我正在为我的公司设置一个新的邮件服务器,使用Ubuntu Server 11.04postfix/dovecot。我是新手,所以遇到了一些问题。我发现它只能接收来自局域网外任何地址的邮件,而且只能向同一个域发送邮件。如果我尝试用它向外部地址(例如 gmail)发送新邮件,我会遇到这种情况Relay denied。
因此,我的服务器有 2 个网络接口,1 个用于我的局域网 (192.168.1.xxx),另一个有公共静态 IP 地址。我的域名(用于测试目的)是,enti.centropaghe.it我创建了一条MX记录来mail.enti.centropaghe.it
我的目标是获得一个功能齐全的 imap/smtp/pop3 服务器,两侧均具有身份验证,并且可以向所有地址发送电子邮件:)
我发布了一些我的配置文件,以便您可以挖掘它:
/etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_use_tls=yes
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
mydomain = enti.centropaghe.it
myhostname = mail.enti.centropaghe.it
mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost
relayhost = $mydomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
default_transport = error
relay_transport = error
mail_spool_directory = /var/mail/
/etc/resolv.conf
search enti.centropaghe.it
nameserver 192.168.1.221 #is my dns server on my lan
/etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.1.148 mail.enti.centropaghe.it darwin
域名
; <<>> DiG 9.7.3 <<>> enti.centropaghe.it mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65356
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;enti.centropaghe.it. IN MX
;; ANSWER SECTION:
enti.centropaghe.it. 8381 IN MX 10 mail.enti.centropaghe.it.
;; AUTHORITY SECTION:
centropaghe.it. 71334 IN NS dns2.telemar.it.
centropaghe.it. 71334 IN NS dns.telemar.it.
;; ADDITIONAL SECTION:
mail.enti.centropaghe.it. 7333 IN A 213.178.198.62
dns.telemar.it. 28595 IN A 213.178.196.1
dns2.telemar.it. 20154 IN A 213.178.195.254
;; Query time: 1 msec
;; SERVER: 192.168.1.221#53(192.168.1.221)
;; WHEN: Wed Feb 29 15:24:47 2012
;; MSG SIZE rcvd: 151
挖掘 enti.centropaghe.it 任何
; <<>> DiG 9.7.3 <<>> enti.centropaghe.it any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58752
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;enti.centropaghe.it. IN ANY
;; ANSWER SECTION:
enti.centropaghe.it. 8342 IN MX 10 mail.enti.centropaghe.it.
enti.centropaghe.it. 7266 IN A 213.178.198.58
;; AUTHORITY SECTION:
centropaghe.it. 71295 IN NS dns2.telemar.it.
centropaghe.it. 71295 IN NS dns.telemar.it.
;; ADDITIONAL SECTION:
mail.enti.centropaghe.it. 7294 IN A 213.178.198.62
dns.telemar.it. 28556 IN A 213.178.196.1
dns2.telemar.it. 20115 IN A 213.178.195.254
;; Query time: 0 msec
;; SERVER: 192.168.1.221#53(192.168.1.221)
;; WHEN: Wed Feb 29 15:25:27 2012
;; MSG SIZE rcvd: 167
/var/log/mail.log
Feb 29 17:11:10 darwin postfix/smtpd[8207]: warning: 213.178.xxx.xxx: hostname ip.213.178.xxx.xxx.telemar.it verification failed: Name or service not known
Feb 29 17:11:10 darwin postfix/smtpd[8207]: connect from unknown[213.178.xxx.xxx]
Feb 29 17:11:10 darwin postfix/smtpd[8207]: NOQUEUE: reject: RCPT from unknown[213.178.xxx.xxx]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[192.168.1.138]>
Feb 29 17:11:13 darwin postfix/smtpd[8207]: disconnect from unknown[213.178.xxx.xxx]
后配置-n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mail_spool_directory = /var/mail/
mailbox_size_limit = 0
mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost
mydomain = enti.centropaghe.it
myhostname = mail.enti.centropaghe.it
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
我希望就这些了。如果您还需要其他东西,请告诉我。
更新
经过最后的修改,现在我可以使用 smtp 的内部 ip 地址向外部地址发送电子邮件。但使用 mail.enti.centropaghe.it 不起作用
答案1
从你的 main.cf:
default_transport(默认值:smtp)您使用了:default_transport = 错误
与 $mydestination、$inet_interfaces、$proxy_interfaces、$virtual_alias_domains、$virtual_mailbox_domains 或 $relay_domains 不匹配的目的地的默认邮件投递传输和下一跳目的地
好了,就这样。删除此行。您想使用 SMTP 发送不属于您域的电子邮件。现在,您已强迫自己仅执行本地投递(任何应该发送到该机器之外的邮件都不会被接受)。这就是为什么您可以收到邮件,但该主机不接受的任何邮件都不会被转发。
中继主机(默认:空)您使用了:中继主机 = $mydomain
非本地邮件的下一跳目的地;覆盖收件人地址中的非本地域。此信息被relay_transport 否决...
这肯定会影响事情。除非您有另一个 SMTP 服务器监听 enti.centropaghe.it 并希望所有邮件都通过该服务器,否则您的邮件将再次无处可去。您可能应该删除此行。
Relay_Transport(默认:Relay)您使用了:Relay_transport = 错误
远程投递到 $relay_domains 列出的域的默认邮件投递传输和下一跳目的地。按优先级降序排列,下一跳目的地取自 $relay_transport、$sender_dependent_relayhost_maps、$relayhost 或收件人域
我看不到 $relay_domains,所以我建议删除它。
更新
啊,一头雾水。下面这一行说明了谁被允许中继。您的错误消息来自以 开头的主机213.178。由于没有它的条目,并且您有其他形式的中继身份验证,因此被拒绝。也许您想添加一个涵盖您分配的网络范围的条目?
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24
请让我知道这对您有何帮助。