Postfix / SMTPD中继访问在networking外发送时被拒绝

大约四五个月前,我问了一个非常类似的问题 ,但没有find合适的答案。 我决定发布一个新的问题,以便我可以… a)发布更新信息b)发布我最新的postconf -n输出

当用户从networking内部(通过networking邮件)发送邮件到networking内部和外部的电子邮件地址时,邮件就会被发送。 当系统中有一个电子邮件帐户的用户从networking外部发送邮件时,使用服务器作为中继,将邮件发送到networking内部的地址。

但[有时]当用户通过SMTPD连接发送电子邮件到外部地址时,会返回一个中继访问被拒绝错误:

Feb 25 19:33:49 myers postfix/smtpd[8044]: NOQUEUE: reject: RCPT from host-68-169-158-182.WISOLT2.epbfi.com[68.169.158.182]: 554 5.7.1 <host-68-169-158-182.WISOLT2.epbfi.com[68.169.158.182]>: Client host rejected: Access denied; from=<me@my-domain.com> to=<me@gmail.com> proto=ESMTP helo=<my-computer-name> Feb 25 19:33:52 myers postfix/smtpd[8044]: disconnect from host-68-169-158-182.WISOLT2.epbfi.com[68.169.158.182] 

通过Microsoft Outlook 2003发送这个日志会生成上面的日志。 然而,通过我的iPhone发送,具有完全相同的设置,通过罚款:

 Feb 25 19:37:18 myers postfix/qmgr[3619]: A2D861302C9: from=<me@my-domain.com>, size=1382, nrcpt=1 (queue active) Feb 25 19:37:18 myers amavis[2799]: (02799-09) FWD via SMTP: <me@my-domain.com> -> <me@gmail.com>,BODY=7BIT 250 2.0.0 Ok, id=02799-09, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as A2D861302C9 Feb 25 19:37:18 myers amavis[2799]: (02799-09) Passed CLEAN, [68.169.158.182] [68.169.158.182] <me@my-domain.com> -> <me@gmail.com>, Message-ID: <C14ABC90-D288-4C9C-801B-EBFE0DDF57E8@my-domain.com>, mail_id: yMLvzVQJloFV, Hits: -9.607, size: 897, queued_as: A2D861302C9, 6283 ms Feb 25 19:37:18 myers postfix/lmtp[8752]: 2ED3A1302C8: to=<me@gmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.6, delays=0.25/0.01/0.19/6.1, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=02799-09, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as A2D861302C9) Feb 25 19:37:18 myers postfix/qmgr[3619]: 2ED3A1302C8: removed 

Outlook 2003上的传出设置与我的iPhone上的设置相匹配:SMTP服务器:mail.my-domain.com用户名:我的完整电子邮件地址使用SSL服务器端口587

现在,这里是postconf -n。 我意识到“我的networking”参数有点讨厌。 我有这些IP地址就在这里,正如其他人一直在抱怨这个问题:

 alias_database = hash:/etc/postfix/aliases alias_maps = $alias_database append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = amavisfeed:[127.0.0.1]:10024 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 disable_vrfy_command = yes html_directory = no inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_size_limit = 0 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 20480000 mydestination = $myhostname, localhost, localhost.$mydomain mydomain = my-domain.com myhostname = myers.my-domain.com mynetworks = 127.0.0.0/8, 74.125.113.27, 74.125.82.49, 74.125.79.27, 209.85.161.0/24, 209.85.214.0/24, 209.85.216.0/24, 209.85.212.0/24, 209.85.160.0/24 myorigin = $myhostname newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES receive_override_options = no_address_mappings recipient_delimiter = + relay_domains = $mydestination sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_bind_address = my-primary-server's IP address smtpd_banner = mail.my-domain.com smtpd_helo_required = yes smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/mailserver/postfix.pem smtpd_tls_key_file = /etc/ssl/mailserver/private/postfix.pem smtpd_tls_loglevel = 3 smtpd_tls_received_header = no smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 554 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_minimum_uid = 5000 virtual_transport = dovecot virtual_uid_maps = static:5000 

如果有人有什么想法,可以帮助我终于解决这个问题,我会永远感激。

我的问题根本不在后缀configuration文件中。 这个问题是在达夫科特的authentication。 在/etc/dovecot.conf中有这样的一个部分:

 auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi # NOTE: See also disable_plaintext_auth setting. mechanisims = [snip] } 

我的问题是,机制只是简单的,当它也需要“login”,如下所示:

 auth default { mechanisms = plain login [snip] } 

这个问题已经说了几个月了,但是我还没有解决 – 我现在也有一个工作证书!