Задать вопрос
Kuzm1ch88
@Kuzm1ch88

Почему приходит входящая почта Postfix?

Есть машина с Postfix и Dovecot
Письма уходят отлично. Но когда пишут на мою почту вижу данное сообщение в логах и соответсвенно письмо не доходит до меня.
Лог
connect from forward101c.mail.yandex.net[178.154.239.212]
Apr 17 15:23:53 mx2 postfix/smtpd[50715]: NOQUEUE: reject: RCPT from forward101c.mail.yandex.net[178.154.239.212]: 454 4.7.1 : Relay access denied; from= to= proto=ESMTP helo=
Apr 17 15:23:53 mx2 postfix/smtpd[50715]: disconnect from forward101c.mail.yandex.net[178.154.239.212] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8
Apr 17 15:23:54 mx2 postfix/smtpd[50715]: connect from forward104p.mail.yandex.net[77.88.28.107]

main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

#Фильт заголовков письма
header_checks = pcre:/etc/postfix/header_checks
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks

# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on
# fresh installs.
compatibility_level = 3.6

smtpd_tls_cert_file = /etc/ssl/mail/fullchain.pem
smtpd_tls_key_file = /etc/ssl/mail/privkey.pem
smtpd_tls_security_level=may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

#smtpd_relay_restrictions =
# permit_mynetworks
# permit_sasl_authenticated
# defer_unauth_destination

smtpd_client_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_pipelining
reject_unknown_client_hostname
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
reject_rbl_client bl.spamcop.net
reject_rbl_client cbl.abuseat.org
reject_rbl_client dul.ru
reject_rbl_client dnsbl.abuse.ch
permit

smtpd_helo_restrictions =
permit

smtpd_sender_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_non_fqdn_sender
reject_unknown_sender_domain
permit

smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
defer_unauth_destination

smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_non_fqdn_recipient
reject_unauth_destination
reject_unknown_recipient_domain
reject_unverified_recipient
permit

smtpd_data_restrictions =
permit

smtpd_end_of_data_restrictions =
permit

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname mail.$myhostname localhost.$mydomain localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

#virtual mail box settings

virtual_mailbox_base = /mail
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1024
virtual_uid_maps = static:1024
virtual_gid_maps = static:1024
virtual_transport = dovecot
#virtual_transport = lmtp:unix:private/dovecot-lmtp

smtpd_sasl_auth_enable = yes
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_helo_required = yes
content_filter = scan:[127.0.0.1]:10024

master.cf
#
smtp inet n - y - - smtpd
-o content_filter=scan:[127.0.0.1]:10026

pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o syslog_name=postfix/$service_name
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
postlog unix-dgram n - n - 1 postlogd

uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}

submission inet n - n - - smtpd
-o content_filter=scan:[127.0.0.1]:10026
-o smtpd_tls_security_level=may
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=/var/spool/postfix/private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_local_domain=$myhostname

smtps inet n - n - - smtpd
-o content_filter=scan:[127.0.0.1]:10026
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

127.0.0.1:10027 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8

scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
-o smtp_enforce_tls=no

127.0.0.1:10025 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
  • Вопрос задан
  • 146 просмотров
Подписаться 1 Средний 2 комментария
Пригласить эксперта
Ответы на вопрос 3
mikes
@mikes
Relay access denied

домен получателя точно обслуживается вашим postfix?
Ответ написан
SignFinder
@SignFinder
Wintel\Unix Engineer\DevOps
Ничего странного в логе нет - нормальные ошибки в логе при данном конфиге postfix.
Он просто не настроен на прием входящей почты для какого-то почтового домена.
Ответ написан
@AUser0
Чем больше знаю, тем лучше понимаю, как мало знаю.
А какие у вас $myhostname и $mydomain? Такое ощущение что там совсем не ваш домен, на который вы пишете...
Ответ написан
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Похожие вопросы