如果我在端口25的局域网连接到我的邮件服务器,它提供了STARTTLS
telnet mailserver.com 25 Trying 192.168.0.x... Connected to mailserver.com Escape character is '^]'. 220 mailserver.com ESMTP Postfix ehlo bla 250-mailserver.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN 如果我从外部尝试,我不会得到STARTTLS报价:
telnet mailserver.com 25 Trying xx.xxx.xxx.xx... Connected to mailserver.com Escape character is '^]'. 220 mailserver.com ESMTP Postfix ehlo bla 250-mailserver.com 250-SIZE 10240000 250-VRFY 250 DSN
奇怪的是,通过提交(587)端口从外部正常工作。
我的postconf -n
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost myhostname = mailserver.com myorigin = $myhostname newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES relay_domains = hash:/etc/postfix/relay_domains sample_directory = /usr/share/doc/postfix-2.10.1/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_security_level = may smtpd_banner = $myhostname ESMTP $mail_name smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, permit_tls_clientcerts, reject_unverified_recipient, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/letsencrypt/live/bla/fullchain.pem smtpd_tls_key_file = /etc/letsencrypt/live/bla/privkey.pem smtpd_tls_security_level = may transport_maps = hash:/etc/postfix/transport_maps, $relay_domains unknown_local_recipient_reject_code = 550 virtual_alias_domains = hash:/etc/postfix/virtual_domains
和我的master.cf:
smtp inet n - n - - smtpd #smtp inet n - n - 1 postscreen #smtpd pass - - n - - smtpd #dnsblog unix - - n - 0 dnsblog #tlsproxy unix - - n - 0 tlsproxy submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
所以看起来,端口25上的STARTTLS只提供给内部IP地址,而端口587上的STARTTLS也提供给外部IP地址。 我的目标是允许在端口25上的STARTTLS用于外部IP。 我的错误在哪里?
非常感谢你提前干杯