我试图找出这个configuration有什么问题。 我在/var/spool/postfix/maildrop (大约30k!)里面有很多邮件,而且这些邮件不会离开。 在日志中没有错误。
如果我试图在maildrop中重新发送一个消息, postsuper -r XXXXXXXXX失败。
我注意到,如果我使用sendmail(通过SSH连接)直接从服务器发送电子邮件,邮件进入队列,而不是如果我通过客户端发送邮件(例如雷鸟)邮件立即交付(使用相同的smtp服务器显然; spf和dkim得到正确应用)
maildrop中的所有“死邮件”都不会出现在qshape中:
qshape active deferred T 5 10 20 40 80 160 320 640 1280 1280+ TOTAL 11 0 0 0 0 0 0 0 0 0 11 example1.it 9 0 0 0 0 0 0 0 0 0 9 example2.com 1 0 0 0 0 0 0 0 0 0 1 example3.com 1 0 0 0 0 0 0 0 0 0 1
如果我发出通用postsuper -r ALL我得到less于100消息重新postsuper -r ALL 。
任何build议? 我的configuration:
main.cf
smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache myhostname = example.com mydestination = example.com home_mailbox = Maildir/ mailbox_size_limit = 0 myorigin = /etc/mailname mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 smtpd_banner = $myhostname ESMTP $mail_name (Example.com) append_dot_mydomain = no readme_directory = no biff = no inet_interfaces = all alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases recipient_delimiter = + relayhost = smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policy-spf smtpd_sender_restrictions = reject_unknown_sender_domain # Postfix ≥ 2.6 milter_protocol = 6, Postfix ≤ 2.5 milter_protocol = 2 milter_default_action = accept milter_protocol = 6 smtpd_milters = inet:localhost:8891 non_smtpd_milters = inet:localhost:8891 smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/dovecot-auth smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}" smtp_use_tls = yes smtpd_tls_received_header = yes smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_mandatory_ciphers = medium tls_random_source = dev:/dev/urandom inet_protocols = ipv4 in_flow_delay = 0s max_use = 500 destination_concurrency_feedback_debug = yes smtp_host_lookup = dns,native qmgr_message_active_limit = 50000 qmgr_message_recipient_limit = 50000 transport_maps = hash:/etc/postfix/transport # tuning default_destination_concurrency_failed_cohort_limit = 5 smtpd_tls_auth_only = yes smtp_dns_support_level = enabled default_process_limit = 100 fast_destination_concurrency_negative_feedback = 0 fast_destination_recipient_limit = 500 fast_minimum_delivery_slots = 1 fast_delivery_slot_cost = 25 fast_delivery_slot_discount = 5 fast_delivery_slot_loan = 1 fast_recipient_refill_limit = 20000 fast_destination_concurrency_failed_cohort_limit = 10 fast_initial_destination_concurrency = 40 fast_destination_concurrency_limit = 150 fast_destination_rate_delay = 0 semifast_initial_destination_concurrency = 20 semifast_destination_concurrency_limit = 60 semifast_destination_rate_delay = 2 medium_initial_destination_concurrency = 10 medium_destination_concurrency_limit = 40 medium_destination_rate_delay = 2 slow_initial_destination_concurrency = 5 slow_destination_concurrency_limit = 10 slow_destination_rate_delay = 2
master.cf
# # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - 800 smtpd -v pickup fifo n - - 10 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 10 1 qmgr -v #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - 1200 smtp -v relay unix - - - - 1200 smtp -v showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - nn - - local virtual unix - nn - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # alla fine la smetto coi milter e vado di classici per postfix policy-spf unix - nn - - spawn user=nobody argv=/usr/sbin/postfix-policyd-spf-perl maildrop unix - nn - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - nn - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - nn - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) # bsmtp unix - nn - - pipe # flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient #scalemail-backend unix - nn - 2 pipe # flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} #mailman unix - nn - - pipe # flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py # ${nexthop} ${user} fast unix - - - - 400 smtp slow unix - - - - - smtp medium unix - - - - - smtp semifast unix - - - - - smtp
这个问题是由opendkim库引起的,即使在文档中声明它应该依赖于/etc/resolv.conf (并且只要我记得它就是这样),在我的情况下它被忽略了:
名称服务器(string)
提供以逗号分隔的IP地址列表,这些IP地址列表将在执行DNS查询以检索DKIM密钥,VBRlogging等时使用。这些列表将覆盖正在使用的parsing器的任何本地缺省值,这些缺省值可以在/ etc / resolv中定义.conf或硬编码到软件中 。
解决了将Nameservers参数添加到/etc/opendkim.conf 。
我会进一步调查,以了解是一个错误 ,还是一个错误的configuration。