Postfix 错误 5.7.0:必须先发出 STARTTLS 命令

tag-icon tag-icon postfix tls
Postfix 错误 5.7.0:必须先发出 STARTTLS 命令

我在从外部地址向我的域发送邮件时遇到问题(我怀疑是 Exchange 服务器的问题)。错误如下:

myaddress : mail.mydomain.com #<mail.mydomain.com #5.7.0 smtp; 530 5.7.0 Must issue a STARTTLS command first> #SMTP#

然而,看了其他讨论同一主题的帖子,我认为我已经正确配置了 TLS。我的配置详述如下:

#######################
## GENERALS SETTINGS ##
#######################

smtpd_banner         = $myhostname ESMTP $mail_name
biff                 = no
append_dot_mydomain  = no
readme_directory     = no
delay_warning_time   = 4h
mailbox_command      = procmail -a "$EXTENSION"
recipient_delimiter  = +
disable_vrfy_command = yes
message_size_limit   = 50240000
mailbox_size_limit   = 1024000000
inet_interfaces = all
inet_protocols = ipv4

myhostname    = mail.mydomain.com
myorigin      = mail.mydomain.com
mydestination = localhost localhost.$mydomain 
mynetworks    = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0.0/28 192.168.1.0/28 192.168.2.0/28
relayhost     =

alias_maps     = hash:/etc/aliases
alias_database = hash:/etc/aliases

####################
## TLS PARAMETERS ##
####################
# Smtp ( OUTGOING / Client )
smtp_tls_loglevel            = 1
smtp_tls_security_level      = may
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile              = /etc/ssl/certs/mydomain.cert.pem
smtp_tls_cert_file = /etc/ssl/certs/mydomain.crt
smtp_tls_key_file = /etc/ssl/private/mydomain.key
smtp_tls_protocols           = TLSv1, TLSv1.1, Tlsv1.2, !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = TLSv1, TLSv1.1, Tlsv1.2, !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers   = high
smtp_tls_exclude_ciphers = MEDIUM, LOW, aNULL, eNULL, SEED, 3DES, DES, MD5, EXP, CBC, PSD, PSK, SRP, DSS, RC4
smtp_tls_mandatory_exclude_ciphers = MEDIUM, LOW, aNULL, eNULL, SEED, 3DES, DES, MD5, EXP, CBC, PSD, PSK, SRP, DSS, RC4
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES$
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_tls_ask_ccert = yes
smtpd_tls_req_ccert = no
smtp_tls_enforce_peername = no
# ---------------------------------------------------------------------------------------------------

# Smtpd ( INCOMING / Server )
smtpd_tls_loglevel            = 1
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_tls_auth_only           = yes
smtpd_tls_security_level      = may
smtpd_tls_received_header     = yes
#smtpd_tls_protocols           = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers   = medium

# Infos (voir : postconf -d)
# Medium cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH
# High cipherlist   = aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH

# smtpd_tls_exclude_ciphers   = NE PAS modifier cette directive pour des raisons de compatibilité
#                               avec les autres serveurs de mail afin d'éviter une erreur du type
#                               "no shared cipher" ou "no cipher overlap" puis un fallback en
#                               plain/text...
# smtpd_tls_cipherlist        = Ne pas modifier non plus !

smtpd_tls_cert_file           = /etc/ssl/certs/mail.mydomain.com.crt
smtpd_tls_key_file            = /etc/ssl/private/mydomain.key
smtpd_tls_dh1024_param_file   = $config_directory/dh2048.pem
#smtpd_tls_dh512_param_file    = $config_directory/dh512.pem

tls_preempt_cipherlist = yes
tls_random_source      = dev:/dev/urandom

smtp_tls_session_cache_database  = btree:${data_directory}/smtp_scache
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
lmtp_tls_session_cache_database  = btree:${data_directory}/lmtp_scache

# ----------------------------------------------------------------------

#####################
## SASL PARAMETERS ##
#####################

smtpd_sasl_auth_enable          = yes
smtpd_sasl_type                 = dovecot
smtpd_sasl_path                 = private/auth
smtpd_sasl_security_options     = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_local_domain         = $mydomain
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain         = $mydomain
smtpd_sasl_authenticated_header = yes

broken_sasl_auth_clients = yes

##############################
## VIRTUALS MAPS PARAMETERS ##
##############################

virtual_uid_maps        = static:5000
virtual_gid_maps        = static:5000
virtual_minimum_uid     = 5000
virtual_mailbox_base    = /data/mail
virtual_transport       = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps    = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps      = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

######################
## ERRORS REPORTING ##
######################

# notify_classes = bounce, delay, resource, software
notify_classes = resource, software

error_notice_recipient     = [email protected]
# delay_notice_recipient   = [email protected]
# bounce_notice_recipient  = [email protected]
# 2bounce_notice_recipient = [email protected]

