在过去的几天里,我一直在研究 SO 问题和 Postfix 文档,但没有成功找出我做错了什么。我的情况如下:
- 我有一个运行 Postfix 的服务器,它有自己的 FQDN(DomainA)。DomainA 的邮件通过 MailGun 中继。
- 该服务器托管多个网站域,计划现在确保这些域的邮件通过 MailGun 中继,但作为一个单独的域。这将创建单独的退回地址等。调用此 DomainB
- 根据标头中存在的域,配置 Postfix 以选择适当的 SASL 身份验证,确保添加适当的标头。
版本信息:Debian 7 上的 Postfix 2.11.2 (Wheezy)
postconf -n 的输出:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_at_myorigin = no
append_dot_mydomain = no
biff = no
canonical_maps = regexp:/etc/postfix/canonical
canonical_classes = envelope_sender, header_sender
config_directory = /etc/postfix
inet_interfaces = localhost
inet_protocols = ipv4
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = localhost.com, localhost
myhostname = DomainA.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
relayhost_map 文件内容:
@DomainA.com [smtp.mailgun.org]:587
@DomainB.name [smtp.mailgun.org]:587
尝试 #1 of canonical_maps -将所有电子邮件地址重新写入 [email protected]
/./ [email protected]
从命令行发送电子邮件时的 mail.log 输出:
Aug 18 01:55:12 DomainA postfix/pickup[3572]: C72492A00B8: uid=0 from=<root>
Aug 18 01:55:12 DomainA postfix/cleanup[3591]: C72492A00B8: message-id=<[email protected]>
Aug 18 01:55:12 DomainA postfix/qmgr[3573]: C72492A00B8: from=<[email protected]>, size=437, nrcpt=1 (queue active)
Aug 18 01:55:13 DomainA postfix/smtp[3593]: C72492A00B8: to=<[email protected]>, relay=smtp.mailgun.org[50.56.21.178]:587, delay=0.28, delays=0.02/0.02/0.16/0.08, dsn=2.0.0, status=sent (250 Great success)
邮件客户端收到的电子邮件标头:
Delivered-To: [email protected]
Return-Path: <[email protected]>
[snip]
Sender: [email protected]
[snip]
From: Primary Root <[email protected]>
To: [email protected]
Subject: test mail #5
有两件事在我看来是非常错误的:
为什么发件人地址设置为 [email protected] 即使 Postfix 已设置为:
append_at_myorigin = 没有 append_dot_mydomain = 没有
由于发件人地址附加了 DomainA.com,看来 Postfix 选择使用 DomainA 的 SASL 详细信息中继邮件 - 通过查看 MailGun 仪表板上的日志确认。这导致退回地址也设置为 DomainA。
尝试 #2 的 canoncial_maps -仅以DomainB.com结尾的电子邮件地址被重新写入 [email protected]
/@DomainB.name/ [email protected]
.muttrc 文件设置以强制从电子邮件地址为 DomainB.com
set from="[email protected]"
set use_from=yes
set use_envelope_from = yes
mail.log 的输出:
Aug 18 03:40:49 DomainA postfix/qmgr[8809]: 2BEB92A00D3: from=<[email protected]>, size=441, nrcpt=1 (queue active)
Aug 18 03:40:49 DomainA postfix/smtp[8824]: 2BEB92A00D3: to=<[email protected]>, relay=smtp.mailgun.org[104.130.177.23]:587, delay=0.58, delays=0.01/0.02/0.37/0.17, dsn=2.0.0, status=sent (250 Great success)
邮件客户端收到的电子邮件标头:
Delivered-To: [email protected]
[snip]
Return-Path: <[email protected]>
[snip]
Sender: [email protected]
[snip]
From: Primary Root <[email protected]>
To: [email protected]
Subject: test mail hdr #7
- 从这个测试中,我可以看到规范映射不是问题。重写发生正确。但是,Postfix 似乎无法将输出识别为有效的电子邮件地址,并附加了导致中继中断的 FQDN。
非常欢迎任何有关如何解决此问题的建议/想法!