后缀：中继访问被拒绝

由于我找不到可以与我的configuration一起使用的解决scheme，所以我依靠你们来帮助我解决这个问题。

我在CentOS服务器上安装了postfix和dovecot。 一切运行良好。 但是，当我尝试从Outlook发送电子邮件到tld不是.com，服务器返回： 中继访问被拒绝。

这是postconf -n命令的结果

alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_protocols = all mailbox_size_limit = 104857600 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 20971520 mydestination = $myhostname, $mydomain, localhost, localhost.$mydomain newaliases_path = /usr/bin/newaliases.postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_loglevel = 3 smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/mailserver.pem smtpd_tls_key_file = /etc/postfix/mailserver.pem smtpd_tls_received_header = yes smtpd_tls_security_level = encrypt smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 

这是maillog错误：

• / etc /意外删除在centos中
• 升级到5.3.19和memcached停止工作
• RHEL 5 / CentOS 5 – sshd无响应
• 心跳v3监测服务/资源状态没有起搏器？
• 使用ePages电子商务解决scheme的Apache VirtualHost选项

 Nov 23 13:26:24 website_name postfix/smtpd[16391]: extract_addr: input: <mrm@website_name.com> Nov 23 13:26:24 website_name postfix/smtpd[16391]: smtpd_check_addr: addr=mrm@website_name.com Nov 23 13:26:24 website_name postfix/smtpd[16391]: ctable_locate: move existing entry key mrm@website_name.com Nov 23 13:26:24 website_name postfix/smtpd[16391]: extract_addr: in: <mrm@website_name.com>, result: mrm@website_name.com Nov 23 13:26:24 website_name postfix/smtpd[16391]: fsspace: .: block size 4096, blocks free 23679665 Nov 23 13:26:24 website_name postfix/smtpd[16391]: smtpd_check_queue: blocks 4096 avail 23679665 min_free 0 msg_size_limit 20971520 Nov 23 13:26:24 website_name postfix/smtpd[16391]: > unknown[178.193.xxx.xxx]: 250 2.1.0 Ok Nov 23 13:26:24 website_name postfix/smtpd[16391]: < unknown[178.193.xxx.xxx]: RCPT TO:<[email protected]> Nov 23 13:26:24 website_name postfix/smtpd[16391]: extract_addr: input: <[email protected]> Nov 23 13:26:24 website_name postfix/smtpd[16391]: smtpd_check_addr: [email protected] Nov 23 13:26:24 website_name postfix/smtpd[16391]: ctable_locate: move existing entry key [email protected] Nov 23 13:26:24 website_name postfix/smtpd[16391]: extract_addr: in: <[email protected]>, result: [email protected] Nov 23 13:26:24 website_name postfix/smtpd[16391]: >>> START Recipient address RESTRICTIONS <<< Nov 23 13:26:24 website_name postfix/smtpd[16391]: generic_checks: name=permit_sasl_authenticated Nov 23 13:26:24 website_name postfix/smtpd[16391]: generic_checks: name=permit_sasl_authenticated status=0 Nov 23 13:26:24 website_name postfix/smtpd[16391]: generic_checks: name=reject_unauth_destination Nov 23 13:26:24 website_name postfix/smtpd[16391]: reject_unauth_destination: [email protected] Nov 23 13:26:24 website_name postfix/smtpd[16391]: permit_auth_destination: [email protected] Nov 23 13:26:24 website_name postfix/smtpd[16391]: ctable_locate: leave existing entry key [email protected] Nov 23 13:26:24 website_name postfix/smtpd[16391]: NOQUEUE: reject: RCPT from unknown[178.193.xxx.xxx]: 554 5.7.1 <[email protected]>: Relay access denied; from=<mrm@website_name.com> to=<[email protected]> proto=ESMTP helo=<[192.168.1.38]> Nov 23 13:26:24 website_name postfix/smtpd[16391]: generic_checks: name=reject_unauth_destination status=2 Nov 23 13:26:24 website_name postfix/smtpd[16391]: > unknown[178.193.xxx.xxx]: 554 5.7.1 <[email protected]>: Relay access denied Nov 23 13:26:24 website_name postfix/smtpd[16391]: smtp_get: EOF 

