.kicak
rather then userdomain.com

The second is a warning when using sender_carn maps..

Logs below.

Domain rewrite error...

Mar 1 15:03:06 darkportals dovecot: imap-login: Login:
user=<jzakhar>, method=PLAIN, rip=::ffff:127.0.0.1,
lip=::ffff:127.0.0.1, secured
Mar 1 15:03:06 darkportals dovecot: IMAP(jzakhar): Disconnected: Logged out
Mar 1 15:03:07 darkportals dovecot: imap-login: Login:
user=<jzakhar>, method=PLAIN, rip=::ffff:127.0.0.1,
lip=::ffff:127.0.0.1, secured
Mar 1 15:03:07 darkportals dovecot: IMAP(jzakhar): Disconnected: Logged out
Mar 1 15:03:07 darkportals dovecot: imap-login: Login:
user=<jzakhar>, method=PLAIN, rip=::ffff:127.0.0.1,
lip=::ffff:127.0.0.1, secured
Mar 1 15:03:07 darkportals dovecot: IMAP(jzakhar): Disconnected: Logged out
Mar 1 15:03:22 darkportals sendmail[14448]: m21L3M2n014448:
Authentication-Warning: darkportals.theplanet.host: apache set sender
to jzakharlocalhost using -f
Mar 1 15:03:22 darkportals sendmail[14448]: m21L3M2n014448:
from=jzakharlocalhost, size=531, class=0, nrcpts=1,
msgid=<2528.75.144.197.137.1204405402.squirrelwww.darkportals.com>,
relay=apachelocalhost
Mar 1 15:03:22 darkportals postfix/smtpd[14449]: warning: No server
certs available. TLS won't be enabled
Mar 1 15:03:22 darkportals postfix/smtpd[14449]: connect from
darkportals.theplanet.host[127.0.0.1]
Mar 1 15:03:22 darkportals postfix/smtpd[14449]: NOQUEUE:
reject_warning: RCPT from darkportals.theplanet.host[127.0.0.1]: 450
4.1.8 <jzakhardarkportals.theplanet.host>: Sender address rejected:
Domain not found; from=<jzakhardarkportals.theplanet.host>
to=<jzakhargmail.com> proto=ESMTP helo=<darkportals.theplanet.host>
Mar 1 15:03:22 darkportals postfix/smtpd[14449]: 8100151ED96:
client=darkportals.theplanet.host[127.0.0.1]
Mar 1 15:03:22 darkportals postfix/cleanup[14452]: 8100151ED96:
message-id=<2528.75.144.197.137.1204405402.squirrelwww.darkportals.com>
Mar 1 15:03:22 darkportals postfix/qmgr[14377]: 8100151ED96:
from=<jzakhardarkportals.theplanet.host>, size=1021, nrcpt=1 (queue
active)
Mar 1 15:03:22 darkportals spamd[2187]: spamd: connection from
darkportals.theplanet.host [127.0.0.1] at port 50991
Mar 1 15:03:22 darkportals spamd[2187]: spamd: setuid to spamc succeeded
Mar 1 15:03:22 darkportals spamd[2187]: spamd: processing message
<2528.75.144.197.137.1204405402.squirrelwww.darkportals.com> for
spamc:502
Mar 1 15:03:22 darkportals sendmail[14448]: m21L3M2n014448:
to=jzakhargmail.com, ctladdr=jzakharlocalhost (500/500),
delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30531,
relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as
8100151ED96)
Mar 1 15:03:22 darkportals postfix/smtpd[14449]: disconnect from
darkportals.theplanet.host[127.0.0.1]
Mar 1 15:03:22 darkportals dovecot: imap-login: Login:
user=<jzakhar>, method=PLAIN, rip=::ffff:127.0.0.1,
lip=::ffff:127.0.0.1, secured
Mar 1 15:03:23 darkportals dovecot: IMAP(jzakhar): Disconnected: Logged out
Mar 1 15:03:23 darkportals dovecot: imap-login: Login:
user=<jzakhar>, method=PLAIN, rip=::ffff:127.0.0.1,
lip=::ffff:127.0.0.1, secured
Mar 1 15:03:23 darkportals dovecot: IMAP(jzakhar): Disconnected: Logged out
Mar 1 15:03:23 darkportals spamd[2187]: spamd: clean message
(-1.4/6.0) for spamc:502 in 0.8 seconds, 997 bytes.
Mar 1 15:03:23 darkportals spamd[2187]: spamd: result: . -1 -
ALL_TRUSTED scantime=0.8,size=997,user=spamc,uid=502,required_score=6.0,rhost=darkportals.theplanet.host,raddr=127.0.0.1,rport=50991,mid=<2528.75.144.197.137.1204405402.squirrelwww.darkportals.com>,autolearn=ham
Mar 1 15:03:23 darkportals spamd[2094]: prefork: child states: II
Mar 1 15:03:23 darkportals postfix/pipe[14453]: 8100151ED96:
to=<jzakhargmail.com>, relay=spamassassin, delay=1.3,
delays=0.24/0.01/0/1.1, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Mar 1 15:03:23 darkportals postfix/qmgr[14377]: 8100151ED96: removed
Mar 1 15:03:23 darkportals postfix/pickup[14376]: C5A0851ED96:
uid=502 from=<jzakhardarkportals.theplanet.host>
Mar 1 15:03:23 darkportals postfix/cleanup[14452]: C5A0851ED96:
message-id=<2528.75.144.197.137.1204405402.squirrelwww.darkportals.com>
Mar 1 15:03:23 darkportals postfix/qmgr[14377]: C5A0851ED96:
from=<jzakhardarkportals.theplanet.host>, size=1328, nrcpt=1 (queue
active)
Mar 1 15:03:24 darkportals postfix/smtp[14465]: C5A0851ED96:
to=<jzakhargmail.com>,
relay=gmail-smtp-in.l.google.com[72.14.247.27]:25, delay=0.78,
delays=0.03/0.03/0.07/0.64, dsn=2.0.0, status=sent (250 2.0.0 OK
1204405424 20si12368346agd.11)
Mar 1 15:03:24 darkportals postfix/qmgr[14377]: C5A0851ED96: removed

Carn Error..

