Amavisd - Postfix holding mail in qeue

[bentman78]

I recently had a problem booting my FreeBSD mail server. I had to fsck my /var and /usr partitions. I had backups of my amavisd.conf and postfix conf files. Now my mailserver is holding messages in the queue and not delivering them. I know it's amavisd, becuase when I take out the lines in postfix where it references amavisd as a content filter messages go through.

The error I am getting in the maillog is this: Oct 26 11:23:50 bsdwebsvc postfix/qmgr[1074]: 20A351FBDF: to=<dain-bentley@digitaltribes.net>, orig_to=<dain@bentleyslounge.com>, relay=none, delay=82492, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused)
Oct 26 11:23:50 bsdwebsvc postfix/qmgr[1074]: 29E551FBC9: from=<bounce-voler-e-club-58230@lyris.voler.com>, size=21248, nrcpt=1 (queue active)

The problem is amavisd is refusing the connections. Why is this. After i fixed the disk problems i deinstalled amavisd, and reinstalled it and resotred the config file so that hasn't changed. I don't remember making any changes to the system other than the hosts.allow file, in which i denied the .kr and .ru domains from access my server. nay help is appreciated.

 

[ducksoup]

Looks like it's trying to connect to 127.0.0.1 -- and it's refusing it.

1). check your hosts file,
2). make sure that amavis is not blocking 127.0.0.1 -- i don't see why it would be, but hey...

See if this helps:

http://www.stonehenge.com/merlyn/PerlJournal/col07.html

/**
Ever seen the rants of a developer? Silly user!

http://makeworld.blogspot.com

*/

 

[marsd]

You are sure that the amavisd process is actually binding to
the ports specified in your master.cf and that you are able to telnet into your amavisd smtpd locally..that you are giving
very minimal configuration directives to the amavisd smtpd
process.
Been using amavisd and postfix for about three years and
I see like messages when amavisd is not started.

 

[bentman78]

i can't telnet into 10024 or 10025. I haven't denied any pots int he amavisd.conf file.

 

[bentman78]

I checked my config files again and eveything seems okay. I can telnet into port 10024 but not 10025, I keep getting access denied errors. Is there something I should be looking for that my deny local access to port 10025? I have not firewall rules in place. And amavisd is bound to 10025

 

[marsd]

10024 is right. You should be able to connect to the
amavisd mail service. 10025 is just an ipc socket
between postfix and amavisd after processing.

The issue here seems to be with postfix configuration.
I'll paste mine from master.cf so you can compare.

smtp-amavis  unix  -    -       n       -       3       smtp
             -o smtp_data_done_timeout=1200
             -o disable_dns_lookups=yes
127.0.0.1:10025 inet  n   -     n       -       -       smtpd
             -o content_filter=
             -o local_recipient_maps=
             -o relay_recipient_maps=
             -o smtpd_restriction_classes=
             -o smtpd_client_restrictions=
             -o smtpd_helo_restrictions=
             -o smtpd_sender_restrictions=
             -o smtpd_recipient_restrictions=permit_mynetworks,reject
             -o mynetworks=127.0.0.0/8

Also check your mail logs. See if there are transient dns
errors. Turn up your debugging log levels for both amavisd and postfix.

 

[bentman78]

Thanks for the example. But I am still getting the same error. It won't pass mail and says denied at the localhost. Is there a copy of the default hosts.allow that someone has. I think this started happening when I edited that. Altough I didn't make any restrictions.

 

[bentman78]

I got it working again. I uninstalled amavisd-new and deleted the conf file. I then reinstalled the package (/usr/ports/security/amaviad-new make reinstall clean).

I then redid the conf file, added the appropriate settings to main.cf and master.cf and everything was fine. In don't know why it wasn't working in the first place though. Eveything was working fine until I had to reboot the server one day. Didn't make any sense, but it works now.