Postfix:将电子邮件转发到非本地地址-从用户未知扩展

tag-icon tag-icon postfix alias mail-forwarding
Postfix:将电子邮件转发到非本地地址-从用户未知扩展

我在使用 postfix 时遇到了问题,特别是在创建本地虚拟别名以将电子邮件转发到外部地址(在其他服务器上)时。

我的目标是:将发送的所有电子邮件转发[email protected][email protected](另一台服务器上的虚拟用户,如 gmail 等)。

我尝试使用以下方法来设置它,virtual_alias_maps结果如下:

This is the mail system at host my-server.xyz.com.

I'm sorry to have to inform you that your message could not
be delivered (...)

<[email protected]> (expanded from <[email protected]>): user unknown
Reporting-MTA: dns; my-server.xyz.com

它知道应该转发电子邮件,[email protected]但是它说找不到该用户?它正在寻找[email protected]自己的虚拟用户吗?为什么?

我在virtual_alias_maps内部转发电子邮件中有多个条目,例如[email protected]转发/别名为,[email protected]并且有效。但是当目的地是外部地址时,我收到上述错误

我的一部分main.cf

smtpd_recipient_restrictions = 
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_invalid_hostname,
    reject_non_fqdn_sender,
    reject_unknown_client_hostname,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_unknown_address,
    reject_non_fqdn_recipient,
    reject_unauth_destination,
    reject_unauth_pipelining

smtpd_client_restrictions = 
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_invalid_hostname,
    check_client_access regexp:/etc/postfix/checks/client_restrictions,
    reject_rbl_client zen.spamhaus.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client cbl.abuseat.org

smtpd_sender_restrictions = 
    permit_mynetworks,
    reject_unknown_address,
    reject_unknown_sender_domain,
    reject_non_fqdn_sender,
    #reject_sender_login_mismatch
    reject_authenticated_sender_login_mismatch

smtpd_helo_restrictions = 
    permit_sasl_authenticated,
    permit_mynetworks,
    check_helo_access hash:/etc/postfix/checks/helo_access,
    reject_non_fqdn_helo_hostname,
    reject_invalid_helo_hostname,
    reject_unknown_helo_hostname,
    permit

smtpd_sender_login_maps = mysql:/etc/postfix/virtual/mysql-sender-login-maps.cf

# Virtual Maps 
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = mysql:/etc/postfix/virtual/mysql-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/virtual/mysql-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/virtual/mysql-alias-maps.cf

virtual_alias_maps运行此 SQL:

query = SELECT destination FROM `VirtualAlias` WHERE source='%s' AND active = 1

对于上面的例子,它有以下条目:

id | source | destination | active
1 [email protected] [email protected] 1
2 [email protected] [email protected] 1

当我说它在寻找[email protected]自己的虚拟用户然后失败(因为它显然是一封外部电子邮件)时,我的假设正确吗?如果正确,我该如何修复它?

谢谢。

无端口 25 发送:没有电子邮件客户端能够通过端口 25 发送电子邮件,它们被迫通过端口 587(MSA)。user unknown=>如果他们尝试使用端口 25 发送电子邮件,他们也会收到邮件(对于外部目的地,内部目的地也可以)。也许和这个有关?

我猜这是因为垃圾邮件控制下面的内容过滤器强制所有发送的电子邮件直接发送到dovecot,如果目的地不是我们的虚拟用户之一,它就会失败...

此外,提交的控制如下:

submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

** 也许这里的 smtpd_client_restrictions 限制使事情变得困难?**

垃圾邮件控制master.cf已更改为通过内容过滤器发送所有电子邮件:

smtp      inet  n       -       -       -       -       smtpd -o content_filter=spamassassin

spamassassin unix -     n   n   -   -   pipe
    flags=DROhu user=vmail:vmail argv=/usr/bin/spamc -f -e /usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}

@clement 建议的检查:

postmap -q external-server.com mysql:/etc/postfix/virtual/mysql-mailbox-maps.cf
postmap -q external-server.com mysql:/etc/postfix/virtual/mysql-mailbox-domains.cf

=>均给出空结果,正如预期的那样,因为external-server.com没有列出在那里。

定义virtual_alias_domains没有帮助。同样的问题。我们需要设置它吗?据我所知,如果virtual_alias_domains为空,后缀将进一步查看virtual_alias_maps

@Guntis 建议的检查:

