Saya sedang membangun server menggunakan config ini -> http://www.purplehat.org/?page_id=4 dan ketika mencoba untuk menguji kemampuan email dasar yang saya dapatkan -> NOQUEUE: reject: RCPT dari saat mencoba mengirim email pengujian.
Di bawah ini adalah konfigurasi terkait saya
Bagaimana cara saya mendapatkan postfix untuk mengirim email?
Output log:
Feb 13 18:37:43 r2d2 dovecot: pop3-login: Login: user=<[email protected]>, method=PLAIN, rip=67.85.57.155, lip=107.191.60.48, mpid=13390, TLS, session=<QA0yiPwOiwBDVTmb>
Feb 13 18:37:43 r2d2 dovecot: pop3([email protected]): Disconnected: Logged out top=0/0, retr=0/0, del=0/4, size=68813
Feb 13 18:37:44 r2d2 postfix/smtpd[13391]: connect from ool-4355399b.dyn.optonline.net[67.85.57.155]
Feb 13 18:37:46 r2d2 postfix/smtpd[13391]: NOQUEUE: reject: RCPT from ool-4355399b.dyn.optonline.net[67.85.57.155]: 454 4.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<Bramini>
Feb 13 18:37:49 r2d2 postfix/smtpd[13391]: disconnect from ool-4355399b.dyn.optonline.net[67.85.57.155]
postconf -n
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debug_peer_list = 127.0.0.1
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = /usr/local/share/doc/postfix
inet_protocols = ipv4
mail_owner = postfix
mailman_destination_recipient_limit = 1
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = ex-mailer.com
myhostname = r2d2.ex-mailer.com
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
relay_domains = proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf list.ex-mailer.com
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem
smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem
smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem
smtpd_tls_loglevel = 0
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/usr/local/etc/postfix/transport
unknown_local_recipient_reject_code = 550
vacation_destination_recipient_limit = 1
virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /usr/local/virtual
virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_limit_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_maildir_limit_message = Sorry, this user has overdrawn their diskspace quota. Please try again later.
virtual_minimum_uid = 125
virtual_overquota_bounce = yes
virtual_transport = virtual
virtual_uid_maps = static:125
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: contencontent_filter=smtp-amavis:[127.0.0.1]:10024
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: virtual_create_maildirsize=yes
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: virtual_mailbox_extended=yes
Domain telecomm.com
didefinisikan dalam relay_domains
parameter. Di sini isinya/usr/local/etc/postfix/mysql_relay_domains_maps.cf
user = doughnuts
password = [redacted]
hosts = localhost
dbname = postfix
query = SELECT domain FROM domain WHERE domain="%s" and backupmx ="0" and active ="1"
netstat -an | kurang
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 *.587 *.* LISTEN
tcp4 0 0 127.0.0.1.10025 *.* LISTEN
tcp4 0 0 *.465 *.* LISTEN
tcp4 0 0 *.25 *.* LISTEN
tcp4 0 128 107.191.60.48.2222 67.85.57.155.51823 ESTABLISHED
tcp4 0 0 127.0.0.1.953 *.* LISTEN
tcp4 0 0 127.0.0.1.53 *.* LISTEN
tcp6 0 0 ::1.53 *.* LISTEN
tcp4 0 0 107.191.60.48.53 *.* LISTEN
tcp6 0 0 2001:19f0:7000:8.53 *.* LISTEN
tcp4 0 0 *.8282 *.* LISTEN
tcp6 0 0 *.8282 *.* LISTEN
tcp4 0 0 *.8181 *.* LISTEN
tcp6 0 0 *.8181 *.* LISTEN
tcp4 0 0 107.191.60.48.2222 67.85.57.155.57964 ESTABLISHED
tcp46 0 0 *.3306 *.* LISTEN
tcp4 0 0 127.0.0.1.10024 *.* LISTEN
tcp6 0 0 *.993 *.* LISTEN
tcp4 0 0 *.993 *.* LISTEN
tcp6 0 0 *.143 *.* LISTEN
tcp4 0 0 *.143 *.* LISTEN
UPDATE 14/02/2015 1430 EST
Output logging verba:
https://bpaste.net/show/6a2a70cb2ab5
Dengan mengatur IP komputer uji ke mynetworks = IP, Anda dapat melihat email semakin jauh melalui sistem, tetapi kemudian mencekik kelas yang cocok. Bagaimana cara memaksa Postfix agar sesuai dengan 0.0.0.0 sumber IP apa pun / dan domain tujuan?
cat /usr/local/etc/postfix/master.cf
# ==========================================================================
smtp inet n - n - - smtpd
smtps inet n - n - - smtpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
vacation unix - n n - - pipe
flags=DRhu user=vacation argv=/var/spool/vacation/vacation.pl
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=2400
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
mailman unix - n n - - pipe
flags=FR user=mailman:nobody
argv=/usr/local/mailman/postfix-to-mailman.py ${nexthop} ${user}
submission inet n - n - - smtpd
-o smtpd_tls_security_level=may
-o smtpd_sasl_auth_enable=yes
-o smtpd_delay_reject=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o smtpd_data_restrictions=
-o smtpd_sasl_authenticated_header=yes
-o receive_override_options=no_address_mappings
-o syslog_name=postfix/submission
postfix
smtp
freebsd
email-server
Milikku
sumber
sumber
Jawaban:
FYI,
454 4.7.1 <[email protected]: Relay access denied;
adalah hasil dari defer_unauth_destination . Ini sedikit berbeda dengan reject_unauth_destination , dengan reject berarti kesalahan permanen dengan kode 550 dan menunda berarti kesalahan sementara dengan kode 450.Tapi tunggu ..., saya tidak punya parameter yang menggunakan defer_unauth_destination. Dari mana batasan aneh itu berasal?
Sebenarnya, postfix memiliki satu parameter pembatasan tersembunyi yang disebut
smtpd_relay_restriction
. Ini adalah fitur baru sehingga tutorial yang lebih lama mungkin tidak membahasnya. Secara default, smtpd_relay_restriction memiliki nilaiJadi, itu menjelaskan di mana defer_unauth_destination
Tapi itu tidak menjawab pertanyaan saya tentang klien saya ditolak :(
Perilaku (menunda | menolak) _unauth_destination adalah dokumentasi di halaman manual postfix .
Secara sederhana: postfix akan memeriksa alamat penerima . Jika bagian domain tidak didefinisikan dalam
relay_domains
(atau subdmomainnya), $ mydestination, $ inet_interfaces, $ proxy_interfaces, $ virtual_alias_domains, atau $ virtual_mailbox_domains, maka postfix akan menolaknya .Dalam log Anda di atas, penerima adalah [email protected], jadi jelas mengapa postfix menolaknya.
sumber
Saya menggunakan THUNDERBIRD sebagai MUA dan saya memiliki masalah yang sama. Saya menyelesaikan penambahan alamat IP PC rumah saya di parameter mynetworks di main.cf
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 MyIpAddress
PS Saya tidak memiliki ip statis untuk PC di rumah saya sehingga ketika ISP saya mengubahnya saya harus menyesuaikan setiap waktu.
sumber
FWIW menambahkan di bawah ini bekerja untuk saya. Saya menggunakan spf checker yang merupakan kebutuhan untuk check_policy_service. Klien saya adalah squirrelmail dan postfix server saya.
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_policy_service unix:private/policyd-spf
sumber