问题[postfix](ubuntu)

我在一台新的 Ubuntu 24.04 服务器上安装了 Postfix。如果我从本地远程登录到它，它会按预期以 SMTP 横幅响应。但是，如果我从外部源远程登录到它，它会打开端口，然后什么也不做，即我收到一个空白屏幕，并且对于我发送的任何命令（helo、ehlo、helo mail.test.com 等），都会出现“452 语法错误（连接）”错误。显然，这不是防火墙问题，因为 postfix 会回答，它似乎只是不想为来自外部网络的请求提供服务。

我检查了所有的配置，并重启了服务，甚至重启了机器。我不知道是什么导致了这个问题。

/etc/postfix/main.cf

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
compatibility_level = 3.6

# TLS parameters
smtpd_tls_cert_file = /etc/nginx/ssl/************/2275563/server.crt
smtpd_tls_key_file = /etc/nginx/ssl/************/2275563/server.key
smtpd_tls_security_level = may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache


smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = ************
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = virtuallyanything.com, $myhostname, svr-virtuallyanything.localdomain, localhost.localdomain, localhost
relayhost = smtp.postmarkapp.com:2525 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = pgsql:/etc/postfix/sql/pgsql_virtual_domains_maps.cf
virtual_alias_maps = pgsql:/etc/postfix/sql/pgsql_virtual_alias_maps.cf, pgsql:/etc/postfix/sql/pgsql_virtual_alias_dom>
virtual_mailbox_maps = pgsql:/etc/postfix/sql/pgsql_virtual_mailbox_maps.cf, pgsql:/etc/postfix/sql/pgsql_virtual_alias>
virtual_transport = lmtp:unix:private/dovecot-lmtp
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
milter_protocol = 6
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept
smtpd_milters = inet:127.0.0.1:11332
non_smtpd_milters = inet:127.0.0.1:11332

/etc/postfix/master.cf

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (no)    (never) (100)
# ==========================================================================
smtp      inet  n       -       y       -       -       smtpd -v
#smtp      inet  n       -       y       -       1       postscreen
#smtpd     pass  -       -       y       -       -       smtpd
#dnsblog   unix  -       -       y       -       0       dnsblog
#tlsproxy  unix  -       -       y       -       0       tlsproxy
#127.0.0.1:submission inet n -   y       -       -       smtpd
#submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_tls_auth_only=yes
#  -o local_header_rewrite_clients=static:all
#  -o smtpd_reject_unlisted_recipient=no
#     Instead of specifying complex smtpd_<xxx>_restrictions here,
#     specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions"
#     here, and specify mua_<xxx>_restrictions in main.cf (where
#     "<xxx>" is "client", "helo", "sender", "relay", or "recipient").
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_helo_restrictions=
#  -o smtpd_sender_restrictions=
#  -o smtpd_relay_restrictions=
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_helo_restrictions=
#  -o smtpd_sender_restrictions=
#  -o smtpd_relay_restrictions=
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
# Choose one: enable submissions for loopback clients only, or for any client.
#127.0.0.1:submissions inet n  -       y       -       -       smtpd
#submissions     inet  n       -       y       -       -       smtpd
#  -o syslog_name=postfix/submissions
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o local_header_rewrite_clients=static:all
#  -o smtpd_reject_unlisted_recipient=no
#     Instead of specifying complex smtpd_<xxx>_restrictions here,
#     specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions"
#     here, and specify mua_<xxx>_restrictions in main.cf (where
#     "<xxx>" is "client", "helo", "sender", "relay", or "recipient").
#  -o smtpd_client_restrictions=
#  -o smtpd_helo_restrictions=
#  -o smtpd_sender_restrictions=
#  -o smtpd_relay_restrictions=
#  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       y       -       -       qmqpd
pickup    unix  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       y       -       -       smtp
        -o syslog_name=postfix/$service_name
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
retry     unix  -       -       y       -       -       error
discard   unix  -       -       y       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       y       -       1       anvil
scache    unix  -       -       y       -       1       scache
postlog   unix-dgram n  -       n       -       1       postlogd
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop  unix  -       n       n       -       -       pipe
#  flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)#
# Other external delivery methods.
#
#ifmail    unix  -       n       n       -       -       pipe
#  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#bsmtp     unix  -       n       n       -       -       pipe
#  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
#scalemail-backend unix -       n       n       -       2       pipe
#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
#mailman   unix  -       n       n       -       -       pipe
#  flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}

使用 ubuntu 24.04 LTS。我已验证我的证书密钥是正确的。也没有显示端口 465 侦听，但防火墙规则在那里。

main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on
# fresh installs.
compatibility_level = 3.6



# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/mailserver.crt
smtpd_tls_key_file = /etc/ssl/private/mailserver.key
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtp_tls_security_level = may
# smtp_tls_CApath =  /etc/ssl/certs/
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_security_level=may


smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache


smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = *****.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, ******.com, localhost.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

smtps inet n - - - - smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_tls_wrappermode=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o smtpd_helo_restrictions=permit_mynetworks,reject_invalid_helo_hostname,reject_non_fqdn_helo_hostname
  -o smtpd_sender_restrictions=permit_mynetworks,reject_non_fqdn_sender,reject_unknown_sender_domain
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
root@*******:/etc/postfix#

我知道 postfix/smtpd 用于传入邮件，smtp 用于传出邮件。但我确实在我的日志文件中看到了几个带有postfix/smtps/smtpd. 这个是来做什么的？

Feb 22 10:57:55 mx postfix/smtps/smtpd[XXXX]: lost connection after EHLO from XXXX[XXXX]
Feb 22 10:57:55 mx postfix/smtps/smtpd[XXXX]: disconnect from XXXX[XXXX] ehlo=1 commands=1
Feb 22 11:07:27 mx postfix/smtps/smtpd[XXXX]: warning: hostname XXXX does not resolve to address XXXX
Feb 22 11:07:27 mx postfix/smtps/smtpd[XXXX]: connect from unknown[XXXX]
Feb 22 11:07:30 mx postfix/smtps/smtpd[XXXX]: SSL_accept error from unknown[XXXX]: lost connection
Feb 22 11:07:30 mx postfix/smtps/smtpd[XXXX]: lost connection after CONNECT from unknown[XXXX]
Feb 22 11:07:30 mx postfix/smtps/smtpd[XXXX]: disconnect from unknown[XXXX] commands=0/0
Feb 22 11:18:22 mx postfix/smtps/smtpd[XXXX]: SSL_accept error from unknown[XXXX]: -1
Feb 22 11:18:22 mx postfix/smtps/smtpd[XXXX]: warning: TLS library problem: error:0A00010B:SSL routines::wrong version number:../ssl/record/ssl3_record.c:354:
Feb 22 11:18:22 mx postfix/smtps/smtpd[XXXX]: lost connection after CONNECT from unknown[XXXX]
Feb 22 11:18:22 mx postfix/smtps/smtpd[XXXX]: disconnect from unknown[XXXX] commands=0/0
Feb 22 11:53:13 mx postfix/smtps/smtpd[XXXX]: connect from unknown[XXXX]

是否可以忽略特定发件人引起的退回邮件？我们有一个代码存储库服务器，可以向所有提交的用户/地址发送电子邮件。由于某些原因，很难删除无效收件人（不再存在的用户），因此每当邮件从[email protected]发送给此类无效用户时，它们就会被退回。但是，接收退回邮件的 Postfix 服务器无法到达 server.example.net （无论如何它都不运行邮件服务器），因此我宁愿不生成发送到该地址的退回邮件，因为它们只是排队并重试了 5 天才被放弃。

我已经安装了 postfix 3.6.4 并且大部分时间都在工作。我可以发送外发电子邮件，但无法收到传入电子邮件。当我运行 sudo ss -lnpt | grep master，我只得到一行，其中端口 25 处于 LISTEN 模式。我知道我需要服务来监听 465 和 587，并且在尝试配置它时，我很确定我已经覆盖/删除了一些我需要的行。

我正在尝试获取我的 master.cf 文件的新副本，以便我可以比较两者但没有运气。我不想卸载/重新安装，因为我有它的一部分在工作，并且不想处理重新安装破坏我的网络服务器的证书。

TLDR：如何为 postfix mail_version = 3.6.4 获取 master.cf 文件的全新原始副本？

发行商 ID：Ubuntu 描述：Ubuntu 22.04.2 LTS 版本：22.04 代号：jammy

运行于：（Orange Pi 1.1.0 Jammy with Linux 5.10.110-rockchip-rk3588）

谢谢！

我需要拒绝所有主机名未知或与其地址不匹配的 smtp 连接。已尝试在 hosts.deny 中设置：

smtpd: UNKNOWN
smtpd: PARANOID

但 Postfix 日志显示他们仍在通过邮件守护进程。

postfix/smtpd[3426]: warning: hostname server1.reselect.org does not resolve to address 89.33.194.240
postfix/smtpd[3426]: connect from unknown[89.33.194.240]
postfix/smtpd[3426]: NOQUEUE: reject: CONNECT from unknown[89.33.194.240]: 450 4.7.25 Client host rejected: cannot find your hostname, [89.33.194.240]; proto=SMTP
...
postfix/smtpd[3997]: connect from unknown[193.56.29.102]
postfix/smtpd[3997]: NOQUEUE: reject: CONNECT from unknown[193.56.29.102]: 450 4.7.25 Client host rejected: cannot find your hostname, [193.56.29.102]; proto=SMTP

为什么它不起作用？

我正在尝试在 Ubuntu 16.04 上使用 SquirrelMail。

当我去localhost/squirrelmail/src/login.php登录时，我遇到错误消息：ERROR: Connection dropped by IMAP server.