##################
## RESTRICTIONS ##
##################

smtpd_relay_restrictions =
     permit_mynetworks,
     permit_sasl_authenticated,
     reject_non_fqdn_recipient,
     reject_unauth_destination,
     reject_unknown_recipient_domain,
     reject_rbl_client zen.spamhaus.org

smtpd_helo_restrictions =
     permit_mynetworks,
     permit_sasl_authenticated,
     reject_invalid_helo_hostname,
     reject_non_fqdn_helo_hostname
     # reject_unknown_helo_hostname

smtpd_client_restrictions =
     permit_mynetworks,
smtpd_client_restrictions =
     permit_mynetworks,
     permit_inet_interfaces,
     permit_sasl_authenticated

smtpd_sender_restrictions =
     reject_non_fqdn_sender,
     reject_unknown_sender_domain

##########
## DKIM ##
##########

milter_protocol = 6
milter_default_action = accept
#smtpd_milters = unix:/var/spool/postfix/opendkim/opendkim.sock, unix:/var/spool/postfix/opendmarc/opendmarc.sock, unix:/var/run/clamav/clamav-milter.ctl
smtpd_milters         = inet:localhost:12345,inet:localhost:54321
non_smtpd_milters     = $smtpd_milters

debug_peer_list = mail.domain_with_error_5.7.0.fr #log problematic host

编辑 :

