我在 Postfix 中设置别名“support-notify”时遇到问题。
收件人地址被拒绝:拒绝访问;
我在 Ubuntu 18.04 LTS 上运行带有 OpenDKIM、OpenDMARC、Policyd-SPF 和 Dovecot 的 Postfix。
该映射在 /etc/aliases 中如下所示
support-notify: user1, user2, user3
用户 support-notify 不存在,而 users1-3 是服务器上拥有邮箱的实际用户。
我已包含postconf -n如下内容。
postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
disable_vrfy_command = yes
inet_interfaces = all
inet_protocols = all
invalid_hostname_reject_code = 554
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mailbox_size_limit = 0
milter_default_action = accept
milter_protocol = 2
multi_recipient_bounce_reject_code = 554
mydestination = $myhostname, mail.domain.com, support-mgmt.domain.com, domain.com, localhost.$mydomain, localhost, 10.0.0.0/16
myhostname = mail.domain.com
mynetworks = 127.0.0.0/8 10.25.0.0/16 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
non_fqdn_reject_code = 554
non_smtpd_milters = unix:private/opendkim, inet:127.0.0.1:8892
readme_directory = no
recipient_delimiter = +
relay_domains_reject_code = 554
relayhost = [smtp.comcast.net]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_pipelining, check_policy_service unix:private/policy-spf, reject_rbl_client sbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client cbl.abuseat.org, permit
smtpd_helo_required = yes
smtpd_milters = unix:private/opendkim, inet:127.0.0.1:8892
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/mailcert.pem
smtpd_tls_key_file = /etc/ssl/private/mail.key
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
编辑 - 添加从连接到断开连接的完整日志,其中 x 是我的公共 IP,y 是我的私有 IP。感谢那些花时间美化这篇文章的人,我不知道如何在这个网站上格式化内容 :)
Sep 13 20:02:32 support-mgmt postfix/submission/smtpd[7505]: connect from c-x.x.x.x.hsd1.md.comcast.net[x.x.x.x]
Sep 13 20:02:33 support-mgmt policyd-spf[7508]: prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=x.x.x.x; helo=[y.y.y.y]; [email protected]; receiver=<UNKNOWN>
Sep 13 20:02:33 support-mgmt postfix/submission/smtpd[7505]: NOQUEUE: reject: RCPT from c-x.x.x.x.hsd1.md.comcast.net[x.x.x.x]: 554 5.7.1 <[email protected]>: Recipient address rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[y.y.y.y]>
Sep 13 20:02:33 support-mgmt postfix/submission/smtpd[7505]: disconnect from c-x.x.x.x.hsd1.md.comcast.net[x.x.x.x] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=5/7
答案1
您的/etc/aliases线路看起来没有问题,配置也同样没有问题。
alias_maps = hash:/etc/aliases
既然是hash:ie Berkeley DB,那你还记得这个命令吗:
postalias /etc/aliases
答案2
我决定放弃我的整个 postfix 配置并重建它以利用虚拟用户/域和 mysql 作为数据库。