我已经在我的一台服务器上安装了postfix和devcot来发送批量邮件(注册时系统消息,密码错误等)。 我使用php_imap函数检查反弹并标记这些电子邮件ID,以便我们不会一直发送电子邮件到那些导致反弹的地址。 我注意到php_imap函数没有读取它在testing服务器上读取的实时服务器上的反弹。 但活服务器能够发送邮件! 两台服务器都有相同的Centos 6.4 OS,并且具有相同的iptableconfiguration。
我比较了“testing”和“实时”域的DNS条目,并且它们具有必要的SPF条目。 主机提供商有必要的PTRlogging。 但是由于某种原因弹跳不能用于php_imap程序。
在这一点上,我不确定是否将反弹传递给服务器,并且dovecot无法读取它们,或者如果反弹没有传递。
所以我比较了“test”和“live”服务器的/etc/postfix/main.cf和/etc/postfix/master.cf中的条目,发现它们除了域名之外都是一样的。
确定我检查了如果postfix运行ps aux | grep后缀,它返回
[root@bw sridhar]# ps aux | grep postfix root 1433 0.0 0.1 13476 2696 ? Ss 09:32 0:00 /usr/libexec/postfix/master postfix 1443 0.0 0.1 13720 2836 ? S 09:32 0:00 qmgr -l -t fifo -u postfix 4724 0.0 0.1 13552 2668 ? S 12:00 0:00 pickup -l -t fifo -u postfix 4850 0.0 0.1 13696 2776 ? S 12:15 0:00 cleanup -z -t unix -u postfix 4852 0.0 0.1 13748 2928 ? S 12:15 0:00 smtp -t unix -u postfix 4855 0.0 0.1 13748 2928 ? S 12:15 0:00 smtp -t unix -u postfix 4856 0.0 0.1 13588 2656 ? S 12:15 0:00 bounce -z -n defer -t unix -u root 4858 0.0 0.0 4360 736 pts/0 S+ 12:15 0:00 grep postfix [root@bwStagingTesting sridhar]# ps aux | grep postfix root 1258 0.0 0.2 12816 2480 ? Ss Feb17 0:13 /usr/libexec/postfix/master postfix 1268 0.0 0.2 13228 2896 ? S Feb17 0:07 qmgr -l -t fifo -u postfix 2158 0.0 0.2 12888 2468 ? S Feb17 0:00 tlsmgr -l -t unix -u postfix 4860 0.0 0.2 12892 2496 ? S 12:12 0:00 pickup -l -t fifo -u postfix 4988 0.0 0.2 13036 2604 ? S 12:15 0:00 cleanup -z -t unix -u postfix 4990 0.0 0.3 13148 3096 ? S 12:15 0:00 local -t unix root 5334 0.0 0.0 4356 728 pts/5 S+ 12:15 0:00 grep postfix
对我来说似乎很好。 然后我检查了是否能够在本地主机上telnet到端口25,我得到了以下结果
[root@bw sridhar]# telnet localhost 25 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused
[root@bwStagingTesting sridhar]# telnet localhost 25 Trying ::1... Connected to localhost. Escape character is '^]'. 220 mail.st.biz ESMTP Postfix ehlo localhost 250-mail.st.biz 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN quit 221 2.0.0 Bye Connection closed by foreign host.
我尝试telnet到我的笔记本电脑各自的服务器的IP地址。 Telnet到LIVE服务器导致telnet:无法连接到远程主机:连接被拒绝
但是我能够telnet到testing服务器。
所以我检查了是否有人在两台机器上的端口25上侦听,并在服务器上得到以下内容
[root@bw sridhar]# netstat -lnp | grep 25 unix 2 [ ACC ] STREAM LISTENING 8125 1341/dovecot /var/run/dovecot/login/pop3 unix 2 [ ACC ] STREAM LISTENING 8425 1433/master public/cleanup
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1258/master tcp 0 0 :::25 :::* LISTEN 1258/master unix 2 [ ACC ] STREAM LISTENING 8270 1258/master public/cleanup unix 2 [ ACC ] STREAM LISTENING 8277 1258/master private/tlsmgr unix 2 [ ACC ] STREAM LISTENING 8281 1258/master private/rewrite unix 2 [ ACC ] STREAM LISTENING 8285 1258/master private/bounce unix 2 [ ACC ] STREAM LISTENING 8289 1258/master private/defer unix 2 [ ACC ] STREAM LISTENING 8293 1258/master private/trace unix 2 [ ACC ] STREAM LISTENING 8297 1258/master private/verify unix 2 [ ACC ] STREAM LISTENING 8301 1258/master public/flush unix 2 [ ACC ] STREAM LISTENING 8305 1258/master private/proxymap unix 2 [ ACC ] STREAM LISTENING 8309 1258/master private/proxywrite unix 2 [ ACC ] STREAM LISTENING 8313 1258/master private/smtp unix 2 [ ACC ] STREAM LISTENING 8317 1258/master private/relay unix 2 [ ACC ] STREAM LISTENING 8321 1258/master public/showq unix 2 [ ACC ] STREAM LISTENING 8325 1258/master private/error unix 2 [ ACC ] STREAM LISTENING 8329 1258/master private/retry unix 2 [ ACC ] STREAM LISTENING 8333 1258/master private/discard unix 2 [ ACC ] STREAM LISTENING 8337 1258/master private/local unix 2 [ ACC ] STREAM LISTENING 8341 1258/master private/virtual unix 2 [ ACC ] STREAM LISTENING 8345 1258/master private/lmtp unix 2 [ ACC ] STREAM LISTENING 8349 1258/master private/anvil unix 2 [ ACC ] STREAM LISTENING 8353 1258/master private/scache
我发现显示在TEST SERVER的前两行在LIVE服务器的条目中缺失。 这意味着postfix不在服务器上的端口25上侦听这让我想知道这是否可能是反弹没有到达实时服务器,而是到达testing服务器的原因。
在这里已经两天了,但是还没有find解决这个问题的线索。 关于如何解决这个问题的任何想法?
