Добрый день.
Делал почтовый сервер по этому гайду Вроде все запустилось.
Захожу в squirrelmai, отправляю письмо и мне пишут
ОШИБКА:
Когда пробую через телнет, то:
Сообщение не было отправлено. Ответ сервера:
Запрос прерван: ошибка при выполнении
451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error
telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 syakov.com ESMTP Postfix (Ubuntu)
EHLO testing
250- <имя домена>
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM <адрес почты>
501 5.5.4 Syntax: MAIL FROM:<address>
MAIL FROM: <адрес почты>
250 2.1.0 Ok
RCPT TO: <адрес почты>
451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error
421 4.4.2 <имя домена> Error: timeout exceeded
/var/log/mail.log
Sep 14 12:28:01 <домен> dovecot: auth-worker: mysql(localhost): Connected to database dbispconfig
В чем проблема никак понять не могу…
Sep 14 12:28:01 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7178, secured
Sep 14 12:28:01 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=117/1401
Sep 14 12:28:01 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7180, secured
Sep 14 12:28:01 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:28:31 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7187, secured
Sep 14 12:28:31 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:28:46 <домен> postfix/smtpd[7189]: connect from localhost[127.0.0.1]
Sep 14 12:29:01 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7196, secured
Sep 14 12:29:01 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:29:20 <домен> postfix/trivial-rewrite[7198]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:29:20 <домен> postfix/trivial-rewrite[7198]: warning: mysql:/etc/postfix/mysql-virtual_relaydomains.cf: table lookup problem
Sep 14 12:29:20 <домен> postfix/trivial-rewrite[7198]: warning: relay_domains lookup failure
Sep 14 12:29:32 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7202, secured
Sep 14 12:29:32 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:29:34 <домен> postfix/smtpd[7189]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:29:34 <домен> postfix/smtpd[7189]: warning: mysql:/etc/postfix/mysql-virtual_client.cf: table lookup problem
Sep 14 12:29:34 <домен> postfix/smtpd[7189]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error; from=<адрес почты> to=<адрес почты> proto=SMTP helo=<test>
Sep 14 12:30:01 <домен> dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Sep 14 12:30:01 <домен> postfix/smtpd[7229]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 14 12:30:01 <домен> postfix/smtpd[7229]: disconnect from localhost[127.0.0.1]
Sep 14 12:30:02 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7252, secured
Sep 14 12:30:02 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:30:05 <домен> postfix/trivial-rewrite[7198]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains
Sep 14 12:30:05 <домен> postfix/smtpd[7189]: warning: mysql:/etc/postfix/mysql-virtual_client.cf: table lookup problem
Sep 14 12:30:05 <домен> postfix/smtpd[7189]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error; from=<адрес почты> to=<admin@example.com> proto=SMTP helo=<test>
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: connect from localhost[127.0.0.1]
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: mysql:/etc/postfix/mysql-virtual_relaydomains.cf: table lookup problem
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: relay_domains lookup failure
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: warning: mysql:/etc/postfix/mysql-virtual_client.cf: table lookup problem
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error; from=<admin@example.com> to=<адрес почты> proto=ESMTP helo=<example.com>
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: lost connection after RCPT from localhost[127.0.0.1]
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: disconnect from localhost[127.0.0.1]
Sep 14 12:30:32 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7255, secured
Sep 14 12:30:32 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:30:46 <домен> postfix/smtpd[7189]: disconnect from localhost[127.0.0.1]
Sep 14 12:31:02 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7262, secured
Sep 14 12:31:02 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:31:32 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7285, secured
Sep 14 12:31:32 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Hello everyone, I have issues to receive external emails to my zimbra emails accounts. in the example I sent an email from Hotmail (Outlook), gmail, etc to my zimbra domain imagenti.mx, but it was reject, this happens with all external emails.
Is important to say, I can send emails to external domains but can not receive; and I can Send and receive from internal emails accounts :
Message ID ‘[reject:NOQUEUE:www]’
dream-theater_beny@hotmail.com
—>
francisco.martinez@imagenti.mx
Recipient
francisco.martinez@imagenti.mx
Aug 26 10:50:17 — mail-oln040092010063.outbound.protection.outlook.com (40.92.10.63) status reject
451 4.3.5 <mail-oln040092010063.outbound.protection.outlook.com[40.92.10.63]>: Client host rejected: Server configuration error
Message ID ‘[reject:NOQUEUE:www]’
sermita193@gmail.com
—>
info@imagenti.mx
Recipient
info@imagenti.mx
Aug 26 11:07:32 — mail-ot1-f45.google.com (209.85.210.45) status reject
451 4.3.5 <mail-ot1-f45.google.com[209.85.210.45]>: Client host rejected: Server configuration error
I updated to last 8.8.15 Zimbra version and its Open Source.