这有什么问题？

更新：添加到main.cf

 broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous noplaintext smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot 

更新：EHLO

 EHLO mail.perflux.com 250-perflux.com 250-PIPELINING 250-SIZE 20971520 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN 

更新：日志

 : connection established : master_notify: status 0 : name_mask: resource : name_mask: software : connect from unknown[remoteIP] : match_list_match: unknown: no match : match_list_match: remoteIP: no match : match_list_match: unknown: no match : match_list_match: remoteIP: no match : match_hostname: unknown ~? 127.0.0.0/8 : match_hostaddr: remoteIP ~? 127.0.0.0/8 : match_hostname: unknown ~? 195.70.xx/24 : match_hostaddr: remoteIP ~? 195.70.xx/24 : match_hostname: unknown ~? [::1]/128 : match_hostaddr: remoteIP ~? [::1]/128 : match_hostname: unknown ~? [fe80::%eth0]/64 : match_hostaddr: remoteIP ~? [fe80::%eth0]/64 : match_list_match: unknown: no match : match_list_match: remoteIP: no match : send attr request = connect : send attr ident = smtp:remoteIP : private/anvil: wanted attribute: status : input attribute name: status : input attribute value: 0 : private/anvil: wanted attribute: count : input attribute name: count : input attribute value: 1 : private/anvil: wanted attribute: rate : input attribute name: rate : input attribute value: 2 : private/anvil: wanted attribute: (list terminator) : input attribute name: (end) : > unknown[remoteIP]: 220 domain.com ESMTP Postfix : < unknown[remoteIP]: EHLO [192.168.1.38] : > unknown[remoteIP]: 250-domain.com : > unknown[remoteIP]: 250-PIPELINING : > unknown[remoteIP]: 250-SIZE 20971520 : > unknown[remoteIP]: 250-VRFY : > unknown[remoteIP]: 250-ETRN : match_list_match: unknown: no match : match_list_match: remoteIP: no match : > unknown[remoteIP]: 250-STARTTLS : > unknown[remoteIP]: 250-ENHANCEDSTATUSCODES : > unknown[remoteIP]: 250-8BITMIME : > unknown[remoteIP]: 250 DSN : < unknown[remoteIP]: STARTTLS : > unknown[remoteIP]: 220 2.0.0 Ready to start TLS : setting up TLS connection from unknown[remoteIP] : unknown[remoteIP]: TLS cipher list "ALL:!EXPORT:!LOW:+RC4:@STRENGTH" : auto_clnt_open: connected to private/tlsmgr : send attr request = seed : send attr size = 32 : private/tlsmgr: wanted attribute: status : input attribute name: status : input attribute value: 0 : private/tlsmgr: wanted attribute: seed : input attribute name: seed : input attribute value: 7FfGXFU+Rpalr27a4Gy4AcFT7UY0uKwxVopJXiqNiJQ= : private/tlsmgr: wanted attribute: (list terminator) : input attribute name: (end) : SSL_accept:before/accept initialization […] : SSL_accept:SSLv3 read client hello A : SSL_accept:SSLv3 write server hello A : SSL_accept:SSLv3 write certificate A : SSL_accept:SSLv3 write server done A […] : SSL_accept:SSLv3 flush data […] : SSL_accept:SSLv3 read client key exchange A […] : SSL_accept:SSLv3 read finished A : SSL_accept:SSLv3 write change cipher spec A : SSL_accept:SSLv3 write finished A […] : SSL_accept:SSLv3 flush data : Anonymous TLS connection established from unknown[remoteIP]: TLSv1 with cipher DES-CBC3-SHA (168/168 bits) : xsasl_dovecot_server_create: SASL service=smtp, realm=(null) : name_mask: noanonymous : xsasl_dovecot_server_mech_filter: keep mechanism: PLAIN : xsasl_dovecot_server_mech_filter: keep mechanism: LOGIN : < unknown[remoteIP]: EHLO [192.168.1.38] : > unknown[remoteIP]: 250-domain.com : > unknown[remoteIP]: 250-PIPELINING : > unknown[remoteIP]: 250-SIZE 20971520 

它停止…

 smtpd_tls_security_level = encrypt 

 mynetworks = 127.0.0.0/8 178.193.xxx.xxx