我刚刚在运行 Ubuntu 14.04.1 LTS 的服务器上安装了 postfix。我有点困惑,不知道该如何解释位于 的 postfix 日志/var/log/mail.log。
首先,我安装 postfix 的原因之一是希望我的 cron 作业能够向我发送包含任何错误或输出的电子邮件。当这种情况发生时,Gmail 似乎会阻止该邮件,因为它认为这是未经请求的电子邮件。
为了测试这一点,我设置了一个 cronjob,它只是回显单词test。这是我的 cron 文件:
[email protected]
44 13 * * * echo test
运行时,我在 Postfix 日志中看到的内容如下:
Feb 7 13:44:01 prod postfix/pickup[22580]: AE4271627DB: uid=0 from=<root>
Feb 7 13:44:01 prod postfix/cleanup[23434]: AE4271627DB: message-id=<[email protected]>
Feb 7 13:44:01 prod postfix/qmgr[3539]: AE4271627DB: from=<[email protected]>, size=565, nrcpt=1 (queue active)
Feb 7 13:44:01 prod postfix/smtp[23436]: connect to gmail-smtp-in.l.google.com[2607:f8b0:400d:c03::1b]:25: Network is unreachable
Feb 7 13:44:02 prod postfix/smtp[23436]: AE4271627DB: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[64.233.171.27]:25, delay=1.2, delays=0.02/0.01/0.56/0.65, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[64.233.171.27] said: 550-5.7.1 [104.236.71.114 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 550 5.7.1 more information. a3si7533488qas.19 - gsmtp (in reply to end of DATA command))
Feb 7 13:44:02 prod postfix/cleanup[23434]: E62521627DC: message-id=<[email protected]>
Feb 7 13:44:02 prod postfix/qmgr[3539]: E62521627DC: from=<>, size=3228, nrcpt=1 (queue active)
Feb 7 13:44:02 prod postfix/bounce[23437]: AE4271627DB: sender non-delivery notification: E62521627DC
Feb 7 13:44:02 prod postfix/qmgr[3539]: AE4271627DB: removed
Feb 7 13:44:02 prod postfix/local[23439]: E62521627DC: to=<[email protected]>, relay=local, delay=0.01, delays=0/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
Feb 7 13:44:02 prod postfix/qmgr[3539]: E62521627DC: removed
发生这种情况后,我没有在我的 Gmail 帐户中收到电子邮件,并且我在我的服务器上看到一封新的电子邮件/var/mail/root:
From MAILER-DAEMON Sat Feb 7 13:44:02 2015
Return-Path: <>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by server.hostname.01 (Postfix)
id E62521627DC; Sat, 7 Feb 2015 13:44:02 -0500 (EST)
Date: Sat, 7 Feb 2015 13:44:02 -0500 (EST)
From: [email protected] (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: [email protected]
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="AE4271627DB.1423334642/server.hostname.01"
Message-Id: <[email protected]>
This is a MIME-encapsulated message.
--AE4271627DB.1423334642/server.hostname.01
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii
This is the mail system at host server.hostname.01.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<[email protected]>: host gmail-smtp-in.l.google.com[64.233.171.27] said:
550-5.7.1 [104.236.71.114 12] Our system has detected that this
message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam
sent to Gmail, 550-5.7.1 this message has been blocked. Please visit
550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131
for 550 5.7.1 more information. a3si7533488qas.19 - gsmtp (in reply to end
of DATA command)
--AE4271627DB.1423334642/server.hostname.01
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; server.hostname.01
X-Postfix-Queue-ID: AE4271627DB
X-Postfix-Sender: rfc822; [email protected]
Arrival-Date: Sat, 7 Feb 2015 13:44:01 -0500 (EST)
Final-Recipient: rfc822; [email protected]
Action: failed
Status: 5.7.1
Remote-MTA: dns; gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 550-5.7.1 [104.236.71.114 12] Our system has
detected that this message is 550-5.7.1 likely unsolicited mail. To reduce
the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked.