Code: Select all
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Postfix Master.cf
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Code: Select all
saucer.cf file:
# pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor
# DNS lookups for pyzor can time out easily. Set the following line IF you want to give pyzor up to 20 seconds to respond
# may slow down email delivery
pyzor_timeout 20
# razor
use_razor2 1
score URIBL_BLACK 3.250
score RAZOR2_CHECK 3.250
score PYZOR_CHECK 3.250
score BAYES_99 4.000
score BAYES_60 2.250
score BAYES_50 1.500
score BAYES_00 -0.500
score RP_MATCHES_RCVD -0.000
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
root history:
171 sudo nano /opt/zimbra/conf/postfix_blacklist
172 postmap /opt/zimbra/conf/postfix_blacklist
174 zmprov mcf +zimbraMtaRestriction ‘check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist’
182 sudo nano /opt/zimbra/conf/postfix_blacklist
184 cd /opt/zimbra/common/conf/
186 nano postfix_reject_sender
189 su zimbra
190 nano /opt/zimbra/common/conf/postfix_reject_sender
192 zmprov ms 'www.correocorp.mx' +zimbraMtaSmtpdSenderRestrictions "check_sender_access lmdb:/opt/zimbra/common/conf/postfix_reject_sender"
196 nano /opt/zimbra/common/conf/postfix_reject_sender
218 nano /opt/zimbra/common/conf/postfix_reject_sender
230 nano /etc/yum.repos.d/epel.repo
231 yum update
232 yum install pyzor perl-Razor-Agent
233 pyzor --homedir /opt/zimbra/data/amavisd/.pyzor discover
234 su zimbra
235 pyzor
236 nano /opt/zimbra/conf/sa/saucer.cf
237 cd /opt/zimbra/conf/sa/
238 cd /opt/zimbra/conf/
239 mkdir sa
240 ls
241 nano /opt/zimbra/conf/sa/saucer.cf
242 su zimbra
243 nano /opt/zimbra/conf/sa/saucer.cf
244 su zimbra
245 cd
246 nano /opt/zimbra/conf/sa/saucer.cf
247 su zimbra
248 cd /opt/zimbra/data/spamassasin/localrules
249 cd /opt/zimbra/data/spamassassin/localrules
250 wget -N https://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf -O sakam.cf
251 su zimbra
252 cp /opt/zimbra/conf/sa/saucer.cf /opt/zimbra/data/spamassassin/localrules/
253 su zimbra
254 exit
255 nano /opt/zimbra/conf/sa/saucer.cf
256 nano /opt/zimbra/common/conf/postfix_reject_sender
257 cd /opt/zimbra/common/conf/
258 ls
259 nano /opt/zimbra/conf/postfix_rbl_override
260 postmap /opt/zimbra/conf/postfix_rbl_override
261 zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'
262 su zimbra
263 reboot
264 zmprov ms `www.correocorp.mx` -zimbraServiceEnabled amavis
265 su zimbra
269* nano /etc/postfix/m
270 nano /etc/postfix/filtered_domains
271 nano /opt/zimbra/conf/cbpolicyd.conf.in
273 nano /opt/zimbra/conf/postfix_rbl_override
274 reboot
275 nano /opt/zimbra/conf/postfix_rbl_override
276 reboot
277 -rm /opt/zimbra/conf/postfix_rbl_override
278 rm /opt/zimbra/conf/postfix_rbl_override
279 reboot
280 /opt/zimbra/libexec/zmmsgtrace -s 'francisco.martmont@gmail.com'
281 nano /opt/zimbra/common/conf/postfix_reject_sender
282 nano /etc/postfix/master.cf
285 /var/log/zimbra.log
291 reboot
308 wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3829.RHEL6_64.20190718141144.tgz
309 tar zxvf zcs-8.8.15_GA_3829.RHEL6_64.20190718141144.tgz
310 cd zcs-8.8.15_GA_3829.RHEL6_64.20190718141144
312 ./install.sh
314 reboot
316 /opt/zimbra/libexec/zmmsgtrace -S '@gmail.com'
317 /opt/zimbra/libexec/zmmsgtrace -S '@HOTmail.com'
318 reboot
319 postconf -e "smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated"
320 postconf -e "smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination"
321 postconf -e "smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination"
322 service postfix restart
