主页 / ubuntu / 问题 / 1476684
Accepted
Jacksonkr
Asked: 2023-07-07 05:19:11 +0800 CST

Postfix 出站邮件未通过 Gmail 的 SPF 检查

  • 772

设想

我已经用 mediatemple 接收邮件很多年了,但现在 godaddy 收购了他们,他们已经切断了我的出站邮件,当我打电话过来时,他们正在推送 microsoft 360,所以我决定滚动自己的邮件。

我用 spf 设置了 postfix,除了 gmail 每次都会关闭我的测试电子邮件外,一切似乎都很好:

<[email protected]>: host gmail-smtp-in.l.google.com[74.125.137.27]
    said: 550-5.7.26 This mail is unauthenticated, which poses a security risk
    to the 550-5.7.26 sender and Gmail users, and has been blocked. The sender
    must 550-5.7.26 authenticate with at least one of SPF or DKIM. For this
    message, 550-5.7.26 DKIM checks did not pass and SPF check for
    [ve.x.vesrv.com] 550-5.7.26 did not pass with ip: [x.x.x.x]. The
    sender should visit 550-5.7.26
    https://support.google.com/mail/answer/81126#authentication for 550 5.7.26
    instructions on setting up authentication.
    y14-20020a056a001c8e00b0067f03c85d73si2102348pfw.115 - gsmtp (in reply to
    end of DATA command)

问题

邮件被发送到我自己的域,但如何才能将其发送到我的 gmail 地址?

更多细节

  • 72.xxx是我的 ubuntu 服务器,位于vserv.com的保护之下
  • x.com是我的域名

我的 dns TXT记录是 v=spf1 ip4:72.xxx include:ve.x.vesrv.com include:_spf.google.com -all

我的main.cf

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
#delay_warning_time = 4h
readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = ve.6ryrfw2g.vesrv.com
#myhostname = mail.x.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ve.x.vesrv.com, localhost.x.vesrv.com, , localhost
#mydestination = $myhostname, x.com, localhost.localdomain, localhost
#mydestination = localhost.$mydomain, localhost, $myhostname
#masquerade_domains = x.com
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = all

### custom ###

#spf

policy-spf_time_limit = 3600s

smtpd_recipient_restrictions =
     ...
     permit_sasl_authenticated
     permit_mynetworks
     reject_unauth_destination
     check_policy_service unix:private/policy-spf
     ...
email

1 个回答

  1. Best Answer

    SPF 工作后,我开始收到来自 Gmail 的新回复

    <[email protected]>: host gmail-smtp-in.l.google.com[142.251.2.26]
    said: 550-5.7.25 [72.x.x.x] The IP address sending this message does not
    have a PTR 550-5.7.25 record setup, or the corresponding forward DNS entry
    does not point 550-5.7.25 to the sending IP. As a policy, Gmail does not
    accept messages from 550-5.7.25 IPs with missing PTR records. Please visit
    550-5.7.25  https://support.google.com/mail/answer/81126#ip-practices for
    more 550 5.7.25 information.
    q25-20020a635059000000b0055384329027si1633035pgl.566 - gsmtp (in reply to
    end of DATA command)

    由于这是一个关于反向 DNS 不匹配的错误,我最终不得不联系我的 ip 块的所有者 GoDaddy,并请求他们为我的特定 IP 设置反向 dns PTR 记录。

    • 0

相关问题