昨天晚上我运行postfix reload后,今天早上ERP报告说192.168.0.37这台服务器无法发送邮件,经确认提示日志如下:

 

Feb 23 23:32:45 mail-bk postfix/smtpd[2799]: NOQUEUE: reject: RCPT from xmerp.test.com[192.168.0.37]: 554 5.7.1 <xmerp.test.com[192.168.0.37]>: Client host rejected: Access denied; from=<hufy@test.com> to=<joe@test.com> proto=ESMTP helo=<xmerp>

 

确认以上日志为客户机访问拒绝,无中继的权限。

1、检查mynetworks是否有列出192.168.0.37这台服务器。

经确认存在。(这里有异常,等下在说,但现在我们就认是正常的)

 

2.检查POSTFIX中的几个restriction确认是否有存在permit_mynetworks列出。

smtpd_restriction_classes=allow_send_alluser,only_send_localdomain
allow_send_alluser = check_sender_access hash:/etc/postfix/s2all_sender.txt,reject
only_send_localdomain = check_recipient_access hash:/etc/postfix/only_send_localdomain_maps.txt,reject
smtpd_recipient_restrictions=
        check_recipient_access hash:/etc/postfix/send2allclass,
        check_sender_access mysql:/etc/postfix/mysql_virtual_localdomain_class_maps.cf,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unauth_destination,
        reject_unauth_pipelining,
        reject
smtpd_sender_restrictions=
        permit_mynetworks,
        reject_sender_login_mismatch,
        reject_authenticated_sender_login_mismatch,
        reject_unauthenticated_sender_login_mismatch,
smtpd_sender_login_maps=
        mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
        mysql:/etc/postfix/mysql_virtual_alias_maps.cf
smtpd_client_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_non_fqdn_sender,
        reject_unauth_pipelining,
        reject_unauth_destination,
        reject
mynetworks =    127.0.0.1 192.168.0.8
                192.168.0.11 193.168.0.37  192.168.0.17 192.168.0.6  192.168.0.3  192.168.0.16 192.168.0.15
                192.168.9.49 192.168.0.39
                192.168.0.19 192.168.0.202
                192.168.0.144

###MASTER文件
submission inet n       -       n       -       -       smtpd
  -o smtpd_tls_security_level=may
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o smtpd_sasl_security_options=noanonymous
  -o smtpd_sasl_local_domain=$mydomain
  -o smtpd_client_restrictions=permit_sasl_authenticated,permit_mynetworks,reject

确认以下设置都没有问题,没办法开启POSTFIX的DEBUG

在main.cf文件中增加以下内容:

debug_peer_list = 192.168.0.37

#运行postfix reload

#运行tail –f /var/log/maillog |grep 192.168.0.37

发现在进行IP比对的时候192.168.0.37和193.168.0.37 不匹配?

怪了,仔细一看原来把192打成193了。

太不应该了。