[Valvula] Help with setup...
Francis Brosnan Blázquez
francis.brosnan en aspl.es
Dom Jun 11 18:28:12 CEST 2017
Hi Jim,
> Thank you for the help!
>
>
>
> # valvulad --version
> 1.0.8.b310
> (proc:0) [err] (main.c:595) Unable to start server, found pid file in
> place /var/run/valvulad.pid. There is a valvula server running. If
> not, remove file /var/run/valvulad.pid
Ok,
> I’m guessing the error here is to be expected?
No, it shouldn't. I've already fixed this in svn.
> # valvulad -l jim en datamantic.com
> ERROR: jim en datamantic.com is not a local domain nor a local address
Ok, here is the problema,
> So maybe a problem somewhere with the connection to mysql? Is that
> where valvulad is getting the information about valid local domains
> and
> local addresses? I am still getting
Ok, valvula connection to its database is working, but he also needs to
be able to connect to your postfix/mysql connection..
Could you describe your mysql postfix setup? It should be easy to show
it by running:
>> grep mysql /etc/postfix/main.cf
...and then running "cat " over some of the
mysql:your-file-to-map-mail-accounts, something like:
>> cat /etc/postfix/mysql-aliases.cf
I need to see how your mysql configuration maps your accounts (remove
or XXXX's users, passwords an database, but leave variables and mysql
query).
With this information I can see what's going on (I think).
> valvulad -b
> INFO: Database connection working OK
>
>
> Unless you have better idea I will try to figure out how to make mysql
> log every query for valvula user and see what is going on there.
Ok, for this, you can run the following to run what it does to check
your account as known:
>> valvulad -l jim en datamantic.com -o -d
> Thanks again for any further help!
:-)
>
>
> > On Jun 11, 2017, at 10:36 AM, Francis Brosnan Blázquez
> > <francis.brosnan en aspl.es> wrote:
> >
> >
> >
> > Hi Jim,
> >
> > From your description, I think you have everything configured ok,
> > but
> > for some reason, valvula is not being able to detect known valid
> > accounts because:
> >
> >
> >
> > is sending with an unknown account mail from
> > <jim en datamantic.com> (mod-slm=valid-mail-from)
> >
> >
> > Can you right the following commands and paste output to give you
> > further indications?
> >
> > >> valvulad --version
> > >> valvulad -l jim en datamantic.com
> >
> >
> >
> > El vie, 09-06-2017 a las 16:30 -0400, Jim Bassett escribió:
> >
> > > Hi. New to valvula and to the list. The software looks like
> > > exactly what I need. I am running postfix (w/ dovecot) on Centos
> > > 6.6. Installation was relatively easy. I am trying to setup
> > > mod-slm for the purpose of stopping "those situations where
> > > compromised accounts are used to send/relay content to recipients
> > > using source addresses that do not belong to the server”.
> > >
> > > Valvula is running. If I tail -f /var/log/maillog I can see it is
> > > logging. But I am not getting the behavior I expect. I’m not sure
> > > if this is because I have something wrong or if I’m not
> > > understanding the expected behavior.
> > >
> > > My issue is that when I connect to my server from my home machine,
> > > and try to send mail (through Apple mail.app) my mail is rejected.
> > > Here is the corresponding entry from /var/log/maillog:
> > >
> > >
> > > Jun 9 15:59:59 oak valvulad[22026]: info: REJECT:
> > > jim en datamantic.com -> redacted en gmail.com
> > > (sasl_user=jim en datamantic.com), port 3080, queue-id , from
> > > 98.14.xx.xxx: Rejecting because SASL username <jim en datamantic.com>
> > > is sending with an unknown account mail from <jim en datamantic.com>
> > > (mod-slm=valid-mail-from)
> > >
> > >
> > > jim en datamantic.com is my real email account on the server (with an
> > > entry in the postfix mysql database).
