Email

Postfix:虛擬使用者收不到外部郵件

  • August 3, 2016

我是後綴的新手。發送電子郵件工作正常,但我無法接收外部電子郵件。ERR:找不到使用者。這是我的配置。怎麼了?

系統

Centos7.1 x64(Conoha 的鏡像)

軟體

postfix 3.1.1(自己編譯)

make makefiles shared=yes shlib_directory=/usr/local/lib/postfix/3.1.1 dynamicmaps=yes 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\" ' 'AUXLIBS_MYSQL=-L/usr/lib64/mysql -lmysqlclient -lz -lm' 

鴿舍 2.2.10 (yum)

賽勒斯-sasl 2.1.26(yum)

賽勒斯-imapd * 2.4.17(百勝)

postfixadmin 2.93(從 sf.net 下載)

MariaDB 10.1.16(百勝)

nginx 1.6.3(百勝)

php (yum,禁用了一些危險功能)

網路

使用 mydomain123.com 而不是真正的域名。

使用 123.123.123.123 代替真實 ip。

專用網路

192.168.0.1 (255.255.248.0)

10.0.0.1 (255.255.248.0)

公共網路

123.123.123.123 (255.255.254.0)(使用 PTR:mydomain.com)

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 123-123-123-123
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 123-123-123-123

主機名 123-123-123-123

開放埠

公共 110/tcp 80/tcp 143/tcp 995/tcp 25/tcp 993/tcp 443/tcp 587/tcp 8025/tcp(後綴管理員)

私人所有

域名&DNS

使用 mydomain123.com 而不是真正的域名。

使用 123.123.123.123 代替真實 ip。

mydomain123.com

@A 123.123.123.123

@MX mail.mydomain123.com

www A 123.123.123.123

郵件 A 123.123.123.123

彈出 A 123.123.123.123

pop3 一個 123.123.123.123

imap A 123.123.123.123

smtp A 123.123.123.123

使用者

groupadd -g 5000 vmail

useradd -g vmail -u 5000 -s /sbin/nologin vmail

其他預設。

/etc/postfix/main.cf

compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.mydomain123.com
mydomain = mydomain123.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
local_recipient_maps =
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtpd_banner = $myhostname ESMTP unknow
debug_peer_level = 2
debugger_command =
    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
    ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
smtputf8_enable = no
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_sender_domain
smtpd_sasl_security_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps =
  proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
  proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
  proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps =
  proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
  proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
meta_directory = /etc/postfix
shlib_directory = /usr/local/lib/postfix/${mail_version}

/etc/postfix/master.cf

smtp      inet  n       -       n       -       -       smtpd
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
dovecot   unix  -       n       n       -       -       pipe
 flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}

/etc/postfix/sql/mysql_virtual_alias_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

/etc/postfix/sql/mysql_virtual_domains_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'

/etc/postfix/sql/mysql_virtual_mailbox_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'

/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u','@',alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'

/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

/etc/dovecot/dovecot.conf

# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-327.22.2.el7.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core)  
#log_path = /var/log/dovecot.log
#info_log_path = /var/log/dovecot-info.log
protocols = imap pop3

listen = *

!include conf.d/*.conf

passdb {

 driver = sql

 args = /etc/dovecot/dovecot-sql.conf.ext

}

userdb {

 driver = static

 args = uid=5000 gid=5000 home=/home/vmail/%d/%n

}

#debug log

auth_debug_passwords=yes

mail_debug=yes

auth_verbose=yes

auth_verbose_passwords=plain

/etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no
auth_mechanisms = plain login cram-md5
!include auth-system.conf.ext

/etc/dovecot/conf.d/10-ssl.conf

ssl = no

/etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:/home/vmail/%d/%n/Maildir
namespace inbox {
 inbox = yes
}
mbox_write_locks = fcntl

/etc/dovecot/conf.d/10-logging.conf

log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
debug_log_path = /var/log/dovecot-debug.log
plugin {
}

