Pin*_*kle 2 email smtp postfix authentication sasl
根据本教程,我有一个 Postfix/Courier 邮件服务器(使用 SASL/MySQL 进行身份验证)。我目前在 Debian 6 上运行我的服务器,它是一个 VPS。据我所知,它运行良好,但我似乎不需要对入站电子邮件发送进行身份验证。如果我从 Outlook 向自己发送禁用 SMTP 身份验证的电子邮件,一切都会发生并且我没有被拒绝,服务器上的日志告诉我:
Dec 19 09:39:33 new postfix/smtpd[20439]: connect from unknown[****]
Dec 19 09:39:33 new postfix/smtpd[20439]: 7FF1E469840: client=unknown[****]
Dec 19 09:39:33 new postfix/cleanup[20444]: 7FF1E469840: message-id=<000c01cefc31$41319a90$c394cfb0$@email@mydomain>
Dec 19 09:39:33 new postfix/qmgr[20429]: 7FF1E469840: from=<email@mydomain>, size=2730, nrcpt=1 (queue active)
Dec 19 09:39:33 new postfix/virtual[20445]: 7FF1E469840: to=<email@mydomain>, relay=virtual, delay=0.49, delays=0.4/0.08/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
Dec 19 09:39:33 new postfix/qmgr[20429]: 7FF1E469840: removed
Dec 19 09:39:36 new postfix/smtpd[20439]: disconnect from unknown[****]
**** 表示邮件客户端的IP地址
但是,如果我尝试向外部域(例如 gmail 地址)发送电子邮件,则该电子邮件会按预期被拒绝并退回:
Your message did not reach some or all of the intended recipients.
Subject:
Sent: 19/12/2013 9:49 a.m.
The following recipient(s) cannot be reached:
'email@external.domain' on 19/12/2013 9:49 a.m.
Server error: '554 5.7.1 <email@external.domain>: Relay access denied'
日志也吐出一些关于拒绝身份验证的内容(这是意料之中的)
Dec 19 09:48:34 new postfix/smtpd[20449]: connect from unknown[****]
Dec 19 09:48:34 new postfix/smtpd[20449]: NOQUEUE: reject: RCPT from unknown[****]: 554 5.7.1 <email@external.domain>: Relay access denied; from=<email@mydomain> to=<email@external.domain> proto=ESMTP helo=<MyPC>
Dec 19 09:48:36 new postfix/smtpd[20449]: disconnect from unknown[****]
如果我在电子邮件客户端 (Outlook) 上启用 SMTP 身份验证,一切都会按预期进行。实际上是否有一些我没有看到的身份验证正在进行,或者这是作为内部电子邮件的开放中继?如果是这种情况,我如何强制对所有电子邮件进行身份验证?
我的 main.cf 是:
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
broken_sasl_auth_clients = yes
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
您的服务器不是开放中继。它被设置为允许三种不同类型的邮件:
如果邮件不符合上述之一,邮件服务器将拒绝它,即使垃圾邮件发送者在您的域中放置了一些虚假地址作为发件人地址。
| 归档时间: |
|
| 查看次数: |
3105 次 |
| 最近记录: |