> > >
> > > In /etc/postfix/main.cf I have only made one change:
> > >
> > > smtpd_sender_restrictions = check_policy_service
> > > inet:127.0.0.1:3080, reject_unknown_sender_domain,
> > > permit_mynetworks, permit_sasl_authenticated,
> > > reject_unauth_destination, permit
> > >
> > > And in /etc/valvula/main.cf I have, inside <general>:
> > >
> > > <listen host='127.0.0.1' port='3080'>
> > > <run module='mod-slm' />
> > > </listen>
> > >
> > > and inside <enviroment>:
> > >
> > > <sender-login-mismatch mode='valid-mail-from'
> > > allow-empty-mail-from='yes' />
> > >
> > >
> > > And valvula seems to have access to the database because if I run:
> > >
> > > valvulad -b
> > >
> > > I get:
> > >
> > > INFO: Database connection working OK
> > >
> > > What I would expect to happen is that when I am logged in as the
> > > real email user jim en datamantic.com, that I would be able to send
> > > email that says it is from jim en datamantic.com, but be rejected
> > > only if I try to send email as
> > > some-nonexistent-account en datamantic.com or
> > > some-nonexistent-account en nonexistent-domain.com.
> > >
> > > I really appreciate any help! Thank you!
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Valvula mailing list
> > > Valvula en lists.aspl.es
> > > http://lists.aspl.es/cgi-bin/mailman/listinfo/valvula
> >
> >
> > --
> > Francis Brosnan Blázquez - ASPL
> > http://www.asplhosting.com/
> > http://www.aspl.es/
> > https://twitter.com/aspl_es
> > https://twitter.com/asplhosting
> > https://twitter.com/francisbrosnanb
> > https://es.linkedin.com/in/francis-brosnan-blázquez-1353a218
> >
> > 91 134 14 22 - 91 134 14 45 - 91 116 07 57
> > Av. Juan Carlos I 13, 2ºC, Torre Garena
> > 28806 - Alcalá de Henares (España)
> >
> > AVISO LEGAL
> >
> > En virtud de lo dispuesto en la Ley Orgánica 15/1999, de 13 de
> > diciembre, de Protección de Datos de Carácter Personal, le informamos de
> > que sus datos de carácter personal, recogidos de fuentes accesibles al
> > público o datos que usted nos ha facilitado previamente, proceden de
> > bases de datos propiedad de Advanced Software Production Line, S.L.
> > (ASPL).
> >
> > ASPL garantiza que los datos serán tratados con la finalidad de mantener
> > las oportunas relaciones comerciales o promocionales con usted o la
> > entidad que usted representa. No obstante, usted puede ejercitar sus
> > derechos de acceso, rectificación, cancelación y oposición dispuestos en
> > la mencionada Ley Orgánica, notificándolo por escrito a ASPL -
> > Protección Datos, Av. Juan Carlos I 13, 2ºC, Alcalá de Henares
> > (Madrid).
>
>
>
--
Francis Brosnan Blázquez - ASPL
http://www.asplhosting.com/
http://www.aspl.es/
https://twitter.com/aspl_es
https://twitter.com/asplhosting
https://twitter.com/francisbrosnanb
https://es.linkedin.com/in/francis-brosnan-blázquez-1353a218
91 134 14 22 - 91 134 14 45 - 91 116 07 57
Av. Juan Carlos I 13, 2ºC, Torre Garena
28806 - Alcalá de Henares (España)
AVISO LEGAL
En virtud de lo dispuesto en la Ley Orgánica 15/1999, de 13 de
diciembre, de Protección de Datos de Carácter Personal, le informamos de
que sus datos de carácter personal, recogidos de fuentes accesibles al
público o datos que usted nos ha facilitado previamente, proceden de
bases de datos propiedad de Advanced Software Production Line, S.L.
(ASPL).
ASPL garantiza que los datos serán tratados con la finalidad de mantener
las oportunas relaciones comerciales o promocionales con usted o la
entidad que usted representa. No obstante, usted puede ejercitar sus
derechos de acceso, rectificación, cancelación y oposición dispuestos en
la mencionada Ley Orgánica, notificándolo por escrito a ASPL -
Protección Datos, Av. Juan Carlos I 13, 2ºC, Alcalá de Henares
(Madrid).
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <http://lists.aspl.es/pipermail/valvula/attachments/20170611/345312bb/attachment-0001.html>
Más información sobre la lista de distribución Valvula