我正在尝试将 Exchange 2016 服务器设置Postfix
为智能主机。目前,我已成功将邮件从互联网中继到 Exchange,但出站中继不起作用。
我正在寻找最简单的设置,以便从本质上使该框成为 Exchange 2016 的邮件代理。
mx1.example.com
== Exchange 服务器(A 记录)mailfw01.example.com
== 此 Postfix 服务器(A 记录)example.com. MX mailfw01.example.com.
(MX 记录)
入站邮件流(在当前配置中有效):
- 任何域 ->
mailfw01.example.com:25
->mx1.example.com:50510
- (发件人)->(进入 Postfix 端口 25)->(进入 Exchange 端口 50510)
出站邮件(不起作用):
- Exchange -> Postfix -> 任何远程域
- 将出站连接器作为智能主机交换到 Postfix -> Postfix(?) -> 收件人
以下是我的 postfix 配置:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks, reject_unauth_destination
myhostname = mailfw01.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mailfw01.example.com, mailfw1.example.com, example.com, localhost.localdomain, localhost
relayhost = mx1.example.com:50510
mynetworks = 0.0.0.0/0
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
#added lines
mydomain = example.com
relay_domains = $mydestination
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_mynetworks,\
reject_unauth_destination,reject_invalid_hostname,\
reject_unauth_pipelining,reject_non_fqdn_sender, \
reject_unknown_recipient_domain,reject_unknown_sender_domain
transport_maps = hash:/etc/postfix/transport
relay_recipient_maps =
local_recipient_maps =
compatibility_level = 2
答案1
您的问题是您正在将出站邮件发送回 Exchange:
relayhost = mx1.example.com:50510
清空您的relayhost
,因为入站邮件可能会使用transport_maps
找到正确的下一跳目的地。
您当前配置的另一个问题是,您现在接受邮件*@example.com
并且不使用连接阶段拒绝对于不存在的邮箱,就像直接投递到 Exchange 一样。这可能会导致发送反向散射未送达通知。
Postfix 需要知道现有的邮箱。这可以通过以下方式实现relay_recipient_maps
,但需要手动维护。但这与Postfix 电子邮件防火墙/网关。