su zimbra:
895 190603 10:31:10 zmamavisdctl restart
896 190603 10:33:59 vi /opt/zimbra/conf/amavisd.conf.in
897 190603 10:37:33 zmamavisdctl restart
900 190618 16:35:41 zmproxyctl restart
902 190703 10:18:11 zmprov mcf +zimbraMtaRestriction ‘check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist’
903 190708 12:16:32 zmprov mcf +zimbraMtaRestriction “reject_rbl_client b.barracuracentral.org”
907 190801 11:20:42 zmprov ms ‘www.correocorp.mx’ +zimbraMtaSmtpdSenderRestrictions «check_sender_access lmdb:/opt/zimbra/common/conf/postfix_reject_sender»
908 190801 11:21:14 /opt/zimbra/common/sbin/postmap
909 190801 11:22:01 /opt/zimbra/common/conf/postfix_reject_sender
911 190801 12:01:33 zmprov md
http://www.correocorp.mx
+amavisBlacklistSender
palomnd@gmail.com
912 190801 12:02:06 zmprov md
http://www.correocorp.mx
+amavisBlacklistSender
dreamtheaterbeny@gmail.com
913 190802 18:36:07 zmprov ms ‘www.correocorp.mx’ +zimbraMtaSmtpdSenderRestrictions «check_sender_access lmdb:/opt/zimbra/common/conf/postfix_reject_sender»
914 190802 18:36:29 /opt/zimbra/common/sbin/postmap /opt/zimbra/common/conf/postfix_reject_sender
915 190802 18:36:42 zmmtactl restart
916 190802 18:40:22 nano /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
932 190812 10:18:36 zmlocalconfig antispam_enable_rule_updates
933 190812 10:18:55 zmlocalconfig -e antispam_enable_rule_updates=true
934 190812 10:19:13 zmlocalconfig -e antispam_enable_restarts=true
935 190812 10:19:35 zmamavisdctl restart
936 190812 10:20:34 zmmtactl restart
946 190812 10:28:12 pyzor
948 190812 11:39:34 pyzor —homedir /opt/zimbra/data/amavisd/.pyzor discover
950 190812 11:42:21 razor-admin -home=/opt/zimbra/data/amavisd/.razor -create
951 190812 11:42:50 razor-admin -home=/opt/zimbra/data/amavisd/.razor -discover
952 190812 11:47:21 razor-admin -home=/opt/zimbra/data/amavisd/.razor -register -user
postmaster@www.correocorp.mx
954 190812 11:49:43 zmamavisdctl restart
955 190812 11:50:25 zmmtactl restart
966 190823 14:16:39 zmprov mcf +zimbraMtaRestriction ‘check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override’
967 190823 16:59:34 zmlocalconfig antispam_false_rule_update
968 190823 17:00:00 zmlocalconfig antispam_disable_rule_update
969 190823 17:01:05 zmlocalconfig -e antispam_enable_rule_updates=false
970 190823 17:01:18 zmlocalconfig -e antispam_enable_restarts=false
971 190823 17:01:24 reboot
973 190823 17:36:47 zmprov ms `www.correocorp.mx` -zimbraServiceEnabled amavis
974 190823 17:37:08 zmprov ms
http://www.correocorp.mx
-zimbraServiceEnabled amavis
975 190823 17:37:30 zmcontrol restart
976 190823 17:54:08 cd
977 190823 17:54:13 exit
978 190823 19:21:46 postconf mynetworks
979 190823 19:22:23 zmprov gs
http://www.correocorp.mx
zimbraMtaMyNetworks
980 190823 19:25:12 zmprov ms
http://www.correocorp.mx
zimbraMtaMyNetworks ‘127.0.0.0/8 216.245.210.0/24’
981 190823 19:25:52 exit
982 190823 19:31:30 zmantispamctl restart
983 190823 19:31:51 zmamavisdctl restart
984 190823 19:33:12 zmcontrol restart
985 190823 19:49:39 nano /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
986 190823 19:50:48 reboot
987 190823 19:50:53 exit
988 190826 09:38:09 zmlocalconfig -e postfix_lmtp_host_lookup=native
989 190826 09:38:20 zmmtactl restart
990 190826 09:41:40 nano /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
991 190826 09:43:54 nano /opt/zimbra/conf/postfix_rbl_override
992 190826 09:53:21 cd
993 190826 09:53:23 exit
994 190826 10:46:49 zmcontrol restart
So I’m running mail on my VPS, using Postfix + Dovecot. I am able to send, but not all mail comes in.