Mar 1 15:10:01 darkportals postfix/smtpd[14545]: warning: No server
certs available. TLS won't be enabled
Mar 1 15:10:01 darkportals postfix/smtpd[14545]: connect from
darkportals.theplanet.host[127.0.0.1]
Mar 1 15:10:01 darkportals postfix/smtpd[14545]: NOQUEUE:
reject_warning: RCPT from darkportals.theplanet.host[127.0.0.1]: 450
4.1.8 <apachedarkportals.theplanet.host>: Sender address rejected:
Domain not found; from=<apachedarkportals.theplanet.host>
to=<jzakhargmail.com> proto=SMTP helo=<localhost>
Mar 1 15:10:01 darkportals postfix/smtpd[14545]: 959EE51ED96:
client=darkportals.theplanet.host[127.0.0.1]
Mar 1 15:10:01 darkportals postfix/cleanup[14548]: 959EE51ED96:
message-id=<200803012101.b65173101053www.darkportals.com>
Mar 1 15:10:01 darkportals postfix/qmgr[14377]: 959EE51ED96:
from=<site-adminsdarkportals.com>, size=1183, nrcpt=1 (queue active)
Mar 1 15:10:01 darkportals postfix/smtpd[14545]: disconnect from
darkportals.theplanet.host[127.0.0.1]
Mar 1 15:10:01 darkportals spamd[2187]: spamd: connection from
darkportals.theplanet.host [127.0.0.1] at port 38758
Mar 1 15:10:01 darkportals spamd[2187]: spamd: setuid to spamc succeeded
Mar 1 15:10:01 darkportals spamd[2187]: spamd: processing message
<200803012101.b65173101053www.darkportals.com> for spamc:502
Mar 1 15:10:02 darkportals spamd[2187]: spamd: clean message
(-2.5/6.0) for spamc:502 in 0.7 seconds, 1154 bytes.
Mar 1 15:10:02 darkportals spamd[2187]: spamd: result: . -2 -
ALL_TRUSTED,AWL
scantime=0.7,size=1154,user=spamc,uid=502,required_score=6.0,rhost=darkportals.theplanet.host,raddr=127.0.0.1,rport=38758,mid=<200803012101.b65173101053www.darkportals.com>,autolearn=ham
Mar 1 15:10:02 darkportals spamd[2094]: prefork: child states: II
Mar 1 15:10:02 darkportals postfix/pickup[14376]: 891D651EDA1:
uid=502 from=<site-adminsdarkportals.com>
Mar 1 15:10:02 darkportals postfix/pipe[14549]: 959EE51ED96:
to=<jzakhargmail.com>, relay=spamassassin, delay=0.97,
delays=0.07/0.04/0/0.86, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Mar 1 15:10:02 darkportals postfix/qmgr[14377]: 959EE51ED96: removed
Mar 1 15:10:02 darkportals postfix/cleanup[14548]: 891D651EDA1:
message-id=<200803012101.b65173101053www.darkportals.com>
Mar 1 15:10:02 darkportals postfix/qmgr[14377]: 891D651EDA1:
from=<site-adminsdarkportals.com>, size=1494, nrcpt=1 (queue active)
Mar 1 15:10:03 darkportals postfix/smtp[14556]: 891D651EDA1:
to=<jzakhargmail.com>,
relay=gmail-smtp-in.l.google.com[209.85.133.27]:25, delay=0.84,
delays=0.02/0.02/0.08/0.72, dsn=2.0.0, status=sent (250 2.0.0 OK
1204405823 c1si21013102ana.36)
Mar 1 15:10:03 darkportals postfix/qmgr[14377]: 891D651EDA1: removed

postconf -n

[rootdarkportals postfix]# spamassassin -V
SpamAssassin version 3.2.4
  running on Perl version 5.8.8
[rootdarkportals postfix]# vi main.cf
[rootdarkportals postfix]# /etc/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
[rootdarkportals postfix]# man postconf
[rootdarkportals postfix]# postconf -n
address_verify_map = btree:/etc/postfix/verify
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
mydomain = darkportals.com
myhostname = mail.darkportals.com
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
recipient_canonical_maps = hash:/etc/postfix/sender_fix
sender_canonical_maps = hash:/etc/postfix/sender_fix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = permit_sasl_authenticated,
      check_client_access hash:/etc/postfix/access
                    permit_auth_destination,
                              permit_mynetworks,
      reject_rbl_client, dnsbl.ahbl.org,
      reject_unauth_destination, reject
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions = cidr:/etc/postfix/sender_cidr,
           reject_unknown_recipient_domain,
hash:/etc/postfix/sender_restrictions,warn_if_reject,
       reject_unknown_sender_domain
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550

I wish I had more time so I didnt have to ask here, but I
procrastinated and am going on a long trip Monday

Thanks in advance for any advice/help