/etc/dovecot/conf.d/10-master.conf

service imap-login {
 inet_listener imap {
   port = 143
 }
 inet_listener imaps {
 }
}
service pop3-login {
 inet_listener pop3 {
   port = 110
 }
 inet_listener pop3s {
 }
}
service lmtp {
 unix_listener lmtp {
 }
}
service imap {
}
service pop3 {
}
service auth {
 unix_listener auth-userdb {
   mode = 0600
   user = vmail
   group = vmail
 }
 unix_listener /var/spool/postfix/private/auth {
   mode = 0666
   user = postfix
 }
}
service auth-worker {
}
service dict {
 unix_listener dict {
 }
}

/etc/dovecot/conf.d/15-lda.conf

postmaster_address = postmaster@mydomain123.com
protocol lda {
}

/etc/dovecot/dovecot-sql.conf.ext

driver = mysql
connect = host=localhost dbname=mymaildb user=mymaildb password=mypassword
userdb_warning_disable=yes
#postfixadmin
default_pass_scheme = MD5-CRYPT
password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
user_query = SELECT CONCAT('/home/vmail/', maildir) AS home, 5000 AS uid, 5000 AS gid, CONCAT('*:bytes=', quota) as quota_rule FROM mailbox WHERE username = '%u' AND active='1'

postfixadmin config.inc.php

<?php

$CONF['configured'] = true;
$CONF['setup_password'] = 'mypasswordhash';
$CONF['default_language'] = 'en';
$CONF['language_hook'] = '';

$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'mymaildb';
$CONF['database_password'] = 'mypassword';
$CONF['database_name'] = 'mymaildb';
$CONF['database_prefix'] = '';
$CONF['database_tables'] = array (
   'admin' => 'admin',
   'alias' => 'alias',
   'alias_domain' => 'alias_domain',
   'config' => 'config',
   'domain' => 'domain',
   'domain_admins' => 'domain_admins',
   'fetchmail' => 'fetchmail',
   'log' => 'log',
   'mailbox' => 'mailbox',
   'vacation' => 'vacation',
   'vacation_notification' => 'vacation_notification',
   'quota' => 'quota',
   'quota2' => 'quota2',
);
$CONF['admin_email'] = '';
$CONF['smtp_server'] = 'localhost';
$CONF['smtp_port'] = '25';
$CONF['encrypt'] = 'dovecot:CRAM-MD5';
$CONF['authlib_default_flavor'] = 'md5raw';
$CONF['dovecotpw'] = "/usr/bin/doveadm pw";
$CONF['password_validation'] = array(
#    '/regular expression/' => '$PALANG key (optional: + parameter)',
   '/.{5}/'                => 'password_too_short 5',      # minimum length 5 characters
   '/([a-zA-Z].*){3}/'     => 'password_no_characters 3',  # must contain at least 3 characters
   '/([0-9].*){2}/'        => 'password_no_digits 2',      # must contain at least 2 digits
);
$CONF['generate_password'] = 'NO';
$CONF['show_password'] = 'NO';
$CONF['page_size'] = '10';
$CONF['default_aliases'] = array (
   'abuse' => 'abuse@mydomain123.com',
   'hostmaster' => 'hostmaster@mydomain123.com',
   'postmaster' => 'postmaster@mydomain123.com',
   'webmaster' => 'webmaster@mydomain123.com'
);
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['maildir_name_hook'] = 'NO';