Note: DOMAIN = my domain, but I blocked it for security reasons.
The case: I want to use my mail on Twitter, but the verification email never arrived. I checked the log and I found the following:
Aug 20 22:20:51 DOMAIN postfix/smtpd[32679]: warning: unknown smtpd restriction: "ACCEPT"
Aug 20 22:20:51 DOMAIN postfix/smtpd[32679]: NOQUEUE: reject: RCPT from spring-chicken-ae.twitter.com[199.16.156.144]: 451 4.3.5 Server configuration error; from=<b0398d9890aadmin=DOMAIN.nl@bounce.twitter.com> to=<admin@DOMAIN.nl> proto=ESMTP helo=<spring-chicken-ae.twitter.com>
Aug 20 22:20:56 DOMAIN postfix/cleanup[32684]: DE1291BFC5E: message-id=<20170820202056.DE1291BFC5E@DOMAIN.nl>
Aug 20 22:20:56 DOMAIN postfix/qmgr[27377]: DE1291BFC5E: from=<double-bounce@DOMAIN.nl>, size=1344, nrcpt=1 (queue active)
Aug 20 22:20:56 DOMAIN postfix/smtpd[32679]: disconnect from spring-chicken-ae.twitter.com[199.16.156.144] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Aug 20 22:20:56 DOMAIN postfix/virtual[32685]: DE1291BFC5E: to=<postmaster@DOMAIN.nl>, orig_to=<postmaster>, relay=virtual, delay=0.02, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)
Aug 20 22:20:56 DOMAIN postfix/qmgr[27377]: DE1291BFC5E: removed
My main.cf is as follows:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
home_mailbox = Maildir/
virtual_mailbox_domains = /etc/postfix/vhosts
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
smtp_tls_security_level = encrypt
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#smtpd_sasl_security_options = noanonymous
#smtpd_sasl_local_domain = $myhostname
#smtpd_sasl_application_name = smtpd
#broken_sasl_auth_clients = yes
#smtpd_tls_received_header = yes
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = DOMAIN.nl
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, mail.DOMAIN.nl, localhost.nl, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
local_transport = virtual
local_recipient_maps = $virtual_mailbox_maps
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,check_recipient_access hash:/etc/postfix/filtered_domains
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth-client
The question: What causes this error?
Собсвтенно имеется Posftix + Dovecot + Postgrey
Проверяю почту через telnet
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 carcam.ru ESMTP
helo darling
250 carcam.ru
mail from: gh@web-site.ru
250 2.1.0 Ok
rcpt to: it2@web-site.ru
451 4.3.5 Server configuration problem
В логах
NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1]: 451 4.3.5 Server configuration problem; from=<gh@web-site.ru> to=<it2@web-site.ru> proto=SMTP helo=<darling>
и c варнингом
Oct 4 11:56:52 web-site postfix/trivial-rewrite[13612]: warning: do not list domain web-site.ru in BOTH mydestination and virtual_alias_domains
Oct 4 11:57:11 web-site postfix/smtpd[13604]: warning: connect to 127.0.0.1:10023: Connection refused
Oct 4 11:57:11 web-site postfix/smtpd[13604]: warning: problem talking to server 127.0.0.1:10023: Connection refused
Конфиги такие
postconf -n
spoiler
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = 127.0.0.1
default_privs = nobody
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/local/man
message_size_limit = 71200000
mydestination = $myhostname,localhost.$myhostname,localhost
mydomain = localdomain
myhostname = web-site.ru
mynetworks = 123.45.67.89/32
myorigin = web-site.ru
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:127.0.0.1:8891
queue_directory = /var/spool/postfix
relay_domains =
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_generic_maps = hash:/etc/mail/generic
smtp_tls_CAfile = etc/postfix/postfix.pem
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_sasl_authenticated, check_client_access hash:/etc/mail/access
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions = permit_sasl_authenticated, check_sender_access hash:/etc/mail/access, check_client_access hash:/etc/mail/access, check_recipient_access hash:/etc/mail/access, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_unverified_recipient, reject_unknown_client, check_policy_service inet:127.0.0.1:10023
smtpd_reject_unlisted_sender = yes
smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_access hash:/etc/mail/access
smtpd_tls_CAfile = etc/postfix/postfix.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = etc/postfix/postfix.pem
smtpd_tls_key_file = etc/postfix/postfix.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_use_tls = yes
soft_bounce = no
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_domains = /etc/mail/local-host-names
virtual_alias_maps = hash:/etc/mail/virtusertable
Возникла следующая проблема: postfix не принимает почту. В логах отправляющего сервера
Код: Выделить всё
postfix/smtp[56770]: 229F226D344: to=<user@domain>, relay=mail.domain[ip]:25, delay=18, delays=0.18/0.01/0.12/17, dsn=4.3.5, status=deferred (host domain[ip] said: 451 4.3.5 Server configuration problem (in reply to RCPT TO command))
