使用 Telnet 发送到 Gmail 时 Postfix 中继访问被拒绝

使用 Telnet 发送到 Gmail 时 Postfix 中继访问被拒绝

我已设置 postfix 和 dovecot 来处理我的域名的邮件。imap 在读取本地邮件时似乎工作正常,但是当我尝试使用带有 localhost 和 smtp 端口的 telnet 发送电子邮件时,它给出了中继访问被拒绝错误。

    [root@vps69576 ~]# telnet localhost smtp
    Trying ::1...
    Connected to localhost.
    Escape character is '^]'.
    220 mail.domain.net ESMTP Postfix
    ehlo domain.net
    250-mail.domain.net
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-AUTH PLAIN LOGIN
    250-AUTH=PLAIN LOGIN
    250-ENHANCEDSTATUSCODES
    250-8BITMIME
    250 DSN
    mail to:
    501 5.5.4 Syntax: MAIL FROM:<address>
    mail from:[email protected]
    250 2.1.0 Ok
    rcpt [email protected]
    554 5.7.1 <[email protected]>: Relay access denied

main.cf 文件的内容是

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix
mail_owner = postfix

myhostname = mail.domain.net

mydomain = domain.net

myorigin = $mydomain

inet_interfaces = all

inet_protocols = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

unknown_local_recipient_reject_code = 550

mynetworks = 127.0.0.0/8, <site IP>

relay_domains = 

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases

home_mailbox = Maildir/

sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.6.6/samples

readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks, reject_unauth_destination
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

答案1

您正在通过 IPv6 (::1) 连接到 localhost,但该地址不属于“mynetworks”列表。将其更改为

mynetworks = 127.0.0.0/8, <站点 IP>, [::1]/128

它应该可以工作。

相关内容