Postfix 不接受来自 gmail 的电子邮件

Postfix 不接受来自 gmail 的电子邮件

在 Debian Wheezy 上使用 Dovecot/postif 的最新版本时,不接受来自 gmail 的邮件。

日志:

Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: cannot get RSA certificate from file /etc/postfix/smtpd.crt: disabling TLS support
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: TLS library problem: 27084:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/postfix/smtpd.crt','r'):
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: TLS library problem: 27084:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: TLS library problem: 27084:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:722:
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: connect from mail-qe0-f47.google.com[209.85.128.47]
Sep 10 14:38:31 ns2281425 postfix/cleanup[27089]: 40F2AC0CAC: message-id=<[email protected]>
Sep 10 14:38:31 ns2281425 postfix/smtpd[27084]: disconnect from mail-qe0-f47.google.com[209.85.128.47]
Sep 10 14:38:31 ns2281425 postfix/qmgr[25342]: 40F2AC0CAC: from=<[email protected]>, size=900, nrcpt=1 (queue active)
Sep 10 14:38:31 ns2281425 postfix/local[27091]: warning: required alias not found: postmaster
Sep 10 14:38:31 ns2281425 postfix/local[27091]: 40F2AC0CAC: to=<[email protected]>, orig_to=<postmaster>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (discarded)
Sep 10 14:38:31 ns2281425 postfix/qmgr[25342]: 40F2AC0CAC: removed

Postfix 配置:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/postfix/smtpd.crt
smtpd_tls_key_file=/etc/postfix/smtpd.key
smtp_tls_CAfile = /etc/postfix/cakey.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = domain.lan

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = ns2281425.ovh.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ns2281425.ovh.net, localhost.ovh.net, , localhost
#relayhost = [smtp.mailoo.org]:225
relayhost =
mynetworks = 127.0.0.0/8, 5.39.72.228
mailbox_size_limit = 0
recipient_delimiter = +
#inet_interfaces = 127.0.0.1, 5.39.72.228
inet_interfaces = all
inet_protocols = ipv4
mailbox_command = /usr/lib/dovecot/deliver
home_mailbox = Maildir/

virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

# Wait until the RCPT TO command before evaluating restrictions
smtpd_delay_reject = yes

# Basics Restrictions
smtpd_helo_required = yes
strict_rfc821_envelopes = yes

# Requirements for the connecting server
smtpd_client_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client list.dsbl.org,
    permit

# Requirements for the HELO statement
smtpd_helo_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_non_fqdn_hostname,
    reject_invalid_hostname,
    permit

# Requirements for the sender address
smtpd_sender_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    permit

# Requirement for the recipient address
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    reject_unauth_destination,
    permit

virtual_alias_maps = hash:/etc/postfix/virtual

请问有什么想法吗?

现在邮件来自 gmail。但日志是:

Sep 10 15:17:02 ns2281425 postfix/smtpd[1720]: warning: 49.128.85.209.dnsbl.njabl.org: RBL lookup error: Host or domain name not found. Name service error for name=49.128.85.209.dnsbl.njabl.org type=A: Host not found, try again
Sep 10 15:17:17 ns2281425 postfix/smtpd[1720]: warning: 49.128.85.209.list.dsbl.org: RBL lookup error: Host or domain name not found. Name service error for name=49.128.85.209.list.dsbl.org type=A: Host not found, try again
Sep 10 15:17:17 ns2281425 postfix/cleanup[1770]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Sep 10 15:17:17 ns2281425 postfix/smtpd[1720]: 1449DC0C96: client=mail-qe0-f49.google.com[209.85.128.49]
Sep 10 15:17:17 ns2281425 postfix/cleanup[1770]: 1449DC0C96: message-id=<CAOen1CZ90Jpgg7pfbH0zTyX9QvcrAXS3Ts=OiQdYmrdH4EzZjg@mail.gmail.com>
Sep 10 15:17:17 ns2281425 postfix/qmgr[921]: 1449DC0C96: from=<[email protected]>, size=1942, nrcpt=1 (queue active)
Sep 10 15:17:17 ns2281425 postfix/smtpd[1720]: disconnect from mail-qe0-f49.google.com[209.85.128.49]
Sep 10 15:17:17 ns2281425 postfix/local[1771]: 1449DC0C96: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=31, delays=30/0/0/0.13, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver)
Sep 10 15:17:17 ns2281425 postfix/qmgr[921]: 1449DC0C96: removed

答案1

日志的前两行很清楚:

warning: cannot get RSA certificate from file /etc/postfix/smtpd.crt: disabling TLS support
warning: TLS library problem: 27084:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/postfix/smtpd.crt','r'):

找不到配置的证书,并且 Postfix 禁用 TLS 支持,但似乎 Google 仅通过安全连接传递邮件。

相关内容