Конфиг принимающего сервера
main.cf
Код: Выделить всё
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
default_privs = nobody
myhostname = host.domain
mydomain = domain
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain
unknown_local_recipient_reject_code = 550
mynetworks_style = host
mynetworks = 192.168.0.0/24, 127.0.0.0/8, 192.168.1.0/24
transport_maps = mysql:/usr/local/etc/postfix/sql/transport.cf
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/sql/users.cf
virtual_alias_maps = mysql:/usr/local/etc/postfix/sql/aliases.cf
virtual_uid_maps = mysql:/usr/local/etc/postfix/sql/uids.cf
virtual_gid_maps = mysql:/usr/local/etc/postfix/sql/gids.cf
proxy_read_maps = $virtual_alias_maps $virtual_uid_maps $virtual_gid_maps $virtual_mailbox_maps $transport_maps $relay_recipient_maps
virtual_mailbox_limit = 2048000000
message_size_limit = 20480000
local_recipient_maps = $virtual_mailbox_maps
relay_domains = $transport_maps
disable_dns_lookups = no
smtp_always_send_ehlo = yes
smtpd_sasl_auth_enable = no
smtp_sasl_security_options = noanonymous
enable_sasl_authentication = no
smtpd_client_restrictions = permit_mynetworks,
reject_unknown_client_hostname,
regexp:/usr/local/etc/postfix/dsl_stoplist.txt,
check_client_access cidr:/usr/local/etc/postfix/chinese-spammer-networks,
check_client_access mysql:/usr/local/etc/postfix/sql/helo_access.cf
maps_rbl_reject_code = 550
smtpd_recipient_restrictions = check_recipient_access mysql:/usr/local/etc/postfix/sql/access.cf,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
reject_unknown_client_hostname,
reject_unauth_destination,
check_client_access mysql:/usr/local/etc/postfix/sql/client_access.cf,
reject_rbl_client bl.spamcop.net,
reject_rbl_client spamsrc.rbl.ukr.net,
reject_rbl_client dyna.rbl.ukr.net,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client dul.ru,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dialups.mail-abuse.org,
reject_rbl_client blackholes.mail-abuse.org,
reject_rbl_client combined.njabl.org,
reject_rbl_client dynablock.njabl.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit
disable_vrfy_command = yes
strict_mime_encoding_domain = yes
strict_rfc821_envelopes = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks,
reject_unknown_client_hostname,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_helo_hostname,
regexp:/usr/local/etc/postfix/dsl_stoplist.txt,
check_helo_access mysql:/usr/local/etc/postfix/sql/helo_access.cf
smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access mysql:/usr/local/etc/postfix/sql/sender_access.cf, reject_unverified_sender, permit_mynetworks
address_verify_map = btree:/var/mail/verify
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtp_use_tls = no
smtpd_use_tls = no
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /usr/local/etc/postfix/ssl/post.pem
smtpd_tls_cert_file = $smtpd_tls_key_file
smtpd_tls_CAfile = $smtpd_tls_key_file
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
hopcount_limit = 20
disable_vrfy_command = yes
in_flow_delay = 1s
mail_spool_directory = /var/spool/postfix
header_checks = regexp:/usr/local/etc/postfix/header_checks
header_checks = pcre:/usr/local/etc/postfix/header_checks
smtpd_banner = $myhostname ESMTP service ready
debug_peer_level = 3
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no
html_directory = no
notify_classes =
bounce_notice_recipient = badmail@domain
smtpd_data_restrictions = reject_unauth_pipelining
relay_recipient_maps = mysql:/usr/local/etc/postfix/sql/relay_user_maps.cf
sender_access_cf = check_sender_access mysql:/usr/local/etc/postfix/sql/sender_access.cf,reject_unknown_sender_domain,reject_unverified_sender,reject
sender_bcc_maps = mysql:/usr/local/etc/postfix/sql/sender_bcc_maps.cf
master.cf
Код: Выделить всё
192.168.0.1:25 inet n - n - - smtpd -o content_filter=smtp-clamsmtp:[localhost]:10026
<ip>:25 inet n - n - - smtpd -o content_filter=smtp-clamsmtp:[localhost]:10026
pickup fifo n - n 60 1 pickup
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - 2 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
discard unix - - n - - discard
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
smtp-clamsmtp unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
192.168.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=192.168.1.1,127.0.0.1,192.168.0.1
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
127.0.0.1:25 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=192.168.1.1,127.0.0.1,192.168.0.1
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
tlsmgr unix - - n 1000? 1 tlsmgr
/usr/local/etc/clamsmtpd.conf
Код: Выделить всё
OutAddress: 10025
Listen: 127.0.0.1:10026
Bounce: off
User: clamav
Здравствуйте. Прошу помощи в решении проблемы.