[root@bw sridhar]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:distinct ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:urd ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:imap ACCEPT tcp -- anywhere anywhere tcp dpt:imaps Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
[root@bwStagingTesting sridhar]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:urd ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:imap ACCEPT tcp -- anywhere anywhere tcp dpt:imaps ACCEPT tcp -- anywhere anywhere tcp dpt:distinct ACCEPT tcp -- anywhere anywhere tcp dpt:munin Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
[root@bookingwire sridhar]# iptables -L --verbose Chain INPUT (policy DROP 1662 packets, 103K bytes) pkts bytes target prot opt in out source destination 184K 190M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 DROP tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE 7 400 DROP tcp -- any any anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW 0 0 DROP tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG 2140 128K ACCEPT all -- lo any anywhere anywhere 1176 67092 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http 3 120 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https 6 360 ACCEPT tcp -- any any anywhere anywhere tcp dpt:distinct 8 432 ACCEPT tcp -- any any anywhere anywhere tcp dpt:smtp 1 40 ACCEPT tcp -- any any anywhere anywhere tcp dpt:urd 2 88 ACCEPT tcp -- any any anywhere anywhere tcp dpt:pop3 38 2260 ACCEPT tcp -- any any anywhere anywhere tcp dpt:pop3s 1 40 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imap 1 40 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imaps Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 112K packets, 103M bytes) pkts bytes target prot opt in out source destination
# # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING #smtps inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - nn - - local virtual unix - nn - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # #maildrop unix - nn - - pipe # flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} # # ==================================================================== # # The Cyrus deliver program has changed incompatibly, multiple times. # #old-cyrus unix - nn - - pipe # flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} # # ==================================================================== # # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 # #cyrus unix - nn - - pipe # user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # #uucp unix - nn - - pipe # flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # ==================================================================== # # Other external delivery methods. # #ifmail unix - nn - - pipe # flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) # #bsmtp unix - nn - - pipe # flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient # #scalemail-backend unix - nn - 2 pipe # flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store # ${nexthop} ${user} ${extension} # #mailman unix - nn - - pipe # flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py # ${nexthop} ${user}
[root@bw sridhar]# netstat -lnp | grep master tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 16536/master tcp 0 0 :::587 :::* LISTEN 16536/master unix 2 [ ACC ] STREAM LISTENING 152749 16536/master public/cleanup unix 2 [ ACC ] STREAM LISTENING 152756 16536/master private/tlsmgr unix 2 [ ACC ] STREAM LISTENING 152760 16536/master private/rewrite unix 2 [ ACC ] STREAM LISTENING 152764 16536/master private/bounce unix 2 [ ACC ] STREAM LISTENING 152768 16536/master private/defer unix 2 [ ACC ] STREAM LISTENING 152772 16536/master private/trace unix 2 [ ACC ] STREAM LISTENING 152776 16536/master private/verify unix 2 [ ACC ] STREAM LISTENING 152780 16536/master public/flush unix 2 [ ACC ] STREAM LISTENING 152784 16536/master private/proxymap unix 2 [ ACC ] STREAM LISTENING 152788 16536/master private/proxywrite unix 2 [ ACC ] STREAM LISTENING 152792 16536/master private/smtp unix 2 [ ACC ] STREAM LISTENING 152796 16536/master private/relay unix 2 [ ACC ] STREAM LISTENING 152800 16536/master public/showq unix 2 [ ACC ] STREAM LISTENING 152804 16536/master private/error unix 2 [ ACC ] STREAM LISTENING 152808 16536/master private/retry unix 2 [ ACC ] STREAM LISTENING 152812 16536/master private/discard unix 2 [ ACC ] STREAM LISTENING 152816 16536/master private/local unix 2 [ ACC ] STREAM LISTENING 152820 16536/master private/virtual unix 2 [ ACC ] STREAM LISTENING 152824 16536/master private/lmtp unix 2 [ ACC ] STREAM LISTENING 152828 16536/master private/anvil unix 2 [ ACC ] STREAM LISTENING 152832 16536/master private/scache unix 2 [ ACC ] STREAM LISTENING 149905 16103/dovecot /var/run/dovecot/auth-master [root@bw sridhar]# telnet localhost 587 Trying ::1... Connected to localhost. Escape character is '^]'. 220 mail.bookingwire.co.uk ESMTP Postfix ehlo localhost 250-mail.bookingwire.co.uk 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN quit 221 2.0.0 Bye Connection closed by foreign host.
由于Postfix作为“主”运行,我在netstat中做了master的grep。 注意前两行很明显,后缀是在端口587监听。然后我telnet到端口587,并validation我的假设是正确的。 现在我不明白的是为什么它会在端口587上监听,如何将它改变为在端口25上监听
您的master.cf没有configuration行来处理端口25上的SMTP。缺less单行:
smtp inet n - n - - smtpd
在我的文件中,这是第一个注释块之后的第一行。