$CONF['admin_struct_hook']          = '';
$CONF['domain_struct_hook']         = '';
$CONF['alias_struct_hook']          = '';
$CONF['mailbox_struct_hook']        = '';
$CONF['alias_domain_struct_hook']   = '';
$CONF['fetchmail_struct_hook']      = '';
$CONF['aliases'] = '1000';
$CONF['mailboxes'] = '1000';
$CONF['maxquota'] = '1000';
$CONF['domain_quota_default'] = '2048';
$CONF['quota'] = 'YES';
$CONF['domain_quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
$CONF['transport'] = 'NO';
$CONF['transport_options'] = array (
   'virtual',  // for virtual accounts
   'local',    // for system accounts
   'relay'     // for backup mx
);
$CONF['transport_default'] = 'virtual';
$CONF['vacation'] = 'NO';
$CONF['vacation_domain'] = 'autoreply.mydomain123.com';
$CONF['vacation_control'] ='YES';
$CONF['vacation_control_admin'] = 'YES';
$CONF['vacation_choice_of_reply'] = array (
  0 => 'reply_once',        // Sends only Once the message during Out of Office
  # considered annoying - only send a reply on every mail if you really need it
  # 1 => 'reply_every_mail',       // Reply on every email
  60*60 *24*7 => 'reply_once_per_week'        // Reply if last autoreply was at least a week ago
);
$CONF['alias_control'] = 'YES';
$CONF['alias_control_admin'] = 'YES';
$CONF['special_alias_control'] = 'NO';
$CONF['alias_goto_limit'] = '0';
$CONF['alias_domain'] = 'YES';
$CONF['backup'] = 'NO';
$CONF['sendmail'] = 'YES';
$CONF['logging'] = 'YES';
$CONF['fetchmail'] = 'NO';
$CONF['fetchmail_extra_options'] = 'NO';
$CONF['show_header_text'] = 'NO';
$CONF['header_text'] = ':: Postfix Admin ::';
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to mydomain123.com';
$CONF['footer_link'] = 'mydomain123.com';
$CONF['motd_user'] = '';
$CONF['motd_admin'] = '';
$CONF['motd_superadmin'] = '';
$CONF['welcome_text'] = <<<EOM
Hi,
Welcome to your new account.
EOM;
$CONF['emailcheck_resolve_domain']='YES';
$CONF['show_status']='YES';
$CONF['show_status_key']='YES';
$CONF['show_status_text']='  ';
$CONF['show_undeliverable']='YES';
$CONF['show_undeliverable_color']='tomato';
$CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext");
$CONF['show_popimap']='YES';
$CONF['show_popimap_color']='darkgrey';
$CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext");
$CONF['show_custom_colors']=array("lightgreen","lightblue");
$CONF['recipient_delimiter'] = "";
$CONF['mailbox_postcreation_script'] = '';
$CONF['mailbox_postedit_script'] = '';
$CONF['mailbox_postdeletion_script'] = '';
$CONF['domain_postcreation_script'] = '';
$CONF['domain_postdeletion_script'] = '';
$CONF['create_mailbox_subdirs'] = array();
$CONF['create_mailbox_subdirs_host']='localhost';
$CONF['create_mailbox_subdirs_prefix']='INBOX.';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'YES';
$CONF['create_mailbox_subdirs_hostoptions'] = array('');
$CONF['theme_logo'] = 'images/logo-default.png';
$CONF['theme_css'] = 'css/default.css';
$CONF['theme_custom_css'] = '';
$CONF['xmlrpc_enabled'] = false;
if (file_exists(dirname(__FILE__) . '/config.local.php')) {
   include(dirname(__FILE__) . '/config.local.php');
}
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

/var/log/maillog$$ NO errors $$

localhost postfix/smtpd[31623]: 1077ADEA2: client=unknown[myip], sasl_method=CRAM-MD5, sasl_username=test1@mydomain123.com
localhost postfix/smtpd[31623]: disconnect from unknown[myip] ehlo=1 auth=1 mail=1 rcpt=1 quit=1 unknown=0/1 commands=5/6

/var/log/dovecot.log$$ NO errors while sending an email,but… $$

auth: Fatal: master: service(auth): child 30172 killed with signal 11 (core dumped)
lda: Error: userdb lookup(test1@mydomain123.com): Disconnected unexpectedly
lda: Fatal: Internal error occurred. Refer to server log for more information.
auth: Fatal: master: service(auth): child 30757 killed with signal 11 (core dumped)
auth: Fatal: master: service(auth): child 30976 killed with signal 11 (core dumped)
lda: Error: userdb lookup(test1@mydomain123.com): Disconnected unexpectedly
08:18:07 lda: Fatal: Internal error occurred. Refer to server log for more information.
lda: Error: userdb lookup(test1@mydomain123.com): Disconnected unexpectedly
lda: Fatal: Internal error occurred. Refer to server log for more information.
auth: Fatal: master: service(auth): child 31229 killed with signal 11 (core dumped)

/var/log/dovecot-info.log$$ NO errors $$

Aug 02 10:22:24 aauth-worker(31671): Info: passwd(test1@mydomain123.com,myip): unknown user 
Aug 02 10:22:24 imap-login: Info: Login: user=<test1@mydomain123.com>, method=CRAM-MD5, rip=myip, lip=123.123.123.123, mpid=31673, session=<my session>

