Postfix

電子郵件,由 procmail 轉發,被 Gmail 拒絕

  • November 30, 2015

編輯

讓我們暫時忽略我在下面寫的所有內容並重新提出問題:如果您有自己的域名,並且希望將該域的電子郵件發送到您的 Gmail 收件箱(而不是 Google Apps),會怎麼做?最好只使用 SMTP,不使用 POP3。

原始問題:

  • 我有幾個虛榮域名,其中一個是amedee.be.
  • 我正在使用 Postfix 在 Amazon AWS 主機上執行 Debian 伺服器。
  • 我還安裝了 SpamAssassin,並確認它可以處理最明顯的垃圾郵件。
  • 我正在使用 Procmail 將郵件轉發到 Gmail。
  • 我正在使用 Google 描述的最佳做法:https: //support.google.com/a/answer/175365?hl=en

大多數電子郵件都可以正常到達,這與 ServerFault 建議的類似問題不同,它是全有或全無。但比我想要的更多(大約 20 分之一),我得到這個/var/log/mail.log

Nov 30 15:01:39 ip-172-31-51-67 postfix/smtp[29724]: 4B72563149: 
 to=<amedee.vangasse@gmail.com>, 
 relay=gmail-smtp-in.l.google.com[74.125.22.26]:25, 
 delay=2657, 
 delays=2657/0.2/0.07/0.18, 
 dsn=5.7.1, 
 status=bounced (host gmail-smtp-in.l.google.com[74.125.22.26] said: 
   550-5.7.1 [52.0.177.1037] Our system has detected that this message is 
   550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 
   550-5.7.1 this message has been blocked. Please visit 
   550 5.7.1 https://support.google.com/mail/answer/188131 for more information. 
 y66si45484104qhc.73 - gsmtp (in reply to end of DATA command))

我已經確認它絕對不是垃圾郵件。當相同的郵件直接發送到 Gmail 時,它就會到達。

我不知道這是否是巧合,但是當我將伺服器從 Hetzner 移動到 AWS 時,我開始注意到這一點。我已經使用這個設置好幾年了,只是在過去的 2 個月裡,電子郵件才會失去。奇怪的是,我的新舊伺服器上的 Postfix 和 Procmail 配置是相同的。

其他相關問題提到了 DKIM 和 SPF,我將不得不調查這些字母的含義,但過去我沒有使用過它並且它有效,所以首先我想排除其他明顯的原因。

/etc/postfix/main.cf

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/checks/body_checks
broken_sasl_auth_clients = yes
disable_vrfy_command = yes
header_checks = regexp:/etc/postfix/checks/header_checks
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4
local_destination_concurrency_limit = 1
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0

# If you can't deliver it in two hours - it can't be delivered!
#bounce_queue_lifetime = 2h
#maximal_queue_lifetime = 3h
#queue_run_delay = 3m
#minimal_backoff_time = 5m
#maximal_backoff_time = 10m

message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/checks/mime_header_checks
mydestination =
       styx,
       styx.amedee.be,
       ip-172-31-51-67.ec2.internal,
       localhost.ec2.internal,
       localhost,
       intrepid,
       intrepid.exabyte.be,
       intrepid.amedee.be,
       mail.amedee.be,
       mx.amedee.be,
       localhost.localdomain,
       localhost.amedee.be,
       amedee.be,
       amed.ee,
       vangasse.eu,
       vangas.se,
       dhertefelt.be,
       dhertefe.lt,
       pcrobots.amedee.be,
       nowww.be
mydomain = amedee.be
myhostname = styx.amedee.be
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/8
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = -
relayhost =
smtp_destination_concurrency_limit = 1
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name. All Your Spam Are Belong To Us!
smtpd_client_connection_count_limit = 5
smtpd_client_restrictions =
#       reject_invalid_hostname,
       permit
smtpd_error_sleep_time = 10
smtpd_hard_error_limit = 5
smtpd_helo_required = yes
smtpd_helo_restrictions =
       permit_mynetworks,
       permit_sasl_authenticated,
#       reject_invalid_hostname,
       permit
smtpd_junk_command_limit = 3
smtpd_recipient_restrictions =
       permit_mynetworks,
       permit_sasl_authenticated,
#       reject_invalid_hostname,
       reject_multi_recipient_bounce,
       reject_non_fqdn_recipient,
#       reject_non_fqdn_sender,
       reject_unauth_destination,
       reject_unauth_pipelining,
       reject_unknown_recipient_domain,
       reject_unlisted_recipient,
       permit
smtpd_relay_restrictions =
       permit_mynetworks,
       permit_sasl_authenticated,
       defer_unauth_destination
#smtpd_sasl_auth_enable = yes
#smtpd_sasl_local_domain = $myhostname
#smtpd_sasl_path = private/auth
#smtpd_sasl_security_options = noanonymous
#smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
#       reject_unknown_sender_domain,
       permit
smtpd_soft_error_limit = 2
smtpd_timeout = 120
smtpd_tls_cert_file = /etc/postfix/tls/mail.cert
smtpd_tls_key_file = /etc/postfix/tls/mail.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
#virtual_alias_domains = /etc/postfix/maps/virtual_alias_domains
virtual_alias_maps = hash:/etc/postfix/maps/virtual_alias_maps

