Usando a última versão do Dovecot/postif no Debian Wheezy Mails do Gmail não são aceitos.
registro:
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: cannot get RSA certificate from file /etc/postfix/smtpd.crt: disabling TLS support
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: TLS library problem: 27084:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/postfix/smtpd.crt','r'):
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: TLS library problem: 27084:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: warning: TLS library problem: 27084:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:722:
Sep 10 14:38:30 ns2281425 postfix/smtpd[27084]: connect from mail-qe0-f47.google.com[209.85.128.47]
Sep 10 14:38:31 ns2281425 postfix/cleanup[27089]: 40F2AC0CAC: message-id=<[email protected]>
Sep 10 14:38:31 ns2281425 postfix/smtpd[27084]: disconnect from mail-qe0-f47.google.com[209.85.128.47]
Sep 10 14:38:31 ns2281425 postfix/qmgr[25342]: 40F2AC0CAC: from=<[email protected]>, size=900, nrcpt=1 (queue active)
Sep 10 14:38:31 ns2281425 postfix/local[27091]: warning: required alias not found: postmaster
Sep 10 14:38:31 ns2281425 postfix/local[27091]: 40F2AC0CAC: to=<[email protected]>, orig_to=<postmaster>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (discarded)
Sep 10 14:38:31 ns2281425 postfix/qmgr[25342]: 40F2AC0CAC: removed
Configuração do Postfix:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/postfix/smtpd.crt
smtpd_tls_key_file=/etc/postfix/smtpd.key
smtp_tls_CAfile = /etc/postfix/cakey.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = domain.lan
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = ns2281425.ovh.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ns2281425.ovh.net, localhost.ovh.net, , localhost
#relayhost = [smtp.mailoo.org]:225
relayhost =
mynetworks = 127.0.0.0/8, 5.39.72.228
mailbox_size_limit = 0
recipient_delimiter = +
#inet_interfaces = 127.0.0.1, 5.39.72.228
inet_interfaces = all
inet_protocols = ipv4
mailbox_command = /usr/lib/dovecot/deliver
home_mailbox = Maildir/
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
# Wait until the RCPT TO command before evaluating restrictions
smtpd_delay_reject = yes
# Basics Restrictions
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
# Requirements for the connecting server
smtpd_client_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client list.dsbl.org,
permit
# Requirements for the HELO statement
smtpd_helo_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_invalid_hostname,
permit
# Requirements for the sender address
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit
# Requirement for the recipient address
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_destination,
permit
virtual_alias_maps = hash:/etc/postfix/virtual
Alguma ideia, por favor?
Agora os e-mails estão vindo do Gmail. Mas os registros são:
Sep 10 15:17:02 ns2281425 postfix/smtpd[1720]: warning: 49.128.85.209.dnsbl.njabl.org: RBL lookup error: Host or domain name not found. Name service error for name=49.128.85.209.dnsbl.njabl.org type=A: Host not found, try again
Sep 10 15:17:17 ns2281425 postfix/smtpd[1720]: warning: 49.128.85.209.list.dsbl.org: RBL lookup error: Host or domain name not found. Name service error for name=49.128.85.209.list.dsbl.org type=A: Host not found, try again
Sep 10 15:17:17 ns2281425 postfix/cleanup[1770]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Sep 10 15:17:17 ns2281425 postfix/smtpd[1720]: 1449DC0C96: client=mail-qe0-f49.google.com[209.85.128.49]
Sep 10 15:17:17 ns2281425 postfix/cleanup[1770]: 1449DC0C96: message-id=<CAOen1CZ90Jpgg7pfbH0zTyX9QvcrAXS3Ts=OiQdYmrdH4EzZjg@mail.gmail.com>
Sep 10 15:17:17 ns2281425 postfix/qmgr[921]: 1449DC0C96: from=<[email protected]>, size=1942, nrcpt=1 (queue active)
Sep 10 15:17:17 ns2281425 postfix/smtpd[1720]: disconnect from mail-qe0-f49.google.com[209.85.128.49]
Sep 10 15:17:17 ns2281425 postfix/local[1771]: 1449DC0C96: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=31, delays=30/0/0/0.13, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver)
Sep 10 15:17:17 ns2281425 postfix/qmgr[921]: 1449DC0C96: removed
Responder1
As duas primeiras linhas do log são claras:
warning: cannot get RSA certificate from file /etc/postfix/smtpd.crt: disabling TLS support
warning: TLS library problem: 27084:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/postfix/smtpd.crt','r'):
O certificado configurado não pode ser encontrado e o postfix desativa o suporte TLS, mas parece que o Google só entrega e-mails por meio de conexões seguras.