我用了本指南设置我的邮件服务器,一切都运行正常,除了似乎没有任何 smtp 身份验证。不知道发生了什么,因为 mail.log 或 mail.err 中没有任何指示。希望这里有人能帮助我。
这是我运行 telnet 命令时发生的情况(我交换了域和电子邮件地址)。
telnet pro.domain.org 25
Trying 50.576.3.15...
Connected to mail.domain.org.
Escape character is '^]'.
220 pro.domain.org ESMTP Postfix (Ubuntu)
ehlo example.com
250-pro.domain.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: <[email protected]>
250 2.1.0 Ok
rcpt to: <[email protected]>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
asd
.
250 2.0.0 Ok: queued as 7C0F8D620
quit
221 2.0.0 Bye
Connection closed by foreign host.
以下是 postconf -n 输出
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
always_bcc = [email protected]
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
mailbox_size_limit = 0
mydestination = localhost
myhostname = pro.domain.org
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem
smtpd_tls_key_file = /etc/ssl/private/dovecot.pem
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
以下是 postconf -a 输出
cyrus
dovecot
这是 dovecot -n 输出
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.9.2-x86_64-linode32 x86_64 Ubuntu 12.04.2 LTS ext3
auth_mechanisms = plain login
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocols = imap pop3 lmtp
service auth-worker {
user = vmail
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
mode = 0600
user = vmail
}
user = dovecot
}
service imap-login {
inet_listener imap {
port = 0
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service pop3-login {
inet_listener pop3 {
port = 0
}
}
ssl = required
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
driver = static
}
看来 dovecot 确实正在创建套接字
ls -la /var/spool/postfix/private/auth
srw-rw-rw- 1 postfix postfix 0 May 22 23:10 /var/spool/postfix/private/auth
关于现在该做什么有什么想法吗?
答案1
您的配置使用smtpd_tls_auth_only = yes,这是应该的,因为这不允许以明文形式发送密码。但是,这意味着AUTH只能通过加密通道使用。您应该使用
openssl s_client -connect smtp.example.com:25 -starttls smtp -CApath /etc/ssl/certs/
答案2
查看你的 dovecot 配置,你有:
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
根据文档后缀,您应该有一个套接字监听,而不是 unix_listener - 如果您正在使用 unix_listener,您还应该有一个 TCP 套接字。因此您的 dovecot.conf 应该包含以下内容:
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
完成此操作后,重新启动 dovecot 和 postfix。如果仍然不起作用,请检查您的 postfix 日志(通常是 /var/log/mail.log)并将其中的任何信息作为编辑发布到您的原始问题中。
原始答案,不适用于评论
您正在将电子邮件发送到 $mydomain 中列出的收件人地址,并且已将邮件服务器配置为始终接受这些邮件。
要测试身份验证,您需要从 $mynetwork 中未列出的网络连接,并将邮件发送给未列为允许的收件人域的收件人。
(事实上,如果你确实以正确的方式进行测试,那么只要你没有混淆一半的信息,那么就会更容易弄清楚。)