我尝试使用Postfix 地址验证服务器,但我无法让它工作。
以下是我的文件内容main.cf,由postconf -n命令生成。我标记了自己修改的四行。其他配置行来自全新安装的 debian wheezy:
address_verify_default_transport = direct_smtp # added by myself
address_verify_map = btree:/var/lib/postfix/verify_cache # added by myself
address_verify_relayhost = # added by myself
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 0
mydestination = fake.example.net, localhost.example.net, localhost
myhostname = fake.example.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_unknown_recipient_domain, reject_unverified_recipient # added by myself
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
验证服务器已启动。我使用 netstat -l -p | grep verify以下代码检查了结果:
unix 2 [ ACC ] STREAM LISTENING 1851248 31291/master private/verify
然而,验证服务器从未被调用:当我向我控制 MX 服务器的域发送电子邮件时,我可以在该 MX 服务器的日志中看到,电子邮件是直接使用正确的发件人地址发送的,而不是“ double-bounce@$myorigin”它应该是。我还看到没有/var/lib/postfix/verify_cache创建任何文件。
以下是我从发送服务器看到的内容:
Dec 18 16:43:07 fake postfix/pickup[19544]: 134A96220474: uid=0 from=<root>
Dec 18 16:43:07 fake postfix/cleanup[19633]: 134A96220474: message-id=<[email protected]>
Dec 18 16:43:07 fake postfix/qmgr[31295]: 134A96220474: from=<[email protected]>, size=447, nrcpt=1 (queue active)
Dec 18 16:43:07 fake postfix/smtp[19635]: 134A96220474: to=<[email protected]>, relay=fake2.example.net[yyy.yyy.yyy.yyy]:25, delay=0.6, delays=0.09/0/0.13/0.38, dsn=4.2.0, status=deferred (host fake2.example.net[yyy.yyy.yyy.yyy] said: 450 4.2.0 <[email protected]>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/example.net.html (in reply to RCPT TO command))
那么,我缺少什么才能使 Postfix 地址验证正常工作?
答案1
您会在邮件日志片段中注意到
Dec 18 16:43:07 fake postfix/pickup[19544]: 134A96220474: uid=0 from=<root>
Dec 18 16:43:07 fake postfix/cleanup[19633]: 134A96220474: message-id=<[email protected]>
Dec 18 16:43:07 fake postfix/qmgr[31295]: 134A96220474: from=<[email protected]>, size=447, nrcpt=1 (queue active)
Dec 18 16:43:07 fake postfix/smtp[19635]: 134A96220474: to=<[email protected]>, relay=fake2.example.net[yyy.yyy.yyy.yyy]:25, delay=0.6, delays=0.09/0/0.13/0.38, dsn=4.2.0, status=deferred (host fake2.example.net[yyy.yyy.yyy.yyy] said: 450 4.2.0 <[email protected]>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/example.net.html (in reply to RCPT TO command))
smtpd里面没有任何文字。
旁注:在您的邮件日志中,电子邮件进入 Postfix 拾取过程。在postfix 架构概述,邮件进入postfix的方式有三种:smtpd、qmqpd、pickup。
收件人验证仅在电子邮件通过 smtpd 进入时才有效(您只能reject_unverified_recipient在smtpd_ *_限制)。
就我的情况而言,邮件从外部服务器进入,smtpd因此它将触发验证守护进程。