一个我不能追溯到原因的旧时代的问题。
我越来越
Jun 24 16:23:05 mail postfix/smtpd[1496]: connect from mail-qk0-f174.google.com[209.85.220.174] Jun 24 16:23:05 mail postfix/smtpd[1496]: NOQUEUE: reject: RCPT from mail-qk0-f174.google.com[209.85.220.174]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-qk0-f174.google.com> Jun 24 16:23:05 mail postfix/smtpd[1496]: disconnect from mail-qk0-f174.google.com[209.85.220.174] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=5/7 而来自非本地主机的所有传入邮件都将被拒绝。 我的后缀main.cf可以在下面find。 我已经尝试了各种smtp设置的选项,但我不能阻止入站邮件被拒绝。 奇怪的是,我没有改变任何设置,而且前些天工作正常。
所有的帮助是欣赏。
# See /usr/share/postfix/main.cf.dist for a commented, more complete version smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no # Basic configuration # myhostname = alias_maps = texthash:/etc/aliases alias_database = texthash:/etc/aliases mydestination = relayhost = mynetworks = 127.0.0.0/8 [::1]/128 [fe80::]/64 46.33.82.220/32 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all # TLS parameters smtpd_tls_cert_file=/etc/letsencrypt/live/mail.mailserver.com/fullchain.pem smtpd_tls_key_file=/etc/letsencrypt/live/mail.mailserver.com/privkey.pem #smtpd_tls_CAfile= #smtp_tls_CAfile= smtpd_tls_security_level = may smtpd_use_tls=yes smtp_tls_security_level = may smtp_tls_loglevel = 1 tls_ssl_options = NO_COMPRESSION tls_high_cipherlist=ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS smtpd_tls_protocols=!SSLv2,!SSLv3 smtp_tls_protocols=!SSLv2,!SSLv3 smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3 smtpd_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, RSA+AES, eNULL smtpd_tls_dh1024_param_file = /etc/postfix/dhparams.pem smtpd_tls_CApath = /etc/ssl/certs smtp_tls_CApath = /etc/ssl/certs # Settings to prevent SPAM early smtpd_helo_required = yes smtpd_delay_reject = yes smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf, reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, check_policy_service inet:127.0.0.1:10023 smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain # SASL smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes # Mail directory virtual_transport = lmtp:unix:/var/run/dovecot/lmtp virtual_mailbox_domains = /etc/postfix/vhost virtual_mailbox_maps = texthash:/etc/postfix/vmailbox virtual_alias_maps = texthash:/etc/postfix/virtual # Additional option for filtering content_filter = smtp-amavis:[127.0.0.1]:10024 # Milters used by DKIM milter_protocol = 6 milter_default_action = accept dkim_milter = inet:localhost:8891 dmarc_milter = inet:localhost:8893 smtpd_milters = $dkim_milter,$dmarc_milter non_smtpd_milters = $dkim_milter # SPF policy settings policyd-spf_time_limit = 3600 myhostname = mail.mailserver.com mydomain = mailserver.com
554 5.7.1 <[email protected]>: Relay access denied;
此错误消息表明devexnj.us不在mydestionation , virtual_alias_domains或virtual_mailbox_domains ; 该地址不是本地处理的,因为它试图中继。
从configuration我们可以看到:
mydestination被迫空虚。 没有$mydomain在这里。 这可能是故意的,所以这可能没有任何问题。 virtual_mailbox_domains = /etc/postfix/vhost导致您必须具有在vhost列出的域名以及在virtual_mailbox_maps = texthash:/etc/postfix/vmailbox列出的地址。 ( virtual_mailbox_domains的默认设置只需要后者。) virtual_alias_maps = texthash:/etc/postfix/virtual ,默认的virtual_alias_domains = $virtual_alias_maps可以工作,如果地址是virtual 。 如果你的地址正确的是2.或3.,这可能是原因:
texthash(只读)除了在可以使用该文件之前不必运行postmap(1)命令以及
texthash:在读取文件之后不检测更改之外,该表与hash:files产生相似的结果。 查找表名是texthash:filename,其中文件名是从字面上取的; 没有后缀追加。
所以你也有
检查这些文件,然后重新启动。 我build议使用hash:而不是texthash:因为这样你不需要重新启动Postfix,但单独的texthash:就足以应用这些更改。