Debian
帶有 Gsuite / Gmail 中繼的 Postfix 無法正常工作
我是伺服器管理員的新手,並嘗試使用 GSUITE 使用者作為發件人從我的伺服器發送電子郵件
我閱讀了很多教程(包括在 Google Compute Engine 實例中配置後綴以使用 Google Apps SMTP 中繼),但我對 EHLO / TLS / …
我只想 :
從伺服器發送電子郵件:
- 託管在MY_HOST_NAME.COM
- 使用 IP 地址MY_HOST_IP
- 使用主機名MY_HOST_NAME
使用 gsuite 域MY_GSUITE_DOMAIN.COM
到目前為止,我有:
- 在 /etc/postfix/sasl/sasl_passwd 中輸入我的 SMTP 憑據並生成一個 sasl_passwd.db 文件
- 按照google doc配置 Gsuite SMTP 中繼選項
- 允許來自我的 Gsuite 域的使用者
- 要求 smtp 身份驗證
- 不需要 TLS 身份驗證
我的後綴配置 /etc/postifx/main.cf 如下:
myorigin = /etc/mailname ## FILE CONTAINS ONLY MY_HOST_NAME biff = no readme_directory = no compatibility_level = 2 smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd myhostname = MY_HOST_NAME.COM alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = $myhostname, MY_GSUITE_DOMAIN.COM, localhost fallback_transport = relay relayhost = [smtp-relay.gmail.com]:587 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = loopback-only inet_protocols = ipv4
我嘗試使用 sendmail 命令發送測試電子郵件:
echo "Subject: sendmail test " | sendmail -v john@johncompany.com
…並在 /var/log/mail.log 中不斷收到相同的錯誤:
Sep 19 11:06:18 MY_HOST_NAME postfix/pickup[22443]: B40A61D4FD0: uid=0 from=<root> Sep 19 11:06:18 MY_HOST_NAME postfix/cleanup[9353]: B40A61D4FD0: message-id=<20190919090618.B40A61D4FD0@**MY_SERVER_HOST.COM**> Sep 19 11:06:18 MY_HOST_NAME postfix/qmgr[22444]: B40A61D4FD0: from=<root@**MY_GSUITE_DOMAIN.COM**>, size=275, nrcpt=1 (queue active) Sep 19 11:06:18 MY_HOST_NAME postfix/smtp[9355]: B40A61D4FD0: to=<JOHN@JOHNCOMPANY.COM>, relay=smtp-relay.gmail.com[173.194.76.28]:587, delay=0.23, delays=0.03/0.01/0.08/0.11, dsn=5.7.1, status=bounced (host smtp-relay.gmail.com[173.194.76.28] said: 550-5.7.1 Invalid credentials for relay [**MY_SERVER_IP**]. The IP address you've 550-5.7.1 registered in your G Suite SMTP Relay service doesn't match domain of 550-5.7.1 the account this email is being sent from. If you are trying to relay 550-5.7.1 mail from a domain that isn't registered under your G Suite account 550-5.7.1 or has empty envelope-from, you must configure your mail server 550-5.7.1 either to use SMTP AUTH to identify the sending domain or to present 550-5.7.1 one of your domain names in the HELO or EHLO command. For more 550-5.7.1 information, please visit 550 5.7.1 https://support.google.com/a/answer/6140680#invalidcred d13sm115728wrp.67 - gsmtp (in reply to MAIL FROM command)) Sep 19 11:06:18 MY_HOST_NAME postfix/cleanup[9353]: EE3691D4FD2: message-id=<20190919090618.EE3691D4FD2@**MY_SERVER_HOST.COM**> Sep 19 11:06:18 MY_HOST_NAME postfix/qmgr[22444]: EE3691D4FD2: from=<>, size=3661, nrcpt=1 (queue active) Sep 19 11:06:18 MY_HOST_NAME postfix/bounce[9368]: B40A61D4FD0: sender non-delivery notification: EE3691D4FD2 Sep 19 11:06:18 MY_HOST_NAME postfix/cleanup[9353]: EF93A1D4FCA: message-id=<20190919090618.EF93A1D4FCA@**MY_SERVER_HOST.COM** > Sep 19 11:06:18 MY_HOST_NAME postfix/bounce[9369]: B40A61D4FD0: sender delivery status notification: EF93A1D4FCA
錯誤出現在myorigin 參數中:它必須是MY_GSUITE_DOMAIN.COM才能擁有正確的發件人而不是主機。
所以穀歌錯誤在這裡有點誤導。
另外不要忘記降低 gsuite 帳戶中安全性較低的應用程序:https: //support.google.com/a/answer/6260879?hl= fr
對於像我這樣想要使用 php 從 gsuite 電子郵件帳戶發送的人,不要忘記:
- 在 php.ini 中或直接在 php 腳本中指定發件人(在 php 郵件或其他任何內容中)
- 在 php.ini 中定義 sendmail 命令的正確位置
…並為您的發行版使用 /var/log/mail.log 或類似工具進行調試。
到目前為止,我在 postfix / gsuite 設置上找到的最好的教程是這個:https ://www.linode.com/docs/email/postfix/configure-postfix-to-send-mail-using-gmail-and -google-apps-on-debian-or-ubuntu/
(我跳過了應用程序密碼部分)