Php
Postfix/OpenDKIM 未簽名 PHP 發送的電子郵件
我們為電子郵件安全/可驗證性安裝了 SPF、DKIM 和 DMARC 記錄。
當通過控制台或郵件客戶端(如 Outlook 或 Mac 的 Mail)發送時,它會完全處理並通過所有三個通道。
當通過 Zend Framework 1.12 的 SendMail 函式發送它失敗 (php)。
我們是否在某些時候錯過了配置 php 電子郵件的簽名?我們要查看什麼文件?還是必須有不同的安裝/附加組件?
我們在 Cent OS 6 上使用 OpenDKIM 和 Postfix
後綴 -n 結果:
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man milter_default_action = accept milter_protocol = 2 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, www.$mydomain, ftp.$mydomain mydomain = example.com myhostname = server1.example.com mynetworks = 127.0.0.0/32 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix non_smtpd_milters = queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_milters = inet:localhost:8891 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/mail.example.com.crt smtpd_tls_key_file = /etc/pki/tls/private/mail.example.com.key smtpd_tls_loglevel = 1 smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_transport = dovecot
這是我從 Port25 電子郵件檢查器得到的結果。除了 zend 時缺少 DKIM 之外,一切都是一樣的。
非 Zend 正常標頭: DKIM 簽名
Return-Path: <darius@example.com> Received: from server1.example.com (123.123.123.123 (my server ip)) by verifier.port25.com id hrh7ri20i3gm for <check-auth@verifier.port25.com>; Thu, 12 Feb 2015 02:01:13 -0500 (envelope-from <darius@example.com>) Authentication-Results: verifier.port25.com; spf=pass smtp.mailfrom=darius@example.com Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) header.From=darius@example.com Authentication-Results: verifier.port25.com; dkim=pass (matches From: darius@example.com) header.d=example.com Authentication-Results: verifier.port25.com; sender-id=pass header.From=darius@example.com Received: from [111.111.1.111] (cpe-11-11-111-111.socal.res.rr.com [76.94.200.240]) by server1.example.com (Postfix) with ESMTPSA id 33F233800A9 for <check-auth@verifier.port25.com.>; Wed, 11 Feb 2015 23:01:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=example.com; s=default; t=1423724471; bh=qMnrIAg7afoneBTtI0hU9OrDkqChYZOD1f4AUvZtdGw=; h=From:Subject:Date:To; b=g4lXm/vQ54wq/B0fCAf/U3Hj3hi2N2jojst+5lURCfykwhvzjqCm/Z5VGz3rcu MoZCfxEkCI4OyQqW2kch93h93h93j3kbuCg3Pehl2WlgoLJy2S8CMR68ygNU52+P88 IG/vq2YShK6ctLUxRq4O79IYzKcInRiXuWOtuV3A= From: Darius <darius@example.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Give me a test result. Thank you. Message-Id: <68D428E0-84CD-46EC-B326-2FC15BE565AE@example.com> Date: Wed, 11 Feb 2015 23:01:00 -0800 To: check-auth@verifier.port25.com. Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\)) X-Mailer: Apple Mail (2.2070.6)
這是標題結果的 Zend 版本: 沒有DKIM 簽名
Return-Path: <apache@example.com> Received: from server1.example.com (xxx.xxx.xxx.xxx (my server ip)) by verifier.port25.com id hr9du620i3gl for <check-auth-darius=example.com@verifier.port25.com>; Tue, 10 Feb 2015 14:28:35 -0500 (envelope-from <apache@example.com>) Authentication-Results: verifier.port25.com; spf=pass smtp.mailfrom=apache@example.com Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) header.From=noreply@example.com Authentication-Results: verifier.port25.com; dkim=neutral (message not signed) Authentication-Results: verifier.port25.com; sender-id=pass header.From=noreply@example.com Received: by server1.example.com (Postfix, from userid 500) id 08E073800AA; Tue, 10 Feb 2015 11:28:25 -0800 (PST) To: check-auth-darius=example.com@verifier.port25.com Subject: mydomain Test X-PHP-Originating-Script: 5004:Sendmail.php From: mydomain Test <noreply@example.com> Date: Tue, 10 Feb 2015 11:28:24 -0800 Content-Type: multipart/alternative; boundary="=_af78e87ff18206603cb724d073777150" MIME-Version: 1.0 Message-Id: <20150210192825.08E073800AA@server1.example.com>
當通過控制台或郵件客戶端(如 Outlook 或 Mac 的 Mail)發送時,它會完全處理並通過所有三個通道。
此行為是預期的,因為您將此配置放置在
main.cf
smtpd_milters = inet:localhost:8891
當通過 Zend Framework 1.12 的 SendMail 函式發送它失敗 (php)。
這種行為也是意料之中的,因為您將此配置放置在
main.cf
non_smtpd_milters =
解釋
預設情況下,OpenDKIM 通過milter與 postfix 結合使用。啟用/禁用 milter 應用程序由
smtpd_milters
和non_smtpd_milters
參數控制。對於通過 smtpd 發送郵件的應用,對應參數為smtpd_milters
,對於 sendmail,對應參數為non_smtpd_milters
解決方案
替換
non_smtpd_milters =
為non_smtpd_milters = inet:localhost:8891