![CentOS 6.4 [postfix+dovecot] 可以发送外部邮件但不能接收](https://linux22.com/image/802714/CentOS%206.4%20%5Bpostfix%2Bdovecot%5D%20%E5%8F%AF%E4%BB%A5%E5%8F%91%E9%80%81%E5%A4%96%E9%83%A8%E9%82%AE%E4%BB%B6%E4%BD%86%E4%B8%8D%E8%83%BD%E6%8E%A5%E6%94%B6.png)
我正在尝试在托管 weberver 的 centos 6.4 VPS 上设置带有 postfix、dovecot 和 roundcube/thunderbird 的邮件服务器...我遇到了这种情况:我可以正常发送和接收内部邮件。我可以正常发送外部邮件。但是我不能接收外部邮件。
这是我的配置,请帮我找出错误所在。
后配置-n
[root@server ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mailbox_command =
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = mail.dvdplaza.org, dvdplaza.org, localhost
mydomain = dvdplaza.org
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relay_domains = $mydestination, dvdplaza.org
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated permit_mx_backup
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_type = cyrus
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
主机名、邮件名和主机
[root@server ~]# tail /etc/hostname
#vmi15086.contabo.net
server.dvdplaza.org
#mail.dvdplaza.org
[root@server ~]# tail /etc/mailname
#vmi15086.contabo.net
mail.dvdplaza.org
[root@server ~]# tail /etc/hosts
127.0.0.1 dvdplaza.org server localhost localhost.localdomain
::1 localhost.localdomain localhost6 localhost server
#193.37.152.191 vmi15086.contabo.net vmi15086 server
193.37.152.191 dvdplaza.org server
#193.37.152.191 mail.dvdplaza.org mail
这是对我的 DNS 的分析,它显示了一个 SOA 问题,我不知道这个 SOA 问题是否与未收到外部邮件有关,是吗?
http://dnscheck.pingdom.com/?domain=dvdplaza.org×tamp=1373033981&view=1
当我从 Gmail 向我的服务器发送测试邮件时,通常会在几个小时后返回 Gmail 报告:
This is an automatically generated Delivery Status Notification
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipient has been delayed:
[email protected]
Message will be retried for 2 more day(s)
Technical details of temporary failure:
The recipient server did not accept our requests to connect. Learn more at http://support.google.com/mail/bin/answer.py?answer=7720
[(10) mail.dvdplaza.org. [193.37.152.191]:25: Connection timed out]
----- Original message -----
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type;
bh=fs5BZXsmeKZqyvz3lvwzDvtNXXhjQV7YMmXk8eqya6w=;
b=LrOy9McpY2N+d5D8/LfclSSEQmc7tw+8z4U6aMediQ/P/UcOLuRc/7fcnINB3owUYG
/QQPUkiFidvYfGITavd0GP9WsaJ768UKFh8vDfrpkjzmgMVezOV5Mvc5cgmtqv6egWaj
ySlq30TL5NTdep3oalJ9bbS6h+hQSzLfNiVdZHyzMzzUGi+obctncvSdrmYY/gV713ug
/jLxYuTb1XZ9hSeIlvJKXZXaQ/oVqfdipXgTGNYdcYJnF+WoxFNPJqaBB562yxe9VGCx
ixKTyb49BZ30WMc3nACHfVqsWFHwGDeoEDcfHUykvoKTzotATVdgyVCcUr7msNDjrbUN
Lddg==
MIME-Version: 1.0
X-Received: by 10.180.80.6 with SMTP id n6mr19727998wix.59.1372893611365; Wed,
03 Jul 2013 16:20:11 -0700 (PDT)
Received: by 10.194.122.165 with HTTP; Wed, 3 Jul 2013 16:20:11 -0700 (PDT)
In-Reply-To: <CAPSKjGdzZhsfxPgXykCyT6d3gzx4=DjpOBGiZEt5kjWNNNWHmQ@mail.gmail.com>
References: <[email protected]>
<CAPSKjGdzZhsfxPgXykCyT6d3gzx4=DjpOBGiZEt5kjWNNNWHmQ@mail.gmail.com>
Date: Wed, 3 Jul 2013 20:20:11 -0300
Message-ID: <CAPSKjGcNrgo-bKbih6xmjTOh5O1UYnaThjtOvhSGVD_rw+2V_A@mail.gmail.com>
Subject: Re: Test message from Roundcube
From: frytec <[email protected]>
To: [email protected]
Content-Type: multipart/alternative; boundary=14dae9cc955c0519ac04e0a3b46c
编辑
[root@server ~]# iptables -L 输入 -v -n
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- !lo * 8.8.4.4 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp -- !lo * 8.8.4.4 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- !lo * 8.8.4.4 0.0.0.0/0 tcp spt:53
2 142 ACCEPT udp -- !lo * 8.8.4.4 0.0.0.0/0 udp spt:53
0 0 ACCEPT tcp -- !lo * 8.8.8.8 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp -- !lo * 8.8.8.8 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- !lo * 8.8.8.8 0.0.0.0/0 tcp spt:53
133 14101 ACCEPT udp -- !lo * 8.8.8.8 0.0.0.0/0 udp spt:53
374K 34M LOCALINPUT all -- !lo * 0.0.0.0/0 0.0.0.0/0
6534 1094K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
120K 5585K INVALID tcp -- !lo * 0.0.0.0/0 0.0.0.0/0
286K 18M ACCEPT all -- !lo * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
17 964 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
2 104 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 284 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9091
49 2548 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:51413
30 1352 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:30000:35000
0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
61759 7853K ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:51413
8 860 ACCEPT icmp -- !lo * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5
0 0 ACCEPT icmp -- !lo * 0.0.0.0/0 0.0.0.0/0 icmp type 0 limit: avg 1/sec burst 5
0 0 ACCEPT icmp -- !lo * 0.0.0.0/0 0.0.0.0/0 icmp type 11
3 634 ACCEPT icmp -- !lo * 0.0.0.0/0 0.0.0.0/0 icmp type 3
2982 308K LOGDROPIN all -- !lo * 0.0.0.0/0 0.0.0.0/0
[root@server ~]# netstat -lanp | grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1561/master
tcp 0 0 :::25 :::* LISTEN 1561/master
udp 0 0 2a02:c200:0:10:250:56f:51413 :::* 1092/transmission-d
unix 2 [ ACC ] STREAM LISTENING 9925 1561/master public/flush
更新:mxtoolbox 的新状态
SMTP Reverse Banner Check OK - 193.37.152.191 resolves to ip-191-152-37-193.static.contabo.net
SMTP Reverse DNS Mismatch Warning - Reverse DNS does not match SMTP Banner Ignore
SMTP TLS Warning - Does not support TLS. Ignore
SMTP Connection Time 0 seconds - Good on Connection time
SMTP Open Relay OK - Not an open relay.
SMTP Transaction Time 15.152 seconds - Not good! on Transaction Time Ignore
Session Transcript:
SendSMTPCommand: Timeout waiting for response after 15 seconds.
MXTB-PWS3v2 16335ms
答案1
很明显,防火墙没有打开 25 号端口。请打开该端口以接收入站流量。
答案2
看起来好像有什么东西(防火墙/ISP)阻塞了 25 端口。您能显示以下命令的输出吗?
# iptables -L INPUT -v -n
# netstat -lanp | grep 25
答案3
我建议在端口 25 上的 ext 接口上运行 tcpdump,看看是否有数据包到达你的系统
# tcpdump -nnpi eth0 tcp port 25