Mar 21 14:31:57 raspi01 postfix/smtpd[11686]: warning: match_list_parse: comment at end of line is not supported: #log problematic host
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: connect from mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: smtp_stream_setup: maxtime=300 enable_deadline=0
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 127.0.0.0/8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 127.0.0.0/8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? [::ffff:127.0.0.0]/104
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? [::ffff:127.0.0.0]/104
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? [::1]/128
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? [::1]/128
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 192.168.0.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 192.168.0.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 192.168.1.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 192.168.1.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 192.168.2.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 192.168.2.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_list_match: mail.domain_with_error_5.7.0.fr: no match
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_list_match: 86.xx.xx.xx: no match
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: auto_clnt_open: connected to private/anvil
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: send attr request = connect
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: send attr ident = smtp:86.xx.xx.xx
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: private/anvil: wanted attribute: status
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute name: status
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute value: 0
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: private/anvil: wanted attribute: count
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute name: count
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute value: 1
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: private/anvil: wanted attribute: rate
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute name: rate
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute value: 1
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: private/anvil: wanted attribute: (list terminator)
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute name: (end)
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: report connect to all milters
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "j"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: result "mail.mydomain.com"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "{daemon_name}"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: result "mail.mydomain.com"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "v"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: result "Postfix 2.11.3"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: non-protocol events for protocol version 6:
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: transport=inet endpoint=localhost:12345
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: trying... [127.0.0.1]
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: vstream_tweak_tcp: TCP_MAXSEG 21845
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: fd=18: stream buffer size old=0 new=43690
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: my_version=0x6
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: my_actions=0x1ff SMFIF_ADDHDRS SMFIF_CHGBODY SMFIF_ADDRCPT SMFIF_DELRCPT SMFIF_CHGHDRS SMFIF_QUARANTINE SMFIF_CHGFROM SMFIF_ADDRCPT_PAR SMFIF_SETSYMLIST
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: my_events=0x1fffff SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL SMFIP_NORCPT SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH SMFIP_NR_HDR SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_RCPT_REJ SMFIP_NR_CONN SMFIP_NR_HELO SMFIP_NR_MAIL SMFIP_NR_RCPT SMFIP_NR_DATA SMFIP_NR_UNKN SMFIP_NR_EOH SMFIP_NR_BODY SMFIP_HDR_LEADSPC
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: milter inet:localhost:12345 version 6
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: events SMFIP_NOHELO SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_HDR_LEADSPC
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: requests SMFIF_ADDHDRS SMFIF_CHGHDRS SMFIF_SETSYMLIST
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_conn_event: milter inet:localhost:12345: connect mail.domain_with_error_5.7.0.fr/86.xx.xx.xx
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: event: SMFIC_CONNECT; macros: j=mail.mydomain.com {daemon_name}=mail.mydomain.com v=Postfix 2.11.3
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: reply: SMFIR_CONTINUE data 0 bytes
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: non-protocol events for protocol version 6:
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: transport=inet endpoint=localhost:54321
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: trying... [127.0.0.1]
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: vstream_tweak_tcp: TCP_MAXSEG 21845
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: fd=19: stream buffer size old=0 new=43690
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: my_version=0x6
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: my_actions=0x1ff SMFIF_ADDHDRS SMFIF_CHGBODY SMFIF_ADDRCPT SMFIF_DELRCPT SMFIF_CHGHDRS SMFIF_QUARANTINE SMFIF_CHGFROM SMFIF_ADDRCPT_PAR SMFIF_SETSYMLIST
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: my_events=0x1fffff SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL SMFIP_NORCPT SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH SMFIP_NR_HDR SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_RCPT_REJ SMFIP_NR_CONN SMFIP_NR_HELO SMFIP_NR_MAIL SMFIP_NR_RCPT SMFIP_NR_DATA SMFIP_NR_UNKN SMFIP_NR_EOH SMFIP_NR_BODY SMFIP_HDR_LEADSPC
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: milter inet:localhost:54321 version 6
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: events SMFIP_NOHELO SMFIP_NOBODY SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_connect: requests SMFIF_ADDHDRS SMFIF_QUARANTINE
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_conn_event: milter inet:localhost:54321: connect mail.domain_with_error_5.7.0.fr/86.xx.xx.xx
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: event: SMFIC_CONNECT; macros: j=mail.mydomain.com {daemon_name}=mail.mydomain.com v=Postfix 2.11.3
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: reply: SMFIR_CONTINUE data 0 bytes
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 220 mail.mydomain.com ESMTP Postfix
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: watchdog_pat: 0x554664b8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: < mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: EHLO mail.domain_with_error_5.7.0.fr
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: report helo to all milters
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "{tls_version}"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "{cipher}"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "{cipher_bits}"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "{cert_subject}"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter_macro_lookup: "{cert_issuer}"
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_helo_event: milter inet:localhost:12345: helo mail.domain_with_error_5.7.0.fr
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: event: SMFIC_HELO; macros: (none)
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: skipping event SMFIC_HELO for milter inet:localhost:12345
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_helo_event: milter inet:localhost:54321: helo mail.domain_with_error_5.7.0.fr
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: event: SMFIC_HELO; macros: (none)
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: skipping event SMFIC_HELO for milter inet:localhost:54321
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_list_match: mail.domain_with_error_5.7.0.fr: no match
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_list_match: 86.xx.xx.xx: no match
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250-mail.mydomain.com
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250-PIPELINING
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250-SIZE 50240000
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250-ETRN
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250-STARTTLS
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250-ENHANCEDSTATUSCODES
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250-8BITMIME
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 250 DSN
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: watchdog_pat: 0x554664b8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: < mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: MAIL FROM:<external@domain_with_error.com> SIZE=3853
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 530 5.7.0 Must issue a STARTTLS command first
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: watchdog_pat: 0x554664b8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: < mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: RCPT TO:<[email protected]> ORCPT=rfc822;[email protected]
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 530 5.7.0 Must issue a STARTTLS command first
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: watchdog_pat: 0x554664b8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: < mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: DATA
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 530 5.7.0 Must issue a STARTTLS command first
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: watchdog_pat: 0x554664b8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: < mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: RSET
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 530 5.7.0 Must issue a STARTTLS command first
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: watchdog_pat: 0x554664b8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: < mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: QUIT
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: > mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]: 221 2.0.0 Bye
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 127.0.0.0/8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 127.0.0.0/8
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? [::ffff:127.0.0.0]/104
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? [::ffff:127.0.0.0]/104
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? [::1]/128
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? [::1]/128
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 192.168.0.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 192.168.0.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 192.168.1.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 192.168.1.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostname: mail.domain_with_error_5.7.0.fr ~? 192.168.2.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_hostaddr: 86.xx.xx.xx ~? 192.168.2.0/28
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_list_match: mail.domain_with_error_5.7.0.fr: no match
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: match_list_match: 86.xx.xx.xx: no match
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: send attr request = disconnect
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: send attr ident = smtp:86.xx.xx.xx
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: private/anvil: wanted attribute: status
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute name: status
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute value: 0
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: private/anvil: wanted attribute: (list terminator)
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: input attribute name: (end)
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: abort all milters
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_abort: abort milter inet:localhost:12345
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_abort: abort milter inet:localhost:54321
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: disconnect event to all milters
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_disc_event: quit milter inet:localhost:12345
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: milter8_disc_event: quit milter inet:localhost:54321
Mar 21 14:31:58 raspi01 postfix/smtpd[11686]: disconnect from mail.domain_with_error_5.7.0.fr[86.xx.xx.xx]

答案1

我找到了解决方案,

问题出在 master.cnf 中,它覆盖了smtpd_tls_security_level

smtp inet n - - - - smtpd
-osmtpd_tls_security_level=可能
-o smtpd_sasl_auth_enable=是

提交 inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_dh1024_param_file=/etc/postfix/dh2048.pem
-o content_filter=spamassassin
-osmtpd_tls_security_level=可能
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,拒绝...

相关内容