意图
我们正在尝试使用sender_dependent_default_transport_mapspostfix 的功能根据from邮件地址使用不同的 SMTP 中继。目标是:
- 允许我们的合作伙伴使用自己的域名作为
from自动消息的电子邮件地址(例如[email protected]) - 确保发送的电子邮件
[email protected]确实到达用户手中(例如[email protected])
当前配置
我们当前的配置运行良好,但仅使用我们自己的 SMTP 服务器。
很/etc/postfix/master.cf简单,看起来像:
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
smtp unix - - y - - smtp
relay unix - - y - - smtp
内容/etc/postfix/main.cf如下:
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_tls_cert_file=<path to PEM>
smtpd_tls_key_file=<path to KEY>
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = appserver.provider.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, appserver, localhost.localdomain, , localhost
relayhost = mail.provider.com:465
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
smtp_sasl_mechanism_filter =
smtp_sasl_security_options =
smtp_tls_security_level = encrypt
smtp_tls_wrappermode = yes
smtp_tls_mandatory_ciphers = high
canonical_maps = hash:/etc/postfix/canonical_maps
sender_canonical_maps = hash:/etc/postfix/sender_canonical_maps
header_checks = regexp:/etc/postfix/header_checks
尝试配置
为了实现目标,我尝试了以下配置。
- 更新
main.cf:- 删除行
relayhost = mail.provider.com:465 - 添加一行
sender_dependant_default_transport_maps = hash:/etc/postfix/sender_dependant_default_transport.map
- 删除行
添加
/etc/postfix/sender_dependant_default_transport.map以下内容:@partner1.com : smtp.partner1.com @provider.com : mail.provider.com:465生成地图数据库:
sudo postmap /etc/postfix/sender_dependant_default_transport.map- 重新启动服务:
sudo service postfix restart
结果
发送@provider.com至@provider.com
电子邮件未发送:
postfix/smtpd[3011]: connect from localhost[127.0.0.1]
postfix/smtpd[3011]: 3BE61178E1E: client=localhost[127.0.0.1]
postfix/cleanup[3032]: 3BE61178E1E: message-id=<[email protected]>
postfix/qmgr[2997]: 3BE61178E1E: from=<[email protected]>, size=376, nrcpt=1 (queue active) postfix/smtp[3033]: connect to mx2.provider.com[<IPv6>]:25: Network is unreachable
postfix/smtp[3033]: SSL_connect error to mx1.provider.com[<IPv4>]:25:
postfix/smtp[3033]: warning: TLS library problem: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794: postfix/smtp[3033]: 3BE61178E1E: Cannot start TLS: handshake failure postfix/smtp[3033]: SSL_connect error to mx2.provider.com[<IPv4>]:25: -1 postfix/smtp[3033]: warning: TLS library problem: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
postfix/smtp[3033]: 3BE61178E1E: Cannot start TLS: handshake failure
postfix/smtp[3033]: SSL_connect error to mx3.provider.com[<IPv4>]:25:
postfix/smtp[3033]: warning: TLS library problem: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794: postfix/smtp[3033]: 3BE61178E1E: Cannot start TLS: handshake failure postfix/smtp[3033]: connect to mx1.provider.com[<IPv6>]:25: Network is unreachable
postfix/smtp[3033]: 3BE61178E1E: to=<[email protected]>, relay=none, delay=19, delays=18/0.01/0.54/0, dsn=4.4.1, status=deferred (connect to mx1.provider.com[<IPv6>]:25: Network is unreachable)
发送@partner1.com至@provider.com
电子邮件未发送:
postfix/smtpd[3237]: connect from localhost[127.0.0.1]
postfix/smtpd[3237]: 6234B178E1E: client=localhost[127.0.0.1]
postfix/cleanup[3252]: 6234B178E1E: message-id=<[email protected]>
postfix/qmgr[2997]: 6234B178E1E: from=<[email protected]>, size=368, nrcpt=1 (queue active) postfix/smtp[3253]: connect to mx3.provider.com[<IPv6>]:25: Network is unreachable
postfix/smtp[3253]: SSL_connect error to mx2.provider.com[<IPv4>]:25: -1
postfix/smtp[3253]: warning: TLS library problem: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794: postfix/smtp[3253]: 6234B178E1E: Cannot start TLS: handshake failure postfix/smtp[3253]: connect to mx1.provider.com[<IPv6>]:25: Network is unreachable
postfix/smtp[3253]: SSL_connect error to mx3.provider.com[<IPv4>]:25: -1
postfix/smtp[3253]: warning: TLS library problem: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794: postfix/smtp[3253]: 6234B178E1E: Cannot start TLS: handshake failure postfix/smtp[3253]: connect to mx2.provider.com[<IPv6>]:25: Network is unreachable
postfix/smtp[3253]: 6234B178E1E: to=<[email protected]>, relay=none, delay=16, delays=16/0.01/0.33/0, dsn=4.4.1, status=deferred (connect to mx2.provider.com[<IPv6>]:25: Network is unreachable)
实际问题
抱歉,介绍太长了,但我想确保我的介绍很全面。
看起来:
- 配置更改
main.cf被采纳,因为 postfix 不再尝试使用默认中继,mail.provider.com而是默认使用 MX 记录 - 根本
sender_dependant_default_transport_maps没用
如何确认它确实被使用了?会不会是其他原因?
根据重新启动时的 postfix 日志,未使用该参数:
postfix[4582]: /usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: sender_dependant_default_transport_maps=hash:/etc/postfix/sender_dependant_default_transport_maps
但它确实告诉了我为什么不使用它..
答案1
最后只是一个拼写错误:
sender_dependant_default_transport_maps不存在,而正确的拼写是sender_dependent_default_transport_maps