MTA(postfix)在双域配置的一个域中继上失败

MTA(postfix)在双域配置的一个域中继上失败

我希望 MTA 从 2 个域发送电子邮件,由同一服务器发出。eEmail 从一个域发送,但从另一个域发送失败。

我的应用服务器以以下方式生成 smtp 电子邮件我的域名或者mydomainother.com

应用服务器继续存在

ipv4: 1.1.1.1 ipv6: 1111:1111:...0001

并将页面作为 mydomainother.com 提供

无论哪种方式,它都会发送到服务器 2 上的同一个 MTA

mta 住在

ipv4: 1.1.1.2 ipv6: 1111:1111:...0002

mydomain.com 的宣传网站位于 ipv4:1.1.1.3

mydomain.com 的邮件服务器是 outlook(不要嘲笑,我没有选择)

MTA 是 postfix,带有 opendkim 插件。它能正确接收和转发 mydomainother.com 的邮件。当从 mydomain.com 转发邮件时会失败,因为 google SPF 失败导致邮件被退回

mydomainother.com 具有以下 DNS 条目:

inventryanywhere.co.uk. 14400   IN  TXT v=spf1 mx a ip4:1.1.1.1/32 ip4:1.1.1.2 ip6:1111:1111:...0002/128 ?all
dkim._domainkey.mydomainother.com.  600 IN  TXT v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt79QysuOC7QU2h0w7eKSZyptVkZkPD/zqTqmzq3ZNpqz5YmunBatGhESYea5RX51CpQHbcH0gmAN0tXvz7jCIi+2xyDyVe+Ay/EW4D72DNU+a0Ckr6lPdsS0lpNg7A8/RzDO4+m2n1E7ZrImFp+3MZz6q5pQPm5DzqOoDCTTRnQIDAQAB; s=email

(请记住,这些都很棒 - 这是系统日志:)

nginxstaff postfix/smtpd[3388]: connect from mydomainother.com[1.1.1.1]
nginxstaff postfix/smtpd[3388]: B723B3F875: client=mydomainother.com[1.1.1.1]
nginxstaff postfix/cleanup[3390]: B723B3F875: message-id=<[email protected]>
nginxstaff opendkim[3595]: B723B3F875: DKIM-Signature field added (s=mail, d=mydomainother.com)
nginxstaff postfix/qmgr[17564]: B723B3F875: from=<[email protected]>, size=602, nrcpt=1 (queue active)
nginxstaff postfix/smtpd[3388]: disconnect from mydomainother.com[1.1.1.1] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
nginxstaff postfix/smtp[3292]: B723B3F875: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[108.177.96.27]:25, delay=0.61, delays=0.11/0/0.06/0.44, dsn=2.0.0, status=sent (250 2.0.0 OK 1487950134 h61si10727491wrh.186 - gsmtp)
nginxstaff postfix/qmgr[17564]: B723B3F875: removed

另一个域名在 SPF 上失败,这是我为该域名设置的 DNS:

mydomain.com.   14400   IN  TXT v=spf1 ip4:181.224.128.60 mx a ip4:1.1.1.1/32 ip4:1.1.1.2 ip6:1111:1111:...0002/128 include:outlook.com ~all
mail._domainkey.mydomain.com.   600 IN  TXT v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt79QysuOC7QU2h0w7eKSZyptVkZkPD/zqTqmzq3ZNpqz5YmunBatGhESYea5RX51CpQHbcH0gmAN0tXvz7jCIi+2xyDyVe+Ay/EW4D72DNU+a0Ckr6lPdsS0lpNg7A8/RzDO4+m2n1E7ZrImFp+3MZz6q5pQPm5DzqOoDCTTRnQIDAQAB; s=email

因此,基本上,由于电子邮件将从相同的 MTA 和应用服务器发出,因此两个域的 SPF 和 DNS 条目都是重复的。那么为什么从 mydomain.com 发送会这样做:

nginxstaff postfix/smtpd[4905]: connect from mydomainother.com[1.1.1.1]
nginxstaff postfix/smtpd[4905]: 8E1C53F875: client=mydomainother.com[1.1.1.1]
nginxstaff postfix/cleanup[4908]: 8E1C53F875: message-id=<[email protected]>
nginxstaff opendkim[3595]: 8E1C53F875: DKIM-Signature field added (s=mail, d=mydomain.com)
nginxstaff postfix/qmgr[17564]: 8E1C53F875: from=<[email protected]>, size=594, nrcpt=1 (queue active)
nginxstaff postfix/smtpd[4905]: disconnect from mydomainother.com[1.1.1.1] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
nginxstaff postfix/smtp[4909]: 8E1C53F875: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[2a00:1450:4013:c03::1b]:25, 
delay=0.61, delays=0.09/0.01/0.08/0.43, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[2a00:1450:4013:c03::1b] said: 
550-5.7.1 [1111:1111:...0002] Our system has detected that 550-5.7.1 this message does not meet IPv6 sending guidelines regarding 
PTR 550-5.7.1 records and authentication. Please review 550-5.7.1  https://support.google.com/mail/?p=IPv6AuthError 
for more information 550 5.7.1 . r30si10098207wrc.146 - gsmtp (in reply to end of DATA command))
nginxstaff postfix/cleanup[4908]: 304423F878: message-id=<20170224154810.304423F878@servername>
nginxstaff postfix/qmgr[17564]: 304423F878: from=<>, size=3511, nrcpt=1 (queue active)
nginxstaff postfix/bounce[4910]: 8E1C53F875: sender non-delivery notification: 304423F878
nginxstaff postfix/qmgr[17564]: 8E1C53F875: removed

相关内容