Sendmail
嘗試發送電子郵件時,Sendmail“連接被 mail.example.com 拒絕”
我試圖讓一個虛擬託管的 PHP 站點在正確填寫並送出該站點的聯繫表時將電子郵件發送到特定的 Gmail 地址。不幸的是,沒有任何東西被發送出去。在
/var/log/mail.log
我有很多這樣的例子:Jul 31 16:38:51 picus sm-mta[28576]: v6SL4xII018234: to=<person@gmail.com>, delay=2+23:33:52, xdelay=00:00:00, mailer=esmtp, pri=38910659, relay=mail.example.com., dsn=4.0.0, stat=Deferred:Connection refused by mail.example.com.
我對處理電子郵件伺服器完全陌生,只是想使用 Sendmail,因為它內置在我正在使用的發行版中並且 Swiftmailer 支持它,所以我不知道如何解決這個問題。
我的
sendmail.mc
文件看起來像:divert(-1)dnl #----------------------------------------------------------------------------- # $Sendmail: debproto.mc,v 8.14.4 2014-10-02 17:54:06 cowboy Exp $ # # Copyright (c) 1998-2010 Richard Nelson. All Rights Reserved. # # cf/debian/sendmail.mc. Generated from sendmail.mc.in by configure. # # sendmail.mc prototype config file for building Sendmail 8.14.4 # # Note: the .in file supports 8.7.6 - 9.0.0, but the generated # file is customized to the version noted above. # # This file is used to configure Sendmail for use with Debian systems. # # If you modify this file, you will have to regenerate /etc/mail/sendmail.cf # by running this file through the m4 preprocessor via one of the following: # * make (or make -C /etc/mail) # * sendmailconfig # * m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf # The first two options are preferred as they will also update other files # that depend upon the contents of this file. # # The best documentation for this .mc file is: # /usr/share/doc/sendmail-doc/cf.README.gz # #----------------------------------------------------------------------------- divert(0)dnl # # Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved. # # This file is used to configure Sendmail for use with Debian systems. # define(`_USE_ETC_MAIL_')dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl VERSIONID(`$Id: sendmail.mc, v 8.14.4-8 2014-10-02 17:54:06 cowboy Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-mta')dnl dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS= dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE dnl # dnl # General defines dnl # dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot() dnl # into this directory before writing files. dnl # If *all* your user accounts are under /home then use that dnl # instead - it will prevent any writes outside of /home ! dnl # define(`confSAFE_FILE_ENV', `')dnl dnl # dnl # Daemon options - restrict to servicing LOCALHOST ONLY !!! dnl # Remove `, Addr=' clauses to receive from any interface dnl # If you want to support IPv6, switch the commented/uncommentd lines dnl # FEATURE(`no_default_msa')dnl dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1')dnl dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea, Addr=::1')dnl DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl dnl # dnl # Be somewhat anal in what we allow define(`confPRIVACY_FLAGS',dnl `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl dnl # dnl # Define connection throttling and window length define(`confCONNECTION_RATE_THROTTLE', `15')dnl define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl dnl # dnl # Features dnl # dnl # use /etc/mail/local-host-names FEATURE(`use_cw_file')dnl dnl # dnl # The access db is the basis for most of sendmail's checking FEATURE(`access_db', , `skip')dnl dnl # dnl # The greet_pause feature stops some automail bots - but check the dnl # provided access db for details on excluding localhosts... FEATURE(`greet_pause', `1000')dnl 1 seconds dnl # dnl # Delay_checks allows sender<->recipient checking FEATURE(`delay_checks', `friend', `n')dnl dnl # dnl # If we get too many bad recipients, slow things down... define(`confBAD_RCPT_THROTTLE',`3')dnl dnl # dnl # Stop connections that overflow our concurrent and time connection rates FEATURE(`conncontrol', `nodelay', `terminate')dnl FEATURE(`ratecontrol', `nodelay', `terminate')dnl dnl # dnl # If you're on a dialup link, you should enable this - so sendmail dnl # will not bring up the link (it will queue mail for later) dnl define(`confCON_EXPENSIVE',`True')dnl dnl # dnl # Dialup/LAN connection overrides dnl # include(`/etc/mail/m4/dialup.m4')dnl include(`/etc/mail/m4/provider.m4')dnl dnl # dnl # Default Mailer setup MAILER_DEFINITIONS MAILER(`local')dnl MAILER(`smtp')dnl dnl # Masquerading options FEATURE(`always_add_domain')dnl MASQUERADE_AS(`debian')dnl FEATURE(`allmasquerade')dnl FEATURE(`masquerade_envelope')dnl
但是,我認為這可能是 DNS 問題,因為我無法通過埠 25 上的 telnet 連接到伺服器。該埠似乎在我的 iptables 中打開:
$ sudo iptables -L -nv --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- * * 46.7.84.73 0.0.0.0/0 2 4047 304K fail2ban-ssh-ddos tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22 3 4926 376K fail2ban-recidive tcp -- * * 0.0.0.0/0 0.0.0.0/0 4 4048 304K fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22 5 213 26142 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 6 0 0 REJECT all -- !lo * 127.0.0.0/8 0.0.0.0/0 reject-with icmp-port-unreachable 7 2 60 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW icmptype 8 8 26 1456 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW 9 14 816 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW 10 16 932 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 state NEW 11 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 state NEW 12 4 240 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 state NEW 13 4903 378K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 14 114 7692 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables_INPUT_denied: " 15 130 13980 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- * * 46.7.84.73 0.0.0.0/0 2 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables_FORWARD_denied: " 3 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 129 packets, 11501 bytes) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 2 105 15686 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 Chain fail2ban-recidive (1 references) num pkts bytes target prot opt in out source destination 1 4926 376K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fail2ban-ssh (1 references) num pkts bytes target prot opt in out source destination 1 10 1276 REJECT all -- * * 91.197.232.103 0.0.0.0/0 reject-with icmp-port-unreachable 2 4038 303K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
結果
$ netstat -tan | grep LISTEN | grep 127.0.0.1 | sort
是:tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp6 0 0 :::443 :::* LISTEN tcp6 0 0 :::80 :::* LISTEN
但結果
$ netstat -tan | grep 25
是tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
它沒有出現在第一組中是有原因的嗎?
我已經確定這個問題確實是一個程式問題,特別是 Swiftmailer。我伺服器上的其他服務(OSSEC、fail2ban)發送電子郵件沒有問題,當通過 Symfony 控制台訪問時,我什至可以使用 Swiftmailer 成功發送電子郵件。只有當我的控制器程式碼創建一封電子郵件並將其發送到郵件假離線時,才會出現問題。
為此,我將回答/關閉這個問題。如果有人足夠了解 Swiftmailer 可以幫助我,我在 Stack Overflow 上有一篇關於它的文章。