我在这里尝试了解决方案，它说要添加/etc/dovecot/dovecot.conf：

protocol imap {
mail_location = mbox:~/mail:INBOX=/var/mail/%u
}

但错误仍然存​​在。

此外，我在这里尝试了解决方案，它通知添加/etc/dovecot/dovecot.conf：

namespace inbox {
    inbox = yes
}

但同样，错误仍然存​​在。

我的/etc/dovecot/dovecot.conf文件是：

## Dovecot configuration file
# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration
# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.
# '#' character and everything after it is treated as comments. Extra spaces
# and tabs are ignored. If you want to use either of these explicitly, put the
# value inside quotes, eg.: key = "# char and trailing whitespace  "
# Most (but not all) settings can be overridden by different protocols and/or
# source/destination IPs by placing the settings inside sections, for example:
# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }
# Default values are shown for each setting, it's not required to uncomment
# those. These are exceptions to this though: No sections (e.g. namespace {})
# or plugin settings are added by default, they're listed only as examples.
# Paths are also just examples with the real defaults being based on configure
# options. The paths listed here are for configure --prefix=/usr
# --sysconfdir=/etc --localstatedir=/var
# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol
# A comma separated list of IPs or hosts where to listen in for connections. 
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::
# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/
# Name of this instance. In multi-instance setup doveadm and other commands
# can use -i <instance_name> to select which instance is used (an alternative
# to -c <config_path>). The instance name is also added to Dovecot processes
# in ps output.
#instance_name = dovecot
# Greeting message for clients.
#login_greeting = Dovecot ready.
# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
#login_trusted_networks =
# Space separated list of login access check sockets (e.g. tcpwrap)
#login_access_sockets = 
# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
# proxying. This isn't necessary normally, but may be useful if the destination
# IP is e.g. a load balancer's IP.
#auth_proxy_self =
# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no
# Should all processes be killed when Dovecot master process shuts down.
# Setting this to "no" means that Dovecot can be upgraded without
# forcing existing client connections to close (although that could also be
# a problem if the upgrade is e.g. because of a security fix).
#shutdown_clients = yes
# If non-zero, run mail commands via this many connections to doveadm server,
# instead of running them directly in the same process.
#doveadm_worker_count = 0
# UNIX socket or host:port used for connecting to doveadm server
#doveadm_socket_path = doveadm-server
# Space separated list of environment variables that are preserved on Dovecot
# startup and passed down to all of its child processes. You can also give
# key=value pairs to always set specific settings.
#import_environment = TZ
##
## Dictionary server settings
##
# Dictionary can be used to store key=value lists. This is used by several
# plugins. The dictionary can be accessed either directly or though a
# dictionary server. The following dict block maps dictionary names to URIs
# when the server is used. These can then be referenced using URIs in format
# "proxy::<name>".
dict {
  #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
  #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf
# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf

我/etc/postfix/main.cf的是：

# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/mailserver.crt
smtpd_tls_key_file = /etc/postfix/ssl/mailserver.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = ubuntu-vm.localdomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost, ubuntu-vm, localhost.localdomain, localhost
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain = 
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
localhost = example.com

此外，我去localhost/squirrelmail/src/configtest.php并收到：

SquirrelMail configtest
This script will try to check some aspects of your SquirrelMail configuration and point you to errors whereever it can find them. You need to go run conf.pl in the config/ directory first before you run this script.
SquirrelMail version:   1.4.23 [SVN]
Config file version:    1.4.0
Config file last modified:  01 July 2020 20:51:58
Checking PHP configuration...
    PHP version 7.0.33-0ubuntu0.16.04.15 OK.
    Running as www-data(33) / www-data(33)
    display_errors:
    error_reporting: 22527
    variables_order OK: GPCS.
    PHP extensions OK. Dynamic loading is disabled.
    ERROR: You have configured PHP not to allow short tags (short_open_tag=off). This shouldn't be a problem with SquirrelMail or any plugin coded coded according to the SquirrelMail Coding Guidelines, but if you experience problems with PHP code being displayed in some of the pages and changing setting to "on" solves the problem, please file a bug report against the failing plugin. The correct contact information is most likely to be found in the plugin documentation.
Checking paths...
    Data dir OK.
    Attachment dir OK.
    Plugins OK.
    Themes OK.
    Default language OK.
    Base URL detected as: http://localhost/squirrelmail/src (location base autodetected)
Checking outgoing mail service....
    SMTP server OK (220 ubuntu-vm.localdomain ESMTP Postfix (Ubuntu))
Checking IMAP service....
    IMAP server ready (* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.)
    Capabilities: * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN
Checking internationalization (i18n) settings...
     gettext - Gettext functions are available. On some systems you must have appropriate system locales compiled.
     mbstring - Mbstring functions are unavailable. Japanese translation won't work.
     recode - Recode functions are unavailable.
     iconv - Iconv functions are available.
     timezone - Webmail users can change their time zone settings.
Checking database functions...
    not using database functionality.
Congratulations, your SquirrelMail setup looks fine to me!
Login now

