Postfix 发送电子邮件延迟

tag-icon tag-icon email postfix ubuntu-16.04 amazon-lightsail
Postfix 发送电子邮件延迟

我在 Amazon Lightsail 上运行 Ubuntu 16.04。我只是配置了 Postfix 来发送电子邮件。

  • 如果我几个小时后发送电子邮件,则会立即收到。

  • 如果我一次发送多封电子邮件,这些电子邮件会延迟大约 10-30 分钟。

问题:

  1. 如何解决延迟问题以便立即发送电子邮件?
  2. 如何确保本地应用程序发送给用户(root 和 ubuntu)的所有电子邮件都发送到具有相同域的外部电子邮件?

我的配置:

/etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.x.x.x
search ec2.internal

/etc/hosts

127.0.0.1       localhost
127.0.1.1       webserver.DOMAIN-NAME.com webserver
3x.x.x.x        webserver.DOMAIN-NAME.com webserver #3.x.x.x is the IP that is mentioned in domain DNS

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

/etc/主机名

webserver

/etc/别名

postmaster:    root
root:          [email protected]

/etc/postfix/main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = webserver.DOMAIN-NAME.com
mydomain = DOMAIN-NAME.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
#myorigin = /etc/mailname
myorigin = $mydomain
#mydestination = $myhostname, DOMAIN-NAME.com, webserver.DOMAIN-NAME.com, localhost.DOMAIN-NAME.com, localhost
mydestination =
#relayhost =
relayhost = $mydomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
#inet_interfaces = all
inet_interfaces = loopback-only
#inet_protocols = all
inet_protocols = ipv4

/var/log/mail.log

May  1 02:17:15 webserver postfix/smtp[6105]: 0287CC775F: to=<[email protected]>, relay=alt1.aspmx.l.google.com[64.233.190.27]:25, delay=531, delays=465/0.01/64/1.9, dsn=2.0.0, status=sent (250 2.0.0 OK 1493605035 h2si13051738qte.100 - gsmtp)
May  1 02:17:15 webserver postfix/qmgr[6102]: 0287CC775F: removed
May  1 02:17:40 webserver postfix/smtp[6107]: connect to alt1.aspmx.l.google.com[64.233.190.27]:25: Connection timed out
May  1 02:17:40 webserver postfix/smtp[6108]: connect to alt1.aspmx.l.google.com[64.233.190.27]:25: Connection timed out
May  1 02:18:10 webserver postfix/smtp[6108]: connect to aspmx2.googlemail.com[64.233.190.27]:25: Connection timed out
May  1 02:18:10 webserver postfix/smtp[6107]: connect to aspmx3.googlemail.com[209.85.203.26]:25: Connection timed out
May  1 02:18:40 webserver postfix/smtp[6108]: connect to aspmx3.googlemail.com[209.85.203.26]:25: Connection timed out
May  1 02:18:40 webserver postfix/smtp[6107]: connect to aspmx2.googlemail.com[64.233.190.27]:25: Connection timed out
May  1 02:18:40 webserver postfix/smtp[6108]: CBE50C77C6: to=<[email protected]>, relay=none, delay=7845, delays=7695/0.02/150/0, dsn=4.4.1, status=deferred (connect to aspmx3.googlemail.com[209.85.203.26]:25: Connection timed out)
May  1 02:18:40 webserver postfix/smtp[6107]: 2266DC775D: to=<[email protected]>, relay=none, delay=174, delays=24/0.01/150/0, dsn=4.4.1, status=deferred (connect to aspmx2.googlemail.com[64.233.190.27]:25: Connection timed out)
May  1 02:20:02 webserver postfix/scache[6110]: statistics: start interval May  1 02:16:41
May  1 02:20:02 webserver postfix/scache[6110]: statistics: domain lookup hits=0 miss=1 success=0%
May  1 02:20:02 webserver postfix/scache[6110]: statistics: address lookup hits=0 miss=2 success=0%
May  1 02:20:02 webserver postfix/scache[6110]: statistics: max simultaneous domains=1 addresses=1 connection=1
May  1 02:26:10 webserver postfix/qmgr[6102]: 2266DC775D: from=<[email protected]>, size=425, nrcpt=1 (queue active)
May  1 02:26:10 webserver postfix/smtp[6138]: 2266DC775D: to=<[email protected]>, relay=aspmx.l.google.com[209.85.201.26]:25, delay=625, delays=624/0.01/0.09/0.18, dsn=2.0.0, status=sent (250 2.0.0 OK 1493605570 p15si12740899qta.122 - gsmtp)
May  1 02:26:10 webserver postfix/qmgr[6102]: 2266DC775D: removed

答案1

Amazon Lightsail 是一款面向 Web 应用程序开发人员的低端低价云 VPS 解决方案。Lightsail 文档与选择和配置 Web 服务器和 CMS 平台有关。虽然没有明确说明,但显然 Lightsail 并非电子邮件服务器。甚至您的服务器的名称也是webserver

Web 应用程序可能偶尔会发送电子邮件。因此,SMTP 端口 25 并未完全被阻止,而是有限制。对于独立 SMTP 服务器,您的 Postfix 配置没问题,但显示了mail.log正在发生的事情:达到限制后,SMTP 连接会超时,邮件会被deferred推迟到以后再尝试。RFC 3463基于SMTP 状态代码 dsn=4.4.1也说了同样的话:

4.4.1 收件人的服务器没有响应

这是来自您服务器的错误,表示收件人的服务器没有响应。您的服务器将自动重试几次 - 次数取决于您的服务器的配置方式。

您在评论中提到,这种情况只发生在 Ubuntu 上的 Postfix 上,而不会发生在 Amazon Linux 上的 Sendmail 上。我对 Amazon Linux 和 Amazon 不太熟悉塞拉利昂但我猜想 Amazon Linux Sendmail 可能已将 Amazon SES 预配置为中继。将 Amazon SES 与 Postfix 集成, 也。

正如您所看到的relayhost = $mydomain,您可能正在尝试将所有邮件转发到您域的外部邮件服务器,这是理所当然的。但是,端口限制25并不例外,您的外部 MTA 也是如此。因此,您应该使用消息提交代理(端口587)代替

  1. 您必须在电子邮件服务器中配置 MSA。如果也是 Postfix,则应该有/etc/postfix/master.cf以未注释部分开头的部分submission

     submission inet n       -       -       -       -       smtpd
   -o syslog_name=postfix/submission
   -o smtpd_tls_security_level=encrypt
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
   -o milter_macro_daemon_name=ORIGINATING

  2. 配置您的 Lightsailrelayhost以使用提交端口和身份验证main.cf

     relayhost = $mydomain:587
 # Alternative example without DNS MX lookup:
 # relayhost = [mail.example.com]:587
 smtp_sasl_auth_enable = yes
 smtp_sasl_security_options = noanonymous
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 smtp_use_tls = yes
 smtp_tls_security_level = encrypt
 smtp_tls_note_starttls_offer = yes

  3. /etc/postfix/sasl_passwd是一个伯克利数据库hash:)用于向邮件网关服务器进行身份验证的用户名和密码信息。示例:

     # destination                   credentials
 [mail.example.com]              username:password
 # Alternative form:
 # [mail.example.com]:submission username:password

有关详细信息,请参阅Postfix SASL 操作指南

相关内容