Postfix+Dovecot+saslauthd 无法接收来自外部域名的电子邮件

2024-5-27 • tag-icon

Postfix+Dovecot+saslauthd 无法接收来自外部域名的电子邮件

在我的利诺德我关注了文档设置邮件服务器。

现在我可以向任何域名发送电子邮件，但无法从其他域名接收电子邮件！
我的意思是[电子邮件保护]可以收到[电子邮件保护]但无法收到来自 xxx@gmail/yahoo/...com 的任何邮件。我也检查了我的 vmail (Maildir)，没有来自其他域的邮件。

我收到了配送状态通知（延迟）来自 gmail（大约 24 小时后）：

Delivery to the following recipient has been delayed:
[email protected]
Message will be retried for 2 more day(s)
Technical details of temporary failure: 
The recipient server did not accept our requests to connect. Learn more at http://mail.google.com/support/bin/answer.py?answer=7720 
[mail.mydomain.com. (10): Connection refused]

这是我的设置：
我有一个MX 记录：

mail.mydomain.com

和A/AAAA 记录：

mail (with same ip as my server)

我的/etc/hosts

127.0.0.1       localhost.localdomain   localhost
(server ip)     hostname.mydomain.com  hostname

我的/etc/default/saslauthd

START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

我的/etc/别名

postmaster: root
root: [email protected]

我的 /usr/share/postfix/main.cf

protocols = imap imaps pop3 pop3s
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir

ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem

namespace private {
    separator = .
    prefix = INBOX.
    inbox = yes
}

protocol lda {
    log_path = /home/vmail/dovecot-deliver.log
    auth_socket_path = /var/run/dovecot/auth-master
    postmaster_address = [email protected]
    mail_plugins = sieve
    global_script_path = /home/vmail/globalsieverc
}

protocol pop3 {
    pop3_uidl_format = %08Xu%08Xv
}

auth default {
    user = root

    passdb sql {
        args = /etc/dovecot/dovecot-sql.conf
    }

    userdb static {
        args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
    }

    socket listen {
        master {
            path = /var/run/dovecot/auth-master
            mode = 0600
            user = vmail
        }

        client {
            path = /var/spool/postfix/private/auth
            mode = 0660
            user = postfix
            group = postfix
        }
    }

我的/usr/share/postfix/main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = hostname.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = hostname.mydomain.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = (server ip), 127.0.0.1
html_directory = /usr/share/doc/postfix/html
message_size_limit = 30720000
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destinationvirtual_create_maildirsize = yes
virtual_maildir_extended = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps        $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

我的iptables规则：（
我使用 2525 而不是 25 端口，并且它在我的计算机和 ISP 上是打开的，我可以通过它进行远程网络通信）

 pkts bytes target     prot opt in     out     source               destination         
  130  7820 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:smtp 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:25 
  388 33099 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:2525 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:2525 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:100 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:pop3 
   65  3538 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:pop3 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:26 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:26 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:pop3s 
 2355  184K ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:pop3s

日志
没有添加任何内容到我的 /var/log/邮件日志当我应该收到其他域名的邮件时，似乎当我尝试通过邮件客户端接收邮件时一切正常。

Apr 14 07:53:51 hostname dovecot: pop3-login: Login: user=<[email protected]>, method=PLAIN, rip=94.182.127.182, lip=178.79.152.29, TLS
Apr 14 07:53:52 hostname dovecot: POP3([email protected]): Disconnected: Logged out top=0/0, retr=0/0, del=0/7, size=6546

/home/vmail/ 没有任何反应dovecot-deliver.log当我应该收到来自其他域名的邮件时，但在同一域名的电子邮件中似乎普通的：

2011-04-14 05:42:53 deliver([email protected]): Info: msgid=<[email protected]>: saved mail to INBOX

我通过 VMail、mutt、Apple Mail 和 Thunderbird 检查了邮件，这是我在邮件客户端上的设置：
帐户类型：pop3
接收邮件服务器：mail.mydomain.com
用户名： [电子邮件保护]
密码：XXX
对外邮件服务器：
服务器名称：mail.mydomain.com
港口：2525
使用 SSL
認證：密码
用户名： [电子邮件保护]
密码：XXX

答案1

由于 /var/mail/mail.log 中没有任何记录，并且您的链显示没有流量进入 tcp/25，因此我认为您的 ISP 阻止了 tcp/25 上的传入流量。这是家庭用户的正常做法。除非您有商务级连接，否则 ISP 不会允许流量流向其客户，目的地是 tcp/25。

您需要某种外部服务，例如 DynDNS 的 mailhop。您将 DynDNS 设置为您的 MX，然后它们会通过开放的目标端口（例如 2525）将邮件转发到您的服务器。

编辑： 要清楚；真正的互联网电子邮件只在端口 tcp/25 上传输。您不能只打开 2525 这样的端口并期望它能正常工作。

答案2

因为我的ISP也封了25端口，所以我在/etc/postfix/main.cf中又加了一个端口（2525），但是我错误地注释掉了smtp端口，导致无法接收外域的邮件。

# Does not work
#smtp      inet  n       -       -       -       -       smtpd
2525      inet  n       -       -       -       -       smtpd

要从其他服务器接收邮件，以及绕过 ISP 的端口限制，只需打开端口 25（smtp）和您选择的另一个端口。

# Works
smtp      inet  n       -       -       -       -       smtpd
2525      inet  n       -       -       -       -       smtpd

答案1

答案2

相关内容