服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 后缀:“中继访问被拒绝” – 所有收到的邮件都被拒绝
Intereting Posts
Debian – 文件权限和umask 未更改Elastic Beanstalk转换为RED健康 类似于StrongVPN的VPN端点的iptables规则 如何查找主机是物理服务器还是虚拟服务器 如何阻止将密码写入日志文件? 将SAP GUI与Microsoft ldap集成 阻止从移动设备访问Exchange … sorta IPTABLES – 针对RDP的IP受限端口转发 Sysprep和unattend.xml:删除Windows 7上的本地用户帐户 用Plesk 11replace证书 通过批处理脚本压缩和FTP文件 有程序来跟踪cli linux用户吗? virsh:加载共享库时出错:libyajl.so.2丢失 S3静态网站的加载时间 在VPC中创build弹性负载均衡器

后缀:“中继访问被拒绝” – 所有收到的邮件都被拒绝

我正在testing我的PostFix设置,通过从我的Gmail帐户发送电子邮件到虚拟域上的帐户。 Postfix的回应总是: 

NOQUEUE: reject: RCPT from mail-lb0-f177.google.com[209.85.217.177]: 454 4.7.1 <mailATbrokkr.net>: Relay access denied; from=<madspayATgmail.com> to=<mailATbrokkr.net> proto=ESMTP helo=<mail-lb0-f177.google.com>

这是main.cfconfiguration文件: 

 # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_use_tls=yes smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/nginx/certs/madsmide_ssl-unified.crt smtpd_tls_key_file = /etc/nginx/certs/madsmide_ssl.key #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 #smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination #smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination # host configuration myhostname = mail.madsmi.de #myorigin = /etc/mailname mydomain = madsmi.de myorigin = $mydomain # Local domain mapping #alias_maps = hash:/etc/aliases #alias_database = hash:/etc/aliases #mydestination = localhost mydestination = # Virtal domain mapping virtual_mailbox_domains = hash:/etc/postfix/my_virtual_mailbox_domains virtual_mailbox_base = /home/vmail virtual_mailbox_maps = hash:/etc/postfix/my_virtual_mailbox_maps virtual_uid_maps = static:128 virtual_gid_maps = static:142 #virtual_alias_maps = hash:/etc/postfix/virtual # Unknown #relayhost = mailbox_size_limit = 1000000000 recipient_delimiter = + inet_interfaces = all inet_protocols = all

这是my_virtual_mailbox_domains文件: 

 madsmi.de #madskas.dk brokkr.net

和my_virtual_mailbox_maps文件: 

 mailATmadsmi.de madsmi.de/mail/ mailATbrokkr.net brokkr.net/mail/

以下是来自一个连接尝试的更详细的debugging日志: 

 Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: send attr request = seed Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: send attr size = 32 Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: private/tlsmgr: wanted attribute: status Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute name: status Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute value: 0 Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: private/tlsmgr: wanted attribute: seed Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute name: seed Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute value: h+12lK71F0Vgl8z8GN3zJmF2Sgcja/Y7rqFz1BV4raw= Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: private/tlsmgr: wanted attribute: (list terminator) Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute name: (end) Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: EHLO mail-lb0-f180.google.com Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: mail-lb0-f180.google.com: no match Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: 209.85.217.180: no match Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-mail.madsmi.de Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-PIPELINING Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-SIZE 10240000 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-VRFY Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-ETRN Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-ENHANCEDSTATUSCODES Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-8BITMIME Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250 DSN Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: MAIL FROM:<madspayATgmail.com> SIZE=4079 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: input: <madspayATgmail.com> Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_addr: addr=madspayATgmail.com Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: ctable_locate: move existing entry key madspayATgmail.com Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: in: <madspayATgmail.com>, result: madspayATgmail.com Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_rewrite: trying: permit_inet_interfaces Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: permit_inet_interfaces: mail-lb0-f180.google.com 209.85.217.180 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: fsspace: .: block size 4096, blocks free 37725053 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_queue: blocks 4096 avail 37725053 min_free 0 msg_size_limit 10240000 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250 2.1.0 Ok Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: RCPT TO:<mailATmadsmi.de> Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: input: <mailATmadsmi.de> Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_addr: addr=mailATmadsmi.de Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: ctable_locate: move existing entry key mailATmadsmi.de Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: in: <mailATmadsmi.de>, result: mailATmadsmi.de Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: >>> START Recipient address RESTRICTIONS <<< Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_mynetworks Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: permit_mynetworks: mail-lb0-f180.google.com 209.85.217.180 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? 127.0.0.0/8 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? 127.0.0.0/8 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::ffff:127.0.0.0]/104 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::ffff:127.0.0.0]/104 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::1]/128 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::1]/128 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: mail-lb0-f180.google.com: no match Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: 209.85.217.180: no match Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_mynetworks status=0 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_sasl_authenticated Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_sasl_authenticated status=0 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=defer_unauth_destination Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: reject_unauth_destination: mailATmadsmi.de Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: permit_auth_destination: mailATmadsmi.de Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: ctable_locate: leave existing entry key mailATmadsmi.de Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: NOQUEUE: reject: RCPT from mail-lb0-f180.google.com[209.85.217.180]: 454 4.7.1 <mailATmadsmi.de>: Relay access denied; from=<madspayATgmail.com> to=<mailATmadsmi.de> proto=ESMTP helo=<mail-lb0-f180.google.com> Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=defer_unauth_destination status=2 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: >>> END Recipient address RESTRICTIONS <<< Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 454 4.7.1 <mailATmadsmi.de>: Relay access denied Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: DATA Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 554 5.5.1 Error: no valid recipients Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: QUIT Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 221 2.0.0 Bye Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? 127.0.0.0/8 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? 127.0.0.0/8 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::ffff:127.0.0.0]/104 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::ffff:127.0.0.0]/104 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::1]/128 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::1]/128 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: mail-lb0-f180.google.com: no match Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: 209.85.217.180: no match Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: send attr request = disconnect Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: send attr ident = smtp:209.85.217.180 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: private/anvil: wanted attribute: status Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: input attribute name: status Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: input attribute value: 0 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: private/anvil: wanted attribute: (list terminator) Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: input attribute name: (end) Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: disconnect from mail-lb0-f180.google.com[209.85.217.180] Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: master_notify: status 1 Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: connection closed

我的问题是:邮件为什么被拒绝? 从我能从日志中收集的信息来看,无论发件人(google.com)是否被find,或者收件人(在这种情况下:madsmi.de上的邮件)都不被识别。

如果是第一个,我很困惑为什么在主机是目的地时应用中继规则,而不是要求发送邮件,而是要发送邮件。 如果是第二个为什么PostFix不能在virtual_mailbox_maps中看到收件人?

我的目标不能为空。 邮件服务器找不到邮件的任何目的地,因为这个字段是空的。 本质上NOQUEUE它无处可去。 我将这个设置为mydestination = 127.0.0.1,甚至localhost应该可以正常工作。 defer_unauth_destination意味着它没有被设置为备份MX服务器。 如果您充当备用MX服务器,唯一的一次空置应该是空的。 在这种情况下,您需要将relayhost设置为您充当备份的服务器。

6月20日22:59:10 THEMINT postfix / smtpd [10294]:NOQUEUE:拒绝:来自mail-lb0-f180.google.com的RCPT [209.85.217.180]:454 4.7.1:中继访问被拒绝; from = to = proto = ESMTP helo = Jun 20 22:59:10 THEMINT postfix / smtpd [10294]:generic_checks:name = defer_unauth_destination status = 2 Jun 20 22:59:10 THEMINT postfix / smtpd [10294]:>>> END收件人地址RESTRICTIONS <<<