![postfix/smtpd 错误:收件人地址被拒绝:[smtp.sendgrid.net]:2525](https://linux22.com/image/745725/postfix%2Fsmtpd%20%E9%94%99%E8%AF%AF%EF%BC%9A%E6%94%B6%E4%BB%B6%E4%BA%BA%E5%9C%B0%E5%9D%80%E8%A2%AB%E6%8B%92%E7%BB%9D%EF%BC%9A%5Bsmtp.sendgrid.net%5D%EF%BC%9A2525.png)
我正在尝试找出 Google Cloud Platform 上的邮件服务器出了什么问题。
问题是,没有一个用户能够发送外置邮件,但是他们可以互相发送/接收电子邮件,尽管他们位于同一服务器上的不同域中,而且邮件也可以发送到外置邮件进入互联网。
一些背景知识:我在 Google Cloud Platform 上设置了一个 VM,盒子运行 CentoOS7,盒子带有一个专用 IP 和一个内部 IP。“CentOS 网络面板”用于管理几个不同的网站。除了盒子外的邮件传递外,与网站相关的所有功能都运行正常。
我利用了此链接 在所述实例上集成 sendgrid。
因为 GPC 不允许 VM 使用端口 25 发送电子邮件,所以我订阅了 GCP 上的一个电子邮件提供商 sendgrid,并获得了它的 SMTP URL,该 URL 可以使用 VM 的阻止端口之外的任何端口
目前下面是我的 postfix main.cf 的内容
# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ***** Unused items removed *****
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
587 inet n - - - - smtpd
2525 inet n - - - - smtpd
# -o content_filter=smtp-amavis:127.0.0.1:10024
# -o receive_override_options=no_address_mappings
#
## Enable SMTP on port 587 only for authenticated/TLS clients
submission inet n - n - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_recipient_restrictions=permit_mynetworks, permit_sasl_authenticated,reject
#
## Enable SMTP on port 465 only for authenticated/SSL clients
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
#
pickup fifo n - n 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
# pages of the non-Postfix software to find out what options it wants.
# ====================================================================
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
# spam/virus section
#
smtp-amavis unix - - y - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - y - - smtpd
-o content_filter=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o receive_override_options=no_header_body_checks
-o smtpd_helo_required=no
-o smtpd_client_restrictions=
-o smtpd_restriction_classes=
-o disable_vrfy_command=no
-o strict_rfc821_envelopes=yes
#
# Dovecot LDA
dovecot unix - n n - - pipe
flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d ${recipient}
#
# SPF check
spfpolicy unix - n n - - spawn
user=nobody argv=/usr/bin/python /usr/libexec/postfix/policyd-spf
下面是我的 main.cf,如下所示
# uncomment for debugging if needed
#soft_bounce=yes
# postfix main
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4
# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
# network settings
inet_interfaces = all
inet_protocols = ipv4
mydomain = domain.com
myhostname = srv1.domain.com
mynetworks = 127.0.0.0/8 [::1]/128 30.0.0.0/32
mydestination = $mydomain, localhost.$mydomain, localhost
relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf
# mail delivery
recipient_delimiter = +
# mappings
alias_maps = hash:/etc/aliases
transport_maps = hash:/etc/postfix/transport
#local_recipient_maps =
# virtual setup
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_default_maps.cf, proxy:mysql:/etc/postfix/mysq$
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/mysql-vi$
virtual_minimum_uid = 101
virtual_uid_maps = static:101
virtual_gid_maps = static:12
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
# debugging
debug_peer_level = 3
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $mydomain, srv1.domain.com
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_recipient_restrictions =permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = reject_unknown_sender_domain
# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
# Change mail.example.com.* to your host name
smtpd_tls_key_file = /etc/pki/tls/private/hostname.key
smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.bundle
# rules restrictions
smtpd_helo_restrictions =
smtpd_sender_restrictions =
# uncomment for realtime black list checks
# ,reject_rbl_client zen.spamhaus.org
# ,reject_rbl_client bl.spamcop.net
# ,reject_rbl_client dnsbl.sorbs.net
smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
# Other options
message_size_limit = 204800000
mailbox_size_limit = 2048000000
# Vacation Scripts
vacation_destination_recipient_limit = 1
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_vacation.cf
# smtpd_milters setting
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} {auth_type}
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
milter_protocol = 6
# specify SMTP relay host
default_transport = error
relay_transport = error
relayhost = [smtp.sendgrid.net]:2525
smtp_tls_security_level = encrypt
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
header_size_limit = 4096000
smtp_sasl_security_options = noanonymous
smtp_sasl_mechanism_filter = login
smtpd_banner = $myhostname
内容>postconf -n如下:
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 3
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $proces s_id & sleep 5
default_transport = error
delay_warning_time = 4
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
header_size_limit = 4096000
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailbox_size_limit = 2048000000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 204800000
milter_default_action = accept
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} {auth_type}
milter_protocol = 6
mydestination = $mydomain, localhost.$mydomain, localhost
mydomain = domain.com
myhostname = srv1.domain.com
mynetworks = 127.0.0.0/8 [::1]/128 30.0.0.0/32
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
queue_directory = /var/spool/postfix
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_vacation.cf
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf
relay_transport = error
relayhost = [smtp.sendgrid.net]:2525
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = login
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = encrypt
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_banner = $myhostname
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain, srv1.domain.com
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.bundle
smtpd_tls_key_file = /etc/pki/tls/private/hostname.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
vacation_destination_recipient_limit = 1
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_default_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp
virtual_gid_maps = static:12
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_pipe_maps.cf
virtual_minimum_uid = 101
virtual_transport = dovecot
virtual_uid_maps = static:101
每当我尝试从 Round Cube 向服务器外部的 gmail/yahoo 等发送邮件时,我都会在 RoundCube 界面中收到以下错误,
SMTP Error (550): Failed to add recipient "[email protected]" (5.1.1 <[email protected]>: Recipient address rejected: [smtp.sendgrid.net]:2525).
在邮件日志中tail -f /var/log/maillog
我收到以下部分错误:
host postfix/smtpd[31362]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 <[email protected]>: Recipient address rejected: [smtp.sendgrid.net]:2525; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<localhost>
答案1
您无法向外发送电子邮件,因为 Google Cloud 在您的 SendGrid 案例中使用了第三方中继。所有配置都是完美的。只是即使您设置了第三方传输,您的 PostFix 仍会使用默认传输。这就是为什么您应该忽略 Default_Transport 错误,以便让您的 Postfix 继续查看您的第三方中继。
通过在两行开头添加“#”井号符号来注释掉 main.conf 中的这些行。
“#default_transport = 错误”
“#relay_transport = 错误”
然后重新启动 postfix。
sudo 服务 postfix 重启
您可以出发了。
答案2
您是否正确打开了端口 2525 的防火墙规则?您可以使用任何其他电子邮件(非 @gmail.com)重现该错误吗?
该错误表明收件人不存在。它格式不正确或可能表明收件人可能由于严格的垃圾邮件政策而阻止该电子邮件。
请注意,从实例发送电子邮件时,端口 25 始终被阻止且无法使用,即使通过使用 G Suite 的 SMTP 中继也是如此。