我在 CentOS 6 上运行 Postfix 2.6.6,正如本文标题所述,我在接收来自外部来源的退回电子邮件时遇到了问题。以下是示例:
测试 1:从 Gmail 向“我的域名”上的无效电子邮件帐户发送一封电子邮件,并从我们的服务器收到 550 5.1.1 消息。工作正常。
测试 2:从“我的域”向“我的域”上的无效电子邮件帐户发送内部电子邮件,并立即收到 550 5.1.1 消息。工作正常。
测试 3:从“我的域名”向无效的 Gmail 帐户发送了一封电子邮件,但我没有收到任何回复。问题。
这里担心的是,如果我们的一名员工向一个无效帐户发送了一封电子邮件,而他们没有收到来自外部服务器的任何退回消息,他们就会认为该邮件已被送达,而事实上,它根本没有被送达。
有什么想法吗?不太确定要更改哪些设置。谢谢!
postconf-n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
default_destination_recipient_limit = 100
home_mailbox = Maildir/
html_directory = no
inet_protocols = ipv4
initial_destination_concurrency = 3
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 25480000
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, localhost.$mydomain, localhost, my.domain.com
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:8891
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
recipient_delimiter = +
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit
smtpd_milters = inet:localhost:8891
smtpd_recipient_limit = 100
smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, permit
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
maillog 条目显示:
# grep 5D23C6314E maillog
Nov 12 21:32:47 apache3 postfix/smtpd[29004]: 5D23C6314E: client=S0106c8fb267f18ed.cg.shawcable.net[174.0.76.61], sasl_method=LOGIN, [email protected]
Nov 12 21:32:47 apache3 postfix/cleanup[28695]: 5D23C6314E: message-id=<00e801cffefa$d97f9550$8c7ebff0$@[email protected]>
Nov 12 21:32:47 apache3 postfix/qmgr[16105]: 5D23C6314E: from=<[email protected]>, size=31705, nrcpt=1 (queue active)
Nov 12 21:32:47 apache3 postfix/smtp[28967]: 5D23C6314E: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[74.125.28.27]:25, delay=0.83, delays=0.58/0/0.19/0.07, dsn=5.1.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.28.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 cr1si15800531pdb.30 - gsmtp (in reply to RCPT TO command))
Nov 12 21:32:47 apache3 postfix/qmgr[16105]: 5D23C6314E: removed
主配置文件
smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
smtps inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 discard
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
答案1
正如预期的那样,有问题的行来自master.cf
。这是罪魁祸首
bounce unix - - n - 0 discard
bounce unix - - n - 0 bounce
这一变化导致递送失败将被默默丢弃。解决方案:将该行替换为默认行。
我不知道谁对这一变化负责。也许是有人试图通过以下方式抑制反弹遵循这个错误的建议:(
无论如何,上面的第一和第二次测试根本不涉及后缀中的反弹。该操作称为拒绝,由smtpd
流程处理。