我在VPS上安装了Postfix和Dovecot,并configuration为将邮件转发到Gmail地址,并接受来自Gmail的SMTP请求,以便它可以代表该域名发送。 TLS和身份validation正在工作,电子邮件到达,MX域,SPR,DKIM,SPF,全部configuration和工作。
但是,我只能发送电子邮件给自己和less数的域名。 例如:
This is the mail system at host tomjn.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <[email protected]>: host dc-cd3425bc.geekmatt.com[87.106.180.26] said: 550-Verification failed for <[email protected]> 550-The mail server could not deliver mail to [email protected]. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries. 550 Sender verify failed (in reply to RCPT TO command) Final-Recipient: rfc822; [email protected] Original-Recipient: rfc822;[email protected] Action: failed Status: 5.0.0 Remote-MTA: dns; dc-cd3425bc.geekmatt.com Diagnostic-Code: smtp; 550-Verification failed for <[email protected]> 550-The mail server could not deliver mail to [email protected]. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries. 550 Sender verify failed 我不确定如何继续。 这是远程服务器对我的说不? 我对远程服务器说不?
我抬头地址validation,发现这个:
http://ftp.netbsd.org/pub/NetBSD/NetBSD-current/src/external/ibm-public/postfix/dist/html/ADDRESS_VERIFICATION_README.html#caching
但是,当它说收件人正在谈论接收电子邮件的远程服务器时,它是不明确的。 我的服务器收到validation请求? 远程服务器收到validation请求? 这是否意味着电子邮件的发件人或validation请求的发件人? 没有清楚说明。 谷歌search导致了几个问题的答案,如“它是一个坏主意,每个人都应该停止使用它”,以解决他们的问题是由于使用我不使用的东西(如SRS)造成的。
发送电子邮件至[email protected]不会引起任何反应。
这是我的main.cf为后缀:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings readme_directory = no # TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_sasl_auth_enable = yes smtpd_helo_required = yes #smtpd_pw_server_security_options = cram-md5,digest-md5,login,plain #content_filter = smtp-amavis:[127.0.0.1]:10024 #smtpd_helo_restrictions = reject_non_fqdn_helo_hostname reject_invalid_helo_hostname smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem smtpd_tls_key_file=/etc/ssl/private/dovecot.pem smtpd_use_tls=yes smtpd_tls_auth_only = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = permit_sasl_authenticated smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated REJECT virtual_transport = lmtp:unix:private/dovecot-lmtp # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = tomjn.com virtual_alias_domains = tomjn.com tomjn.co.uk #alias_maps = #alias_database = hash:/etc/aliases myorigin = /etc/mailname virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf #mydestination = localhost.com, , localhost mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 216.239.32.0/19 64.233.160.0/19 66.249.80.0/20 72.14.192.0/18 209.85.128.0/17 66.102.0.0/20 74.125.0.0/16 64.18.0.0/20 207.126.144.0/20 173.194.0.0/16 [2001:4860:4000::]/36 [2404:6800:4000::]/36 [2607:f8b0:4000::]/36 [2800:3f0:4000::]/36 [2a00:1450:4000::]/36 [2c0f:fb50:4000::]/36 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all milter_protocol = 2 milter_default_action = accept smtpd_milters = inet:localhost:12301 non_smtpd_milters = inet:localhost:12301
旁注:是的,我知道谷歌应用程序,是DNSconfiguration正确,没有我只使用Dovecot的TLS不IMAP / POP3,是[email protected]存在
是的,这叫做发件人validation。 validation是由geekmatt.com邮件服务器完成的,不是你的。 并根据错误信息,我可以得出这样的结论
550-Verification failed for <[email protected]> 550-The mail server could not deliver mail to [email protected]. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries. 550 Sender verify failed
是exim标准的错误信息。
顺便说一句,并非所有的发件人validation是坏的。 为了解释,我会假设你想发送电子邮件从example.com到example.net
在基本级别上,example.net邮件服务器必须validation发件人域是否存在。 如果邮件服务器在这个级别上拒绝了你的电子邮件,那么你的域名有1)没有DNS MX和没有DNS Alogging,或者2)格式不正确的MXlogging,例如具有零长度MX主机名的logging。 在后缀中,等效参数是reject_unknown_sender_domain
在高级,邮件服务器将尝试检查发件人地址是否存在。 基本上,在接受您的电子邮件之前,example.net邮件服务器将尝试telnet到您的邮件服务器,而不发送任何电子邮件 。 这种检查被认为是不好的,原因有几个 。
现在,看起来像域名tomjn.com是不符合基本级别的发件人validation。 这里是tomjn.com的MXlogging
% dig tomjn.com MX +short 1 178.62.28.136.tomjn.com. % dig 178.62.28.136.tomjn.com ; <<>> DiG 9.9.5 <<>> 178.62.28.136.tomjn.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, **status: NXDOMAIN,** id: 52812 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;178.62.28.136.tomjn.com. IN A ;; AUTHORITY SECTION: tomjn.com. 1800 IN SOA NS1.DIGITALOCEAN.com. hostmaster.tomjn.com. 1410110590 3600 900 1209600 1800
在那里,你的MXlogging没有有效的Alogging。 因此,geekmatt.com拒绝你的电子邮件。
解决scheme:修复您的MXlogging