Estou testando minha configuração do PostFix enviando e-mails da minha conta do Gmail para uma conta em um domínio virtual. A resposta do Postfix é invariavelmente:
NOQUEUE: reject: RCPT from mail-lb0-f177.google.com[209.85.217.177]: 454 4.7.1 <mailATbrokkr.net>: Relay access denied; from=<madspayATgmail.com> to=<mailATbrokkr.net> proto=ESMTP helo=<mail-lb0-f177.google.com>
Aqui está o arquivo de configuração main.cf:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/nginx/certs/madsmide_ssl-unified.crt
smtpd_tls_key_file = /etc/nginx/certs/madsmide_ssl.key
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
#smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
#smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
# host configuration
myhostname = mail.madsmi.de
#myorigin = /etc/mailname
mydomain = madsmi.de
myorigin = $mydomain
# Local domain mapping
#alias_maps = hash:/etc/aliases
#alias_database = hash:/etc/aliases
#mydestination = localhost
mydestination =
# Virtal domain mapping
virtual_mailbox_domains = hash:/etc/postfix/my_virtual_mailbox_domains
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = hash:/etc/postfix/my_virtual_mailbox_maps
virtual_uid_maps = static:128
virtual_gid_maps = static:142
#virtual_alias_maps = hash:/etc/postfix/virtual
# Unknown
#relayhost =
mailbox_size_limit = 1000000000
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
Aqui está o arquivo my_virtual_mailbox_domains:
madsmi.de
#madskas.dk
brokkr.net
e o arquivo my_virtual_mailbox_maps:
mailATmadsmi.de madsmi.de/mail/
mailATbrokkr.net brokkr.net/mail/
Aqui está um log de depuração mais detalhado de uma tentativa de conexão:
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: send attr request = seed
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: send attr size = 32
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: private/tlsmgr: wanted attribute: status
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute name: status
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute value: 0
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: private/tlsmgr: wanted attribute: seed
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute name: seed
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute value: h+12lK71F0Vgl8z8GN3zJmF2Sgcja/Y7rqFz1BV4raw=
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: private/tlsmgr: wanted attribute: (list terminator)
Jun 20 22:59:09 THEMINT postfix/smtpd[10294]: input attribute name: (end)
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: EHLO mail-lb0-f180.google.com
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: mail-lb0-f180.google.com: no match
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: 209.85.217.180: no match
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-mail.madsmi.de
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-PIPELINING
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-SIZE 10240000
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-VRFY
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-ETRN
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-ENHANCEDSTATUSCODES
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250-8BITMIME
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250 DSN
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: MAIL FROM:<madspayATgmail.com> SIZE=4079
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: input: <madspayATgmail.com>
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_addr: addr=madspayATgmail.com
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: ctable_locate: move existing entry key madspayATgmail.com
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: in: <madspayATgmail.com>, result: madspayATgmail.com
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_rewrite: trying: permit_inet_interfaces
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: permit_inet_interfaces: mail-lb0-f180.google.com 209.85.217.180
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: fsspace: .: block size 4096, blocks free 37725053
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_queue: blocks 4096 avail 37725053 min_free 0 msg_size_limit 10240000
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 250 2.1.0 Ok
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: RCPT TO:<mailATmadsmi.de>
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: input: <mailATmadsmi.de>
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: smtpd_check_addr: addr=mailATmadsmi.de
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: ctable_locate: move existing entry key mailATmadsmi.de
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: extract_addr: in: <mailATmadsmi.de>, result: mailATmadsmi.de
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: >>> START Recipient address RESTRICTIONS <<<
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_mynetworks
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: permit_mynetworks: mail-lb0-f180.google.com 209.85.217.180
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? 127.0.0.0/8
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? 127.0.0.0/8
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::ffff:127.0.0.0]/104
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::ffff:127.0.0.0]/104
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::1]/128
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::1]/128
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: mail-lb0-f180.google.com: no match
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: 209.85.217.180: no match
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_mynetworks status=0
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_sasl_authenticated
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=permit_sasl_authenticated status=0
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=defer_unauth_destination
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: reject_unauth_destination: mailATmadsmi.de
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: permit_auth_destination: mailATmadsmi.de
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: ctable_locate: leave existing entry key mailATmadsmi.de
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: NOQUEUE: reject: RCPT from mail-lb0-f180.google.com[209.85.217.180]: 454 4.7.1 <mailATmadsmi.de>: Relay access denied; from=<madspayATgmail.com> to=<mailATmadsmi.de> proto=ESMTP helo=<mail-lb0-f180.google.com>
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=defer_unauth_destination status=2
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: >>> END Recipient address RESTRICTIONS <<<
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 454 4.7.1 <mailATmadsmi.de>: Relay access denied
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: DATA
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 554 5.5.1 Error: no valid recipients
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: < mail-lb0-f180.google.com[209.85.217.180]: QUIT
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: > mail-lb0-f180.google.com[209.85.217.180]: 221 2.0.0 Bye
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? 127.0.0.0/8
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? 127.0.0.0/8
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::ffff:127.0.0.0]/104
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::ffff:127.0.0.0]/104
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostname: mail-lb0-f180.google.com ~? [::1]/128
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_hostaddr: 209.85.217.180 ~? [::1]/128
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: mail-lb0-f180.google.com: no match
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: match_list_match: 209.85.217.180: no match
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: send attr request = disconnect
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: send attr ident = smtp:209.85.217.180
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: private/anvil: wanted attribute: status
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: input attribute name: status
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: input attribute value: 0
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: private/anvil: wanted attribute: (list terminator)
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: input attribute name: (end)
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: disconnect from mail-lb0-f180.google.com[209.85.217.180]
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: master_notify: status 1
Jun 20 22:59:10 THEMINT postfix/smtpd[10294]: connection closed
Minha pergunta é: Por que os e-mails estão sendo rejeitados? Pelo pouco que consegui extrair do log, ou o remetente (google.com) é considerado deficiente ou o destinatário (neste caso: e-mail em madsmi.de) não é reconhecido.
Se for o primeiro, estou confuso sobre por que as regras de retransmissão são aplicadas quando o host é o destino e não é solicitado a enviar o e-mail, mas a entregá-lo. Se for o segundo, por que o PostFix não consegue ver o destinatário em virtual_mailbox_maps?
Responder1
O problema ocorre por causa do “hash:” abaixo, remova-o e ele passará.
Mapeamento de domínio virtual
virtual_mailbox_domains = hash:/etc/postfix/my_virtual_mailbox_domains
Responder2
meudestino não pode estar vazio. O servidor de correio não consegue encontrar nenhum destino para o correio porque este campo está vazio. Em essência, NOQUEUE não tem para onde ir. Eu definiria isso como mydestination = 127.0.0.1 ou mesmo localhost deveria funcionar bem. defer_unauth_destination significa que também não está configurado como servidor MX de backup. A única vez que mydestination deve estar vazio é se você estiver atuando como um servidor MX de backup. Nesse caso, você precisa configurar o relayhost como o servidor para o qual você está atuando como backup.
20 de junho 22:59:10 THEMINT postfix/smtpd[10294]: NOQUEUE: rejeitar: RCPT de mail-lb0-f180.google.com[209.85.217.180]: 454 4.7.1: Acesso de retransmissão negado; de= para= proto=ESMTP helo= 20 de junho 22:59:10 THEMINT postfix/smtpd[10294]: generic_checks: name=defer_unauth_destination status=2 20 de junho 22:59:10 THEMINT postfix/smtpd[10294]: >>> FIM Endereço do destinatário RESTRIÇÕES <<<