我正在运行Postfix,可以从networking邮件界面(“networking”内部)以及邮件客户端(如Microsoft Outlook,Thunderbird等)发送电子邮件。
这是服务器的详细信息:
CentOS 5.x 名称:后缀 Arch:i386 大纪元:2 版本:2.3.3 发行版:2.1.centos.mysql_pgsql
这是一个奇怪的场景:
以下是针对场景#3的maillog的摘录:
2010-10-16T04:36:59.462704-04:00 myers postfix/smtpd[31167]: connect from {my-home-IP-address} 2010-10-16T04:36:59.595662-04:00 myers postfix/smtpd[31167]: NOQUEUE: reject: RCPT from pool-72-93-172-197.bstnma.east.verizon.net[72.93.172.197]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<smoothstoneserv> 2010-10-16T04:37:02.820216-04:00 myers postfix/smtpd[31167]: disconnect from {my-home-IP-address} 在上面的摘录中,您会立即注意到HELO是错误的。 我的主机名是myers.smoothstoneservices.com。
我在这个问题上工作了好几个小时,昨晚#Freenode的#postfix上有一些好人。 认为master.cfconfiguration文件是坏的,我做了一个文件的备份副本,然后用yum(我运行CentOS 5.x)重新安装后缀,并得到了新的文件。 这没有用。
这里是postconf -n:
alias_database = hash:/etc/postfix/aliases alias_maps = $alias_database append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = amavisfeed:[127.0.0.1]:10024 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 disable_vrfy_command = no html_directory = no inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_size_limit = 0 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain mydomain = myers myhostname = myers.smoothstoneservices.com mynetworks = 127.0.0.0/8 myorigin = $myhostname newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES recipient_delimiter = + relayhost = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_banner = $myhostname smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,rejec t_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/ssl/mailserver/postfix.pem smtpd_tls_key_file = /etc/ssl/mailserver/private/postfix.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = no smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 450 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/p ostfix/mysql-email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_minimum_uid = 5000 virtual_transport = dovecot virtual_uid_maps = static:5000
这是main.cf:
[root @ myers postfix]#cat main.cf
############## Postfix############### smtpd_banner = $myhostname biff = no append_dot_mydomain = no relayhost = mynetworks = 127.0.0.0/8 inet_interfaces = all mailbox_size_limit = 0 recipient_delimiter = + alias_database = hash:/etc/postfix/aliases alias_maps = $alias_database myhostname = myers.smoothstoneservices.com mydomain = myers myorigin = $myhostname mydestination = $myhostname, localhost.$mydomain mail_spool_directory = /var/spool/mail debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 disable_vrfy_command = no readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail html_directory = no setgid_group = postdrop command_directory = /usr/sbin manpage_directory = /usr/share/man daemon_directory = /usr/libexec/postfix newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq queue_directory = /var/spool/postfix mail_owner = postfix unknown_local_recipient_reject_code = 450 ####################postfix section ends here############### #######################Virtual Domains Users and mailboxes############### virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_base = /var/vmail virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf virtual_minimum_uid = 5000 virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 ##############################Virtual section of main.cf ends############## #################### SASL/TLS Authentication########################### ######SASL PART######### smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_local_domain = smtpd_recipient_restriction = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination ######TLS PART########### smtpd_tls_cert_file = /etc/ssl/mailserver/postfix.pem smtpd_tls_key_file = /etc/ssl/mailserver/private/postfix.pem smtpd_use_tls = yes smtpd_tls_auth_only = no smtpd_tls_received_header = no smtpd_tls_note_starttls_offer = yes smtpd_tls_loglevel = 1 tls_random_source = dev:/dev/urandom smtpd_tls_session_cache_timeout = 3600s smtpd_tls_recieved_header = yes ###########################SASL/TLS Authentication ends here############# virtual_transport = dovecot dovecot_destination_recipient_limit = 1 smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination content_filter=amavisfeed:[127.0.0.1]:10024
这里是master.cf:
# ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd 26 inet n - n - - smtpd 587 inet n - n - - smtpd 465 inet n - n - - smtpd submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - nn - - local virtual unix - nn - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - nn - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} # # The Cyrus deliver program has changed incompatibly, multiple times. # old-cyrus unix - nn - - pipe flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 cyrus unix - nn - - pipe user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} # # See the Postfix UUCP_README file for configuration details. # uucp unix - nn - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - nn - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - nn - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient dovecot unix - nn - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d ${recipient} amavisfeed unix - - n - 2 lmtp -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings -o local_header_rewrite_clients= -o smtpd_milters= -o local_recipient_maps= -o relay_recipient_maps=
你的邮件客户端是否使用authentication? 除非你是一个开放的继电器或设置“我的networking”,这是必需的。
main.cf中的mynetworks参数应该包含可能将邮件发送到其他域的(可信)networking。 127.0.0.1只包括本地主机(用于networking邮件),这就是为什么networking邮件可以发送您的域名之外的邮件。
build议在main.cf中包含限制来使用postfix的全部function。
前几天我写了下面的评论,但我想我应该把这个问题标记为“回答”…所以这里是评论,下面是我的回答总结:
我最近提出了一个非常类似的问题,因为我还没有解决这个问题。 该问题的链接是:serverfault.com/questions/240475/ …。 在今晚做了更多的挖掘之后,我find了解决办法,并解决了我和“新”问题中所描述的问题
答案/解决scheme是这样的:问题根本不在后缀configuration文件中。 这个问题是在达夫科特的authentication。 /etc/dovecot.conf中有一个auth {}部分,需要指定适当的login方法。 在我的情况下,我需要包括“login”方法。