Please visit 550-5.7.1
http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 550
5.7.1 more information. a3si7533488qas.19 - gsmtp
--AE4271627DB.1423334642/server.hostname.01
Content-Description: Undelivered Message
Content-Type: message/rfc822
Return-Path: <[email protected]>
Received: by server.hostname.01 (Postfix, from userid 0)
id AE4271627DB; Sat, 7 Feb 2015 13:44:01 -0500 (EST)
From: [email protected] (Cron Daemon)
To: [email protected]
Subject: Cron <root@server> echo test
Content-Type: text/plain; charset=ANSI_X3.4-1968
X-Cron-Env: <[email protected]>
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=root>
Message-Id: <[email protected]>
Date: Sat, 7 Feb 2015 13:44:01 -0500 (EST)
test
--AE4271627DB.1423334642/server.hostname.01--
我在服务器上还安装了 fail2ban。当 fail2ban 阻止某个 IP 地址尝试登录我的服务器时,它会向我发送一封电子邮件通知我。以下是电子邮件消息中的部分标题:
Received: by server.hostname.01 (Postfix, from userid 0)
From: Fail2Ban <[email protected]>
To: [email protected]
Message-Id: <[email protected]>
当我在邮件日志中搜索该消息 ID 时,我看到以下内容:
Feb 7 11:05:36 server postfix/cleanup[22079]: 6BBAB1627DB: message-id=<[email protected]>
Feb 7 11:05:36 server postfix/qmgr[3539]: 6BBAB1627DB: from=<[email protected]>, size=1951, nrcpt=1 (queue active)
Feb 7 11:05:36 server postfix/smtp[22081]: connect to gmail-smtp-in.l.google.com[2607:f8b0:400d:c03::1b]:25: Network is unreachable
Feb 7 11:05:37 server postfix/smtp[22081]: 6BBAB1627DB: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[64.233.171.26]:25, delay=1.7, delays=0.2/0/0.55/0.95, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[64.233.171.26] said: 550-5.7.1 [104.236.71.114 11] Our system has detected that this message is 550-5.7.1 not RFC 2822 compliant. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please review 550 5.7.1 RFC 2822 specifications for more information. z1si7039105qar.33 - gsmtp (in reply to end of DATA command))
Feb 7 11:05:37 server postfix/cleanup[22079]: EC2971627DC: message-id=<[email protected]>
Feb 7 11:05:37 server postfix/qmgr[3539]: EC2971627DC: from=<>, size=4514, nrcpt=1 (queue active)
Feb 7 11:05:37 server postfix/bounce[22082]: 6BBAB1627DB: sender non-delivery notification: EC2971627DC
Feb 7 11:05:37 server postfix/qmgr[3539]: 6BBAB1627DB: removed
Feb 7 11:05:37 server postfix/local[22084]: EC2971627DC: to=<[email protected]>, relay=local, delay=0.01, delays=0/0.01/0/0, dsn=5.1.1, status=bounced (unknown user: "fail2ban")
Feb 7 11:05:37 server postfix/qmgr[3539]: EC2971627DC: removed
这似乎意味着该消息已被阻止,就像 cron 作业发送的消息一样,但是,该消息确实出现在我的 Gmail 收件箱中。
我希望有人能解释为什么 fail2ban 能够成功向 Gmail 发送电子邮件,但我的 cron 作业却不能。我还希望有人能帮助我准确理解此日志输出的含义,以便我更好地了解正在发生的事情。也许我的 postfix 配置有误?
更新
根据评论,以下是进入我收件箱的一条 fail2ban 消息的完整消息头,但在记录的 postfix 中显示为被阻止。这与本问题上一部分讨论的消息不同,但它显示的行为完全相同:
Delivered-To: [email protected]
Received: by 10.25.23.137 with SMTP id 9csp1267799lfx;
Sun, 8 Feb 2015 16:18:32 -0800 (PST)
X-Received: by 10.224.96.196 with SMTP id i4mr22411932qan.44.1423441111367;
Sun, 08 Feb 2015 16:18:31 -0800 (PST)
Return-Path: <[email protected]>
Received: from prod.spirecollective.01 ([104.236.71.114])
by mx.google.com with ESMTP id 33si12196322qgi.19.2015.02.08.16.18.30
for <[email protected]>;
Sun, 08 Feb 2015 16:18:31 -0800 (PST)
Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=104.236.71.114;
Authentication-Results: mx.google.com;
spf=none (google.com: [email protected] does not designate permitted sender hosts) [email protected]
Received: by prod.spirecollective.01 (Postfix, from userid 0)
id 103C01627EF; Sun, 8 Feb 2015 19:18:30 -0500 (EST)
Subject: [Fail2Ban] ssh: banned 124.205.135.225 from prod.spirecollective.01
Date: Mon, 09 Feb 2015 00:18:29 +0000
From: Fail2Ban <[email protected]>
To: [email protected]
Message-Id: <[email protected]>
以下是来自 Postfix 日志的同一条消息的条目:
Feb 8 19:18:30 prod postfix/pickup[2360]: 103C01627EF: uid=0 from=<fail2ban>
Feb 8 19:18:30 prod postfix/cleanup[3152]: 103C01627EF: message-id=<[email protected]>
Feb 8 19:18:30 prod postfix/qmgr[3539]: 103C01627EF: from=<[email protected]>, size=2156, nrcpt=1 (queue active)
Feb 8 19:18:31 prod postfix/smtp[3154]: 103C01627EF: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[64.233.171.26]:25, delay=1.5, delays=0.16/0/0.55/0.77, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[64.233.171.26] said: 550-5.7.1 [104.236.71.114 11] Our system has detected that this message is 550-5.7.1 not RFC 2822 compliant. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please review 550 5.7.1 RFC 2822 specifications for more information. 33si12196322qgi.19 - gsmtp (in reply to end of DATA command))
Feb 8 19:18:31 prod postfix/bounce[3155]: 103C01627EF: sender non-delivery notification: 633B4162817
Feb 8 19:18:31 prod postfix/qmgr[3539]: 103C01627EF: removed
答案1
感谢您提供收到的电子邮件的完整标题以及队列 ID103C01627EF及其相关的邮件日志。
此日志告诉我们 gmail 拒绝了该电子邮件。理论上,您的 gmail 收件箱中不会显示任何内容。但实际上,gmail可能接受邮件并将其发送到您的邮箱。证据是上面发布的完整标题。
我想说的是,有时邮件服务器行为不当(由于错误、丢弃策略或其他因素)。
- 他们可能会在 DATA 阶段后拒绝您,但实际上他们会接受电子邮件并将其发送给合适的收件人。您的案例就是一个例子。
- 他们可能先接受电子邮件。在他们用防病毒守护程序扫描电子邮件后,发现电子邮件含有病毒。因此,他们将其丢弃。
现在,真正的问题是 Gmail 为何拒绝您的电子邮件。发件人地址似乎[email protected]不符合 FQDN 格式。因此,Gmail 拒绝您的电子邮件是正常的。