/var/log/dovecot-debug.log$$ NO errors,BASE64 decoded $$

auth: Debug: auth client connected (pid=0)
auth: Debug: client in: AUTH    1   CRAM-MD5    service=smtp    nologin lip=123.123.123.123 rip=myip
auth: Debug: client passdb out: CONT    1   <2224380703338822.1470101122@123.123.123.123>
auth: Debug: client in: CONT    1   test1@mydomain123.com [some hash..] (previous base64 data may contain sensitive data)
auth: Debug: password(test1@mydomain123.com,myip): passdb doesn't support credential lookups
auth-worker(31687): Debug: Loading modules from directory: /usr/lib64/dovecot/auth
auth-worker(31687): Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_mysql.so
auth-worker(31687): Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
auth-worker(31687): Debug: sql(test1@mydomain123.com,myip): query: SELECT username AS user,password FROM mailbox WHERE username = 'test1@mydomain123.com' AND active='1'
auth: Debug: password(test1@mydomain123.com,myip): Credentials: [some hash]
auth: Debug: client passdb out: OK  1   user=test1@mydomain123.com

SQL 日誌$$ NO errors, but no query about mailbox.Why??? $$

/usr/sbin/mysqld, Version: 10.1.16-MariaDB (MariaDB Server). started with:
   Tcp port: 0  Unix socket: (null)
   Time                 Id Command    Argument
           2 Connect   mymaildb@localhost as anonymous on mymaildb
               2 Query SELECT username AS user,password FROM mailbox WHERE username = 'test1@mydomain123.com' AND active='1'
               3 Connect   mymaildb@localhost as anonymous on mymaildb
               3 Query SELECT goto FROM alias WHERE address='mydomain123.com' AND active = '1'
               4 Connect   mymaildb@localhost as anonymous on mymaildb
               4 Query SELECT domain FROM domain WHERE domain='mydomain123.com' AND active = '1'
               3 Query SELECT goto FROM alias WHERE address='test1@mydomain123.com' AND active = '1'
               3 Query SELECT goto FROM alias WHERE address='test1@mydomain123.com' AND active = '1'

SQL 日誌(發給 root 的 OK 電子郵件)

5 Connect   mymaildb@localhost as anonymous on mymaildb
           5 Query SELECT goto FROM alias WHERE address='mydomain123.com' AND active = '1'
           6 Connect   mymaildb@localhost as anonymous on mymaildb
           6 Query SELECT domain FROM domain WHERE domain='mydomain123.com' AND active = '1'
           7 Connect   mymaildb@localhost as anonymous on mymaildb
           7 Query SELECT username AS user,password FROM mailbox WHERE username = 'test1@mydomain123.com' AND active='1'
           7 Quit  

           5 Query SELECT goto FROM alias WHERE address='root@localhost' AND active = '1'
           8 Connect   mymaildb@localhost as anonymous on mymaildb
           8 Query SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = 'localhost' and alias.address = CONCAT('root', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
           9 Connect   mymaildb@localhost as anonymous on mymaildb
           9 Query SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = 'localhost' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
           5 Query SELECT goto FROM alias WHERE address='root' AND active = '1'
           5 Query SELECT goto FROM alias WHERE address='@localhost' AND active = '1'
           9 Query SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = 'localhost' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
           5 Query SELECT goto FROM alias WHERE address='localhost' AND active = '1'
           6 Query SELECT domain FROM domain WHERE domain='localhost' AND active = '1'

           8 Quit  
           6 Quit  
           9 Quit  
           5 Quit  

從您的情況來看/var/log/dovecot.log,您的lda(本地送貨代理)無法從數據庫中查找收件人姓名。所以,可能,你的問題是SQL相關的。我還看到您正在使用anonymous使用者進行查找(順便說一句,這是不好的做法)。因此,首先您需要確保anonymous允許使用者執行所有必需的查詢。您也可以檢查SQL伺服器日誌是否有錯誤並將其發佈在此處(如果有)。

引用自:https://serverfault.com/questions/793150