我有一台运行 mailman 2.1.29 的 Google VM,它拒绝接收引用 Google Compute Services 名称 (new-xxxx.c.agile-being-nnnnnn.internal) 和“拒绝中继访问”的入站电子邮件。主机名已设置为活动 DNS 名称,/etc/hosts 文件也反映了这一点。但我不知道它从哪里得到了“agile-being”这个名称。
谢谢您的任何建议!
其他详细信息:操作系统 = Rocky 8.4,SMTP = Postfix 3.5.8
[日志摘录]
Jul 20 19:33:57 myhosts postfix/smtpd[207044]: 23FCD80062C8: client=mail-oi1-f182.google.com[209.85.167.182]
Jul 20 19:33:57 myhosts postfix/cleanup[207052]: 23FCD80062C8: message-id=<CACRzxksX7et7g68YEddA7fz92LqAswLKNtLM+CaX0EmXg0y
[email protected]>
Jul 20 19:33:57 myhosts postfix/qmgr[207037]: 23FCD80062C8: from=<[email protected]>, size=3610, nrcpt=1 (queue a
ctive)
Jul 20 19:33:57 myhosts postfix/smtpd[207044]: disconnect from mail-oi1-f182.google.com[209.85.167.182] ehlo=2 starttls=1 m
ail=1 rcpt=1 bdat=1 quit=1 commands=7
Jul 20 19:33:57 myhosts postfix/local[207053]: 23FCD80062C8: to=<[email protected]>, relay=local, delay=0.66, delays=0.56/0.01/
0/0.09, dsn=2.0.0, status=sent (delivered to command: /usr/lib/mailman/mail/mailman post myhosts)
Jul 20 19:33:57 myhosts postfix/qmgr[207037]: 23FCD80062C8: removed
Jul 20 19:33:59 myhosts postfix/smtpd[207044]: connect from localhost[::1]
Jul 20 19:33:59 myhosts postfix/smtpd[207044]: NOQUEUE: reject: RCPT from localhost[::1]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<myhosts.org>
Jul 20 19:33:59 myhosts postfix/smtpd[207044]: disconnect from localhost[::1] ehlo=1 mail=1 rcpt=0/1 rset=1 quit=1 commands=4/5
Jul 20 19:33:59 myhosts postfix/smtpd[207044]: connect from localhost[::1]
Jul 20 19:34:00 myhosts postfix/smtpd[207044]: NOQUEUE: reject: RCPT from localhost[::1]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<myhosts.org>
Jul 20 19:34:00 myhosts postfix/smtpd[207044]: disconnect from localhost[::1] ehlo=1 mail=1 rcpt=0/1 rset=1 quit=1 commands=4/5
[主文件]
compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
mydomain = myhosts.org
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
recipient_delimiter = +
smtpd_banner = myhosts.org ESMTP Server
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix/samples
readme_directory = /usr/share/doc/postfix/README_FILES
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_security_level = may
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:2525
smtpd_delay_reject = yes
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 554
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, regexp:/etc/postfix/helo.regexp, permit
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
check_client_access hash:/etc/postfix/helo_client_exceptions,
check_sender_access hash:/etc/postfix/sender_checks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
check_client_access hash:/etc/postfix/rbl_client_exceptions,
reject_unknown_hostname,
reject_unknown_client,
reject_unverified_recipient,
reject_unverified_sender,
reject_rbl_client bl.spamcop.net,
reject_rhsbl_client rhsbl.sorbs.net,
reject_rbl_client dul.dnsbl.sorbs.net
smtpd_enforce_tls = no
smtpd_tls_loglevel = 1
smtpd_use_tls = yes
smtpd_discard_ehlo_keywords =
答案1
该设置应包含 localhost 的 IP 地址,但有人从列表中mynetworks删除了 localhost 的主要地址。请恢复此设置。::1
例如:
mynetworks = [::1]/128, 127.0.0.0/8
也可以完全删除该mynetworks设置。在这种情况下,受信任的网络将是 localhost 以及与主机位于同一 LAN 上的网络(在 GCE 中,是共享 VPC 网络的虚拟机)。