/etc/postfix/master.cf

smtp      inet  n       -       -       -       -       smtpd
 -o content_filter=spamassassin
submission inet n       -       -       -       -       smtpd
 -o content_filter=spamassassin
pickup    unix  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
 flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
 flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
 flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
 flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
 flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
 flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
 ${nexthop} ${user}
spamassassin unix -     n       n       -       -       pipe
 user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

/home/amedee/.procmailrc

UMASK=007
PATH=/usr/bin:/usr/local/bin
MAILDIR=$HOME/Maildir
LOGFILE=$HOME/log/procmail.log
SHELL=/bin/bash
VERBOSE=no
SED=/bin/sed

SENDER=`formail -c -x Return-Path`
SENDMAILFLAGS="-oi -f $SENDER"

GMAIL=amedee.vangasse@gmail.com

#From the manpages: prevent duplicate mails
:0 Wh: msgid.lock
| formail -D 8192 msgid.cache

:0
* ^Subject: Undelivered Mail Returned to Sender
/dev/null

:0
* .*
! $GMAIL

我的問題:我需要做什麼才能讓 Gmail 不再退回我轉發的任何合法電子郵件?

編輯:有人將我的問題標記為此問題的重複:如何發送電子郵件並避免將它們歸類為垃圾郵件? 但是我的問題不是關於作為原始發件人發送電子郵件,我的問題是關於轉發由其他人發送的電子郵件。標記也是在我發布我的問題後 2 分鐘完成的,這還不足以完全閱讀它,所以我認為這是對角閱讀的情況。不要難過,我們都想獲得 StackExchange 的聲譽。

我將繼續編輯這個問題,因為我從可疑的重複中解決每個點,直到我毫無理由地證明它不是重複的。

編輯:DNS配置:

* 300 IN A 52.0.177.103
@ 300 IN A 52.0.177.103
styx 300 IN A 52.0.177.103
@ 300 IN MX 1 styx.amedee.be.
@ 300 IN SPF "v=spf1 ip4:52.0.177.103 ptr ?all"
@ 300 IN TXT "v=spf1 ip4:52.0.177.103 ptr ?all"

編輯:根據 mxtoolbox.com,我的反向 DNS 與我的 SMTP 橫幅不匹配。所以我改變了我的 SMTP 橫幅/etc/postfix/main.cf

#smtpd_banner = $myhostname ESMTP $mail_name. All Your Spam Are Belong To Us!
smtpd_banner = ec2-52-0-177-103.compute-1.amazonaws.com

並在 Postfix 重新載入後確認更改:

admin@ip-172-31-51-67:~$ telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 ec2-52-0-177-103.compute-1.amazonaws.com
quit
221 2.0.0 Bye
Connection closed by foreign host.

所以,據我所知, 的反向 DNS52.0.177.103ec2-52-0-177-103.compute-1.amazonaws.com, 的 IP 地址ec2-52-0-177-103.compute-1.amazonaws.com52.0.177.103。不幸的是,我更希望主機名styx.amedee.be和反向 DNS 相同,但我認為這超出了我的控制範圍。

僅 SMTP 無法做到這一點。您必須在您的個人郵件伺服器(例如 Dovecot)上配置 POP3 服務,然後將 Gmail 配置為使用 POP3 獲取郵件。使用任何其他方法,您都有失去電子郵件的風險。

引用自:https://serverfault.com/questions/739778