我似乎对端口 25 入站连接有问题。我的 ISP 确认端口 25 已打开。然而，当我使用 nmap 进行测试时，我得到以下结果

使用公共 IP 测试 nmap 显示端口 25 已被过滤

使用服务器的本地 IP 测试端口 25 显示端口 25 已打开。但是，使用公共/外部 IP 测试 nmap 表明端口 25 已被过滤。我没有将它包含在图片中，但使用 netstat 进行的测试也显示 Postfix (master.cf) 正在侦听该端口。

我服务器上的 Postfix 可以发送邮件，我已经测试了几次，它没有任何问题。但是它无法接收邮件，我强烈怀疑这与从外部公共 IP 访问它时端口 25 被过滤的状态有关。然而，我的 ISP 坚持认为 25 端口是开放的。我的 ISP 作为他们检查的结果给了我这个：16 permit tcp any My.Public.IP.Address 0.0.0.3 eq smtp

SMTP 指的是端口 25，如果我理解正确的话，它们允许任何 tcp 流量通过该端口。但是为什么使用公共IP检查时端口仍然被过滤？

我还能做些什么来缩小问题的范围？任何线索将不胜感激，谢谢。

我已经在我的虚拟机上安装了 Ubuntu Bionic 并设置了一个应用程序。

现在我需要的是从我自己的服务器发送电子邮件。

我正在尝试设置后缀来做到这一点，但没有任何效果。我尝试了很多教程，但仍然没有成功....更糟糕的是 - 我尝试的教程越多，我就越困惑。

那么我尝试了什么？

我曾经apt install mailutils安装 postfix，当它要求 FQDM 时，我选择了 Internet 站点。我进入了mydomain.com..

这是第一个问题。一些教程说将其更改为mail.mydomain.com. 那么它应该是一个子域吗？我需要在我的 DNS 中创建 A 记录吗？

我尝试发送电子邮件：

email" | mail -s "This is the subject line" [email protected]

但是什么也没有发生……我的邮箱中没有邮件，posfix 队列中也没有邮件。

1. 有适合初学者的分步教程吗？

2. 我需要创建指向我的服务器的 MX 记录吗？

3. 我需要创建 TXT 记录吗？我读到这就是其他邮件服务器验证发件人的方式。如果是，那该怎么做？

4. 那么我必须怎么做才能从我自己的服务器发送和发送电子邮件？在这一点上，我什至不需要接收和发送电子邮件 - 只需发送即可

而且我不需要使用后缀...我可以使用任何有效的方法。

我有一个 Ubuntu 18.04 LTS 服务器，在某个时间点（不是由我设置）运行GNU mailman，使用Postfix作为 MTA。

我不再在此服务器上运行任何邮件列表，并且尽我所能尝试通过运行以下命令从服务器中删除和清除Gnu mailman ：

sudo apt remove mailman
sudo apt autoremove mailman
sudo apt purge mailman
sudo apt autoremove --purge mailman

这会删除 mailman 和一些（大多数？）配置和数据文件，但是当我查看 Postfix 日志（/var/log/mail.log）时，我大约每五分钟得到一次：

[…]: error: open database /var/lib/mailman/data/aliases.db: No such file or directory
[…]: warning: hash:/var/lib/mailman/data/aliases is unavailable. open database /var/lib/mailman/data/aliases.db: No such file or directory
[…]: warning: hash:/var/lib/mailman/data/aliases: lookup of 'root' failed

我明白我为什么得到它们，因为清除GNU mailman删除了所有这些文件。

我很确定请求这些文件的程序是Postfix，正在运行：

sudo service postfix status

… 产生相同的三行错误和警告。但是，我无法弄清楚是什么让Postfix想要打开这些文件。

重启后缀：

sudo systemctl restart postfix

... 清除错误，但只是暂时的。大约五分钟后，当我检查状态时，它们又回来了。

问题是：如何摆脱这些错误和警告（无需重新安装不再需要的应用程序）？