Linux
後綴:警告:連接到 127.0.0.1:10023:連接被拒絕,未收到來自外部域的郵件
我有一個 Postfix 伺服器執行了很短的時間,它工作,但我今天不得不重新啟動伺服器,我不再接收來自外部來源的電子郵件:
Jan 23 01:34:44 myservername postfix/smtpd[1055]: connect from db3ehsobe006.messaging.microsoft.com[213.199.154.144] Jan 23 01:34:45 myservername postfix/smtpd[1055]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 01:34:45 myservername postfix/smtpd[1055]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 01:34:46 myservername postfix/smtpd[1055]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 01:34:46 myservername postfix/smtpd[1055]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 01:34:46 myservername postfix/smtpd[1055]: NOQUEUE: reject: RCPT from db3ehsobe006.messaging.microsoft.com[213.199.154.144]: 451 4.3.5 Server configuration problem; from=<MyKnownWorking@EmailAccountOutside> to=<MyAccount@MyDomain.com> proto=ESMTP helo=<db3outboundpool.messaging.microsoft.com>
伺服器正在監聽
port 10023
,但我注意到它只通過 IPv6 監聽:> sudo netstat -a | grep 10023 tcp6 0 0 ip6-localhost:10023 [::]:* LISTEN
我沒有防火牆規則可以拒絕特定埠,地獄,我繼續刷新規則集只是為了確認它。這是我的 postconf -n 的輸出(我編輯了我的域名代替“mydomain.com”:
> sudo postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 disable_vrfy_command = yes inet_interfaces = all inet_protocols = ipv4 mailbox_size_limit = 0 message_size_limit = 0 mydestination = localhost.$mydomain, localhost, mail.mydomain.com, servername.mydomain.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mynetworks_style = host myorigin = /etc/mailname readme_directory = no receive_override_options = no_address_mappings recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = mail.mydomain.com ESMTP $mail_name smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit smtpd_tls_cert_file = /etc/ssl/private/mail.mydomain.com.crt smtpd_tls_key_file = /etc/ssl/private/mail.mydomain.com.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = mysql:/etc/postfix/maps/alias.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/spool/mail/virtual virtual_mailbox_domains = mysql:/etc/postfix/maps/domain.cf virtual_mailbox_limit = 0 virtual_mailbox_maps = mysql:/etc/postfix/maps/user.cf virtual_uid_maps = static:5000
如您所見,我什至試圖通過 inet_protocols 指定它偵聽 ipv4 連接。我已經嘗試過使用和不使用該命令。
任何故障排除幫助將不勝感激!當然,如果您發現我的配置中的任何內容都非常愚蠢,我不會拒絕建議或批評。
您對smtpd_recipient_restrictions的最後一次檢查使用策略服務來驗證收件人。通常這是一個 postgrey 服務,並且 Postfix 連接到它似乎有一些問題。
smtpd_recipient_restrictions = ...,check_policy_service inet:127.0.0.1:10023, permit
如果您從 smtpd_recipient_restrictions 中刪除check_policy_service inet:127.0.0.1:10023,您應該消除錯誤,但您仍然應該確定您的 postgrey 或將在此處執行的其他服務會發生什麼。
在 Unbuntu 系統上檢查 Postgrey
通常,postgrey 預設配置將在埠 10023 上偵聽連接並確定是否應允許或拒絕它們。Unbutu 伺服器上的一些元件,您可以檢查它是否已安裝…
- 你有
/etc/default/postgrey
檔案嗎?這是基本的配置文件。- 你有
/etc/postgrey
文件夾嗎?這是您可以將元素列入白名單的地方。- 當您執行時
> which postgrey
,它會找到二進製文件嗎?我的在/usr/sbin/postgrey
.- 你有
/etc/init.d/postgrey
在啟動時啟動它的腳本嗎?這是 Ubuntu 守護程序的典型位置。這些只會為您提供一些線索,說明該伺服器是否曾經
postgrey
配置過。如果該程序在您的伺服器上未正常執行,您將需要進一步尋找故障排除。