我想這是兩個典型的問題,至少第一個是。我正在嘗試在 CentOS 7 上配置 postfix dovecot。
首先,連接埠 25 已打開,但不接受任何外部連線。
連接埠 25 的內部連線正在運作。我做了:
[root@myhost ~]# telnet localhost smtp
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 xxxx.com ESMTP Postfix (CentOS)
helo xxxx
250 xxxx.com
mail from:<[email protected]>
250 2.1.0 Ok
rcpt to:<[email protected]>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
from:[email protected]
to:[email protected]
subject:Testing email
test test
.
250 2.0.0 Ok: queued as CBE5F6039
quit
221 2.0.0 Bye
Connection closed by foreign host.
然後我檢查了我的 Dovecot 伺服器/var/mail/vhosts/xxxx.com/user1
:
./new
./new/1693231789.M572537P2155.xxxx,S=495,W=510
所以對於典型的 SMTP(連接埠 25),我的配置是完全正確的。但問題是,當我嘗試發送或遠端登入它時,它沒有任何回應。日誌文檔為空。所以我嘗試了一下tcpdump -i any port smtp
,它告訴我 25 埠根本沒有開啟。
所以我猜這只是一些典型的 Linux 錯誤,阻止了連接埠 25 的偵聽。請告訴我是否有人知道它是什麼。
其次,465埠不工作。
看來 postfix 要么因為某些配置錯誤而沒有監聽它,要么被我的 Linux 內部的某些東西阻止了端口 465。 (或 SSL 可能不正確)
我在自己的電腦上嘗試tcpdump -i any port smtps
並做到了。telnet mail.xxxx.com smtps
伺服器顯示連接埠 465 確實收到了資料包。但是,後綴沒有回應任何內容。
所以我查看了 的郵件日誌/var/log/maillog
,它顯示 postfix 根本無法識別並回應我的 telnet 連線。這是日誌:
Aug 28 13:42:37 xxxx postfix/postfix-script[1692]: starting the Postfix mail system
Aug 28 13:42:37 xxxx postfix/master[1694]: daemon started -- version 2.10.1, configuration /etc/postfix
只是單純的什麼都沒有。所以我猜 Linux 上有一些設定或防火牆阻止了「實際上」偵聽 smtp 連接埠的服務。有人知道這個嗎?
然後我嘗試從連接埠 465 上的本機主機遠端登錄,但似乎連接埠 465 上的內部連線也不起作用。
在我的伺服器上,我做了:
[root@myhost ~]# telnet localhost smtps
Trying ::1...
Connected to localhost.
Escape character is '^]'.
helo xxxx
Connection closed by foreign host.
它在“helo”之後就關閉了。然後我又去查看/var/log/maillog
,結果如下:
Aug 28 13:45:57 xxxx postfix/smtps/smtpd[1974]: connect from unknown[::1]
Aug 28 13:46:01 xxxx postfix/smtps/smtpd[1974]: SSL_accept error from unknown[::1]: -1
Aug 28 13:46:01 xxxx postfix/smtps/smtpd[1974]: warning: TLS library problem: 1974:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:640:
Aug 28 13:46:01 xxxx postfix/smtps/smtpd[1974]: lost connection after CONNECT from unknown[::1]
Aug 28 13:46:01 xxxx postfix/smtps/smtpd[1974]: disconnect from unknown[::1]
這是我的設定檔。
須藤 postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = localhost
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = localhost, localhost.$mydomain
mydomain = xxxx.com
myhostname = xxxx.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
recipient_delimiter = +
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name (CentOS)
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/xxxx.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/xxxx.com/privkey.pem
smtpd_tls_security_level = may
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
部分/etc/postfix/main.cf
mail_owner = postfix
myhostname = xxxx.com
mydomain = xxxx.com
# TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/xxxx,com/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/xxxx.com/privkey.pem
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces = localhost
# Enable IPv4, and IPv6 if supported
inet_protocols = all
mydestination = localhost, localhost.$mydomain
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
recipient_delimiter = +
virtual_transport = lmtp:unix:private/dovecot-lmtp
部分/etc/postfix/master.cf
smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_reject_unlisted_recipient=no
#-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
465 inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
#-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
答案1
感謝上面@HBruijn的評論,我解決了這個問題。問題是我配置了兩個inet_interfaces
。
有價值的一件事是,似乎在當前的 postfix 設定檔中,inet_interfaces = localhost
是預設值,並且未註釋為預設值。不過,inet_interfaces = all
有評論。因此,inet_interfaces = localhost
取消註釋時需要註釋inet_interfaces = all
。
該文件是:/etc/postfix/master.cf
.