Am o problemă cu serverul postfix pe care îl administrez.
Serverul a funcționat bine de peste 4 ani, dar recent am o problemă cu el.
Unele mesaje de e-mail sunt livrate pe serverul „meu” de multe ori. Aceste mesaje multiplicate vin de la niște furnizori mari, cum ar fi Amazon ses sau zoho mail.
Am găsit un fir similar pe forumul zoho, dar se termină cu un mesaj privat către administratorii zoho și nu văd cum se termină această poveste.
Se pare că serverul expeditorului nu știe că mesajul a fost livrat și îl repetă de multe ori, iar fiecare mesaj repetat este livrat provocând un fel de inundație.
Credeam că are legătură cu lista gri, dar Amazon ses este pe lista albă...
Cred că â serverul meu '' Postfix nu confirmă „suficient” livrarea mesajului, iar expeditorul o repetă. Configurația pe serverul "meu '' nu s-a schimbat recent. Nu am idee unde să caut problema... postfix în sine, postgrey sau altceva. Aș fi recunoscător pentru orice ajutor.
Configurația mea:
main.cf (fără linii hashed):
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = nu
append_dot_mydomain = nr
readme_directory = nr
compatibility_level = 2
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = da
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
myhostname = <ascuns>
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost
relayhost =
rețelele mele = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
cutie_poștală_size_limit = 0
destinatar_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_domains = proxy:mysql:/etc/postfix/mysql-virtual_alias_domains.cf
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, proxy:mysql :/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
smtpd_sasl_auth_enable = da
broken_sasl_auth_clients = da
smtpd_sasl_authenticated_header = da
smtpd_restriction_classes = listare gri
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf, check_policy_service unix:private/quota -stare
smtpd_tls_security_level = mai
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = proxy:mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $virtual_uid_maps $virtual_gid_maps $smtpd_client_restrictions $smtpd_sender_restrictions $smtpd_recipient_restrictions $smtp_sasl_password_maps $sender_dependent_relayhost_maps
smtpd_helo_required = da
smtpd_helo_restrictions = permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc_list_postfix, permit_reject_unknown_helo_, reject_invalid_helo_hostname
smtpd_sender_restrictions = permit_mynetworks, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unlisted_sender
smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_pipelinunauth permis
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = porumbel
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
proprietar_request_special = nr
smtp_tls_security_level = dane
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = porumbel
smtpd_sasl_path = private/auth
limită_dimensiune_mesaj = 0
smtpd_milters = inet:localhost:11332
non_smtpd_milters = inet:localhost:11332
milter_protocol = 6
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept
smtpd_etrn_restrictions = permit_mynetworks, respinge
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permis
smtpd_tls_mandatory_ciphers = mediu
tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHACHA256-GCM-SHACHA384:-ECDSA-SHA384: ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-ECHAES128-ECHA28 SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-AES256-SHA:ECDHE:-56 DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-GCM-SHA256:AES128-SHA256
tls_preempt_cipherlist = da
address_verify_negative_refresh_time = 60s
enable_original_recipient = nr
smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
address_verify_sender_ttl = 15686s
smtp_dns_support_level = dnssec
smtpd_reject_unlisted_sender = nr
sender_dependent_relayhost_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender-relayhost.cf
smtp_sasl_password_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender-relayauth.cf, texthash:/etc/postfix/sasl_passwd
smtp_sender_dependent_authentication = da
smtp_sasl_auth_enable = da
smtp_sasl_security_options = noanonymous, noplaintext
smtp_sasl_tls_security_options = noanonymous
authorized_flush_users =
authorized_mailq_users = nagios, icinga
smtpd_discard_ehlo_keyword_address_maps = cidr:/etc/postfix/esmtp_access
content_filter = amavis:[127.0.0.1]:10024
smtpd_proxy_options = speed_adjust
şi maestru.cf
smtp inet n - n - - smtpd
depunerea inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=criptare
-o smtpd_sasl_auth_enable=da
-o smtpd_reject_unlisted_recipient=nu
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINARE
-o content_filter=amavis:[127.0.0.1]:10026
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=da
-o smtpd_sasl_auth_enable=da
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o milter_macro_daemon_name=ORIGINARE
pickup unix n - n 60 1 pickup
curatare unix n - n - 0 curatare
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rescrie unix - - n - - trivial-rescriere
bounce unix - - n - 0 bounce
amână unix - - n - 0 săritură
trace unix - - n - 0 săritură
verifica unix - - n - 1 verifica
spălați Unix n - n 1000? 0 culoare
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
releu unix - - n - - smtp
showq unix n - n - - showq
eroare unix - - n - - eroare
reîncercați Unix - - n - - eroare
arunca unix - - n - - arunca
unix local - n n - - local
unix virtual - n n - - virtual
lmtp unix - - n - - lmtp
nicovală unix - - n - 1 nicovală
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extensie} ${destinatar} ${user} ${nexthop} ${sender}
uucp unix - n n - - conductă
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($destinatar)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($destinatar)
bsmtp unix - n n - - conductă
steaguri=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $destinatar
scalemail-backend unix - n n - 2 conducte
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
porumbel unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
amavis unix - - n - 2 smtp
-o syslog_name=postfix/amavis
-o smtp_data_done_timeout=120
-o smtp_send_xforward_command=da
-o smtp_bind_address=
127.0.0.1:10025 inet n - n - - smtpd
-o syslog_name=postfix/10025
-o content_filter=
-o local_recipient_maps=
-o hărți_releu_destinatar=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=da
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtp_send_xforward_command=da
-o disable_dns_lookups=da
127.0.0.1:10027 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o hărți_releu_destinatar=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=da
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtp_send_xforward_command=da
-o milter_default_action=accept
-o milter_macro_daemon_name=ORIGINARE
-o disable_dns_lookups=da
Jurnalele:
31 mai 13:41:12 webh postgrey[2921214]: action=pass, motiv=triplet găsit, client_name=<hidden>, client_address=<hidden>, sender=<hidden>, recipient=<hidden>
31 mai 13:41:12 webh postfix/smtpd[2983539]: DF3A613F931: client=<ascuns>
31 mai 13:41:13 webh postfix/cleanup[2984139]: DF3A613F931: message-id=<ascuns>
31 mai 13:43:15 webh postfix/qmgr[2932048]: DF3A613F931: from=<hidden>, size=21379, nrcpt=1 (coada activă)
31 mai 13:43:15 webh postfix/smtpd[2983539]: deconectați-vă de la <hidden> ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
31 mai 13:43:15 webh porumbel: lda(<ascuns>)<2985193><WrCwN1P/lWLpjC0A/liSRw>: sieve: msgid=<hidden>: stored mail into mailbox 'INBOX'
31 mai 13:43:15 webh postfix/pipe[2985192]: DF3A613F931: to=<hidden>, orig_to=<hidden>, relay=dovecot, delay=124, delays=124/0.03/0/0.08, ds=2.0 .0, stare=trimis (livrat prin serviciul porumbel)
31 mai 13:43:15 webh postfix/qmgr[2932048]: DF3A613F931: eliminat