Шлюз, AD Win2008, Exchange 2010 — отдельные машины. Интернет — белый IP с постоянным подключением к интернет. Все необходимые зоны DNS (A, MX, SPF, PTR) прописаны, как на локальном DNS так и на DNS провайдера. Через nslookup и сторонние тесты (например
http://www.intodns.com) это подтверждается.
Сервер обслуживает 4 внешних домена. Локальный домен firma.local.
Внешние домены firma1.com, firma2.com, firma3.com,firma4.com. Все домены указывают на одну MX запись mail.firma1.com, у всех доменов одинаковая PTR (IP.in-addr.arpa -> mail.firma1.com)
Проблема в том, что при отправке письма на некоторые сервера приходит ошибка «450 4.7.1 Client host rejected: cannot find your hostname [мой_внешний_IP]». Поиск по инету говорит о непрописанной PTR, но это не подходит т.к. с PTR всё в порядке. Проблем с
крупными (mail.ru, gmail.com и т.д.) почтовыми серверами нет.
Кусок SmtpSend лога
2010-06-01T23:50:45.378Z,Соединитель отправки всей почты,08CCCF378C49048A,0,,195.82.145.229:25,*,,attempting to connect
2010-06-01T23:50:45.496Z,Соединитель отправки всей почты,08CCCF378C49048A,1,10.0.1.4:20787,195.82.145.229:25,+,,
2010-06-01T23:50:45.614Z,Соединитель отправки всей почты,08CCCF378C49048A,2,10.0.1.4:20787,195.82.145.229:25,<,220 ******************************,
2010-06-01T23:50:45.614Z,Соединитель отправки всей почты,08CCCF378C49048A,3,10.0.1.4:20787,195.82.145.229:25,>,EHLO mail.firma1.com,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,4,10.0.1.4:20787,195.82.145.229:25,<,250-novosibirsk-km57.neta.ru,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,5,10.0.1.4:20787,195.82.145.229:25,<,250-PIPELINING,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,6,10.0.1.4:20787,195.82.145.229:25,<,250-SIZE 11534336,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,7,10.0.1.4:20787,195.82.145.229:25,<,250-ETRN,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,8,10.0.1.4:20787,195.82.145.229:25,<,250 8BITMIME,
2010-06-01T23:50:45.733Z,Соединитель отправки всей почты,08CCCF378C49048A,9,10.0.1.4:20787,195.82.145.229:25,*,2433,sending message
2010-06-01T23:50:45.733Z,Соединитель отправки всей почты,08CCCF378C49048A,10,10.0.1.4:20787,195.82.145.229:25,>,MAIL FROM:<test@firma1.com> SIZE=4446,
2010-06-01T23:50:45.733Z,Соединитель отправки всей почты,08CCCF378C49048A,11,10.0.1.4:20787,195.82.145.229:25,>,RCPT TO:<USER@nvkz.neta.ru>,
2010-06-01T23:50:55.849Z,Соединитель отправки всей почты,08CCCF378C49048A,12,10.0.1.4:20787,195.82.145.229:25,<,250 Ok,
2010-06-01T23:50:55.849Z,Соединитель отправки всей почты,08CCCF378C49048A,13,10.0.1.4:20787,195.82.145.229:25,<,»450 Client host rejected: cannot find your hostname, [мой_внешний_IP]»,
2010-06-01T23:50:55.850Z,Соединитель отправки всей почты,08CCCF378C49048A,14,10.0.1.4:20787,195.82.145.229:25,>,QUIT,
2010-06-01T23:50:55.968Z,Соединитель отправки всей почты,08CCCF378C49048A,15,10.0.1.4:20787,195.82.145.229:25,<,221 Bye,