正如我所怀疑的postfix 似乎试图将转发的电子邮件发送到 spamassassin+dovecot,阅读上面的“无端口 25 发送”和我的评论:

postfix/smtpd[]: < remote-incoming.server.com[87.x.x.x]: RCPT TO:<[email protected]>
postfix/smtpd[]: extract_addr: input: <[email protected]>
postfix/smtpd[]: smtpd_check_addr: [email protected]
postfix/smtpd[]: send attr request = rewrite
postfix/smtpd[]: send attr rule = local
postfix/smtpd[]: send attr address = [email protected]
postfix/smtpd[]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[]: input attribute name: flags
postfix/smtpd[]: input attribute value: 0
postfix/smtpd[]: private/rewrite socket: wanted attribute: address
postfix/smtpd[]: input attribute name: address
postfix/smtpd[]: input attribute value: [email protected]
postfix/smtpd[]: private/rewrite socket: wanted attribute: (list terminator)
postfix/smtpd[]: input attribute name: (end)
postfix/smtpd[]: rewrite_clnt: local: [email protected] -> [email protected]
postfix/smtpd[]: send attr request = resolve
postfix/smtpd[]: send attr sender =
postfix/smtpd[]: send attr address = [email protected]
postfix/smtpd[]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[]: input attribute name: flags
postfix/smtpd[]: input attribute value: 0
postfix/smtpd[]: private/rewrite socket: wanted attribute: transport
postfix/smtpd[]: input attribute name: transport
postfix/smtpd[]: input attribute value: lmtp
postfix/smtpd[]: private/rewrite socket: wanted attribute: nexthop
postfix/smtpd[]: input attribute name: nexthop

# 1. WHY?? unix:private/dovecot-lmtp

postfix/smtpd[]: input attribute value: unix:private/dovecot-lmtp
postfix/smtpd[]: private/rewrite socket: wanted attribute: recipient
postfix/smtpd[]: input attribute name: recipient
postfix/smtpd[]: input attribute value: [email protected]

postfix/smtpd[]: resolve_clnt: `' -> `[email protected]' -> transp=`lmtp' host=`unix:private/dovecot-lmtp' rcpt=`[email protected]' flags= class=virtual

# 2. Tries to lookup on MySQL [email protected] (acording to virtual_alias_maps)

postfix/smtpd[]: dict_mysql_lookup: retrieved 1 rows
postfix/smtpd[]: maps_find: virtual_alias_maps: mysql:/etc/postfix/virtual/mysql-alias-maps.cf(0,lock|fold_fix): [email protected] = [email protected]
postfix/smtpd[]: mail_addr_find: [email protected] -> [email protected]

# 3. It knows it should be delivered to another address...

postfix/smtpd[]: report recipient to all milters (flags=0x0)
postfix/smtpd[]: milter_macro_lookup: "i"
postfix/smtpd[]: milter_macro_lookup: "{rcpt_addr}"
postfix/smtpd[]: ctable_locate: leave existing entry key [email protected]
postfix/smtpd[]: milter_macro_lookup: result "[email protected]"
postfix/smtpd[]: milter_macro_lookup: "{rcpt_host}"
postfix/smtpd[]: ctable_locate: leave existing entry key [email protected]
postfix/smtpd[]: milter_macro_lookup: result "unix:private/dovecot-lmtp"
postfix/smtpd[]: milter_macro_lookup: "{rcpt_mailer}"
postfix/smtpd[]: ctable_locate: leave existing entry key [email protected]
postfix/smtpd[]: milter_macro_lookup: result "lmtp"

# 4. Is it still trying to deliver on [email protected]?? 

postfix/smtpd[]: milter8_rcpt_event: milter inet:localhost:12301: rcpt <[email protected]>
postfix/smtpd[]: event: SMFIC_RCPT; macros: {rcpt_addr}[email protected] {rcpt_host}=unix:private/dovecot-lmtp {rcpt_mailer}=lmtp
postfix/smtpd[]: reply: SMFIR_CONTINUE data 0 bytes

# After a while it delivers the error notification

postfix/pipe[]: 2E2CA2E2DB3: to=<[email protected]>, orig_to=<[email protected]>, relay=spamassassin, delay=0.63, delays=0.29/0/0/0.33, dsn=5.1.1, status=bounced (user unknown)
postfix/cleanup[]: 920F92E2DC3: message-id=<[email protected]>
postfix/bounce[]: 2E2CA2E2DB3: sender non-delivery notification: 920F92E2DC3

相关内容