{"id":700,"date":"2008-08-01T15:27:00","date_gmt":"2008-08-01T07:27:00","guid":{"rendered":"http:\/\/note.systw.net\/note\/?p=700"},"modified":"2023-11-04T15:30:25","modified_gmt":"2023-11-04T07:30:25","slug":"postfix-mailserver","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/700","title":{"rendered":"Postfix Mailserver"},"content":{"rendered":"\n<p>postfix<br>(http:\/\/www.postfix.org\/)<br><br><strong>\u76f8\u95dc\u6307\u4ee4<\/strong><br>postconf \u67e5\u95b1postfix\u7684\u76f8\u95dc\u8a2d\u5b9a<br>postalias \u8a2d\u5b9a\u5225\u540d\u8cc7\u6599\u5eab\u7684\u6307\u4ee4,\u5c07aliases\u8f49\u6210aliases.db<br>\u3000ps:\u7528\u6cd5\u70bapostalias hash:\/etc\/aliases<br>postmap \u8f49\u63dbaccess\u6210access.db<br>\u3000ps:\u7528\u6cd5\u70bapostmap hash:\/etc\/postfix\/access<br>postcat \u67e5\u770b\u67d0\u500b\u4f47\u5217\u7684\u4fe1\u4ef6<br>\u3000ps:\u4f47\u5217\u7684\u6a94\u6848\u4e00\u822c\u5728\/var\/spool\/postfix\/\u5e95\u4e0b<br>postqueue \u5217\u51fa\u5bc4\u4fe1\u4f47\u5217\u5167\u5bb9<br>\u3000-p \u5217\u51fa\u4f47\u5217\u5167\u5bb9,\u7d50\u679c\u548cmailq\u4e00\u6a23<br>postfix<br>\u3000check \u6aa2\u67e5\u76f8\u95dc\u6a94\u6848\u6216\u6b0a\u9650\u662f\u5426\u8a2d\u5b9a\u6b63\u78ba<br>\u3000start \u555f\u52d5postfix<br>\u3000stop \u505c\u6b62postfix<br>\u3000flush \u5c07\u4f47\u5217\u4e2d\u7684\u4fe1\u5f37\u5236\u5bc4\u51fa<br>\u3000reload \u91cd\u8b80main.cf\u8a2d\u5b9a\u6a94<br><br><strong>\u76f8\u95dc\u6a94\u6848<\/strong><br><strong>main.cf&nbsp;<\/strong>\/\/\u4e3b\u8981\u7684 postfix \u8a2d\u5b9a\u6a94,\u901a\u5e38\u5728\/etc\/postfix\u4e0b<br><strong>access<\/strong>&nbsp; \/\/\u8a2d\u5b9a\u4e3b\u6a5f\u4f7f\u7528\u6b0a\u9650,\u901a\u5e38\u5728\/etc\/postfix\u4e0b<br><strong>\/etc\/aliases&nbsp;&nbsp;<\/strong>\/\/\u8a2d\u5b9a\u90f5\u4ef6\u5225\u540d\u7528\u7684\u6a94\u6848<br><strong>.forward<\/strong>&nbsp;&nbsp;\/\/this is a file in user home dictionary ,operator in permit is 600 . a line a useremail in the file .<br>when anybody send mail to the user ,mail server will auto send mail to what user in .forward<\/p>\n\n\n\n<p>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;<\/p>\n\n\n\n<p>main.cf&nbsp;<br>(1\u7b49\u865f\u5169\u908a\u8981\u7a7a\u767d\uff0c2\u82e5\u6709\u591a\u8cc7\u6599\u5efa\u8b70\u7528&#8217;\u9017\u865f+\u7a7a\u767d&#8217;\u4f86\u5206\u9694\uff0c3\u82e5\u8cc7\u6599\u91cd\u8986\u4ee5\u6700\u5f8c\u7684\u70ba\u512a\u5148)<\/p>\n\n\n\n<p>inet_interfaces = all&nbsp;&nbsp; \/\/\u76e3\u807d\u6240\u6709\u4ecb\u9762\u7684\u5c01\u5305<br>myhostname = web.hopto.org &nbsp; \/\/\u4e3b\u6a5f\u540d\u7a31\uff0c\u9700\u4f7f\u7528fqdn<br>myorigin = $myhostname&nbsp; \/\/\u767c\u4fe1\u6e90\u4e3b\u6a5f\uff0c\u76ee\u524d\u4f7f\u7528myhostname\u7684\u5167\u5bb9\uff0c\u5728\u672c\u6a5f\u5bc4\u4fe1\u6642\u672a\u52a0Mail from\u5c31\u4ee5\u6b64\u503c\u70ba\u6e96<br>mydestination =&nbsp;&nbsp;$myhostname&nbsp;&nbsp; \/\/\u4e3b\u6a5f\u6536\u4fe1\u6642,\u4fe1\u4ef6\u7684\u76ee\u6a19\u4e3b\u6a5f\u4f4d\u7f6e\u7b26\u5408mydestination\u624d\u6703\u63a5\u6536<br>mynetworks = \u898f\u5b9a\u4fe1\u4efb\u7684\u7528\u6236\u7aef\u624d\u53ef\u5c07\u4fe1\u4ea4\u7d66mda\u505arelay(\u5bc4\u4fe1)\u7684\u52d5\u4f5c<br><br>smtpd_recipient_restrictions = option1, option2,&#8230; \/\/\u9032\u968erelay\u8a2d\u5b9a,option\u6709\u4ee5\u4e0b<br>&nbsp; permit_mynetworks :\u5728mynetworks\u9019\u500b\u9805\u76ee\u8a2d\u5b9a\u7684\u7db2\u57df,IP\u90fd\u53ef\u88ab\u5141\u8a31\u9023\u7dda<br><br>maximal_queve_lifttime = 1d<br>queue_run_delay = 10m<br>always_bcc = usera&nbsp; &nbsp; \/\/\u6240\u6709\u7684\u5bc4\u51fa\u4fe1\u90fd\u5099\u4efd\u5230usera,usera\u53ef\u6539\u6210mail\u5730\u5740<br>smtpd_recipient_limit = 2 \/\/\u4e00\u5c01\u4fe1\u6700\u591a\u53ea\u80fd\u8f49\u5bc42\u6b21<br>message_size_limit = 1024 \/\/\u9650\u5236\u4fe1\u4ef6\u5927\u5c0f\u70ba1k,\u9700\u548cmailbox_size_limit\u4e00\u8d77\u8a2d\u5b9a<br>mailbox_size_limit = 10240 \/\/\u500b\u4eba\u4fe1\u7bb1\u7684\u5927\u5c0f\u9650\u523610k,\u9700\u548cmessage_size_limit\u4e00\u8d77\u8a2d\u5b9a<br><br>alias_map = hash:\/etc\/aliases \/\/\u8a2d\u5b9a\u90f5\u4ef6\u5225\u540d<br>alias_database = hash:\/etc\/aliases\u3000\/\/\u8a2d\u5b9a\u90f5\u4ef6\u5225\u540d<\/p>\n\n\n\n<p>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&nbsp;<br><strong>\u9650\u5236\u5bc4\u4ef6\u8005<\/strong><br>smtpd_sender_restrictions = &lt; action&gt;<br>\u5e38\u7528action\u5982\u4e0b<br><strong>reject_unknown_client<\/strong>&nbsp;\u7121\u6cd5\u53cd\u89e3\u5c0d\u65b9ip\u6642\u62d2\u7d55<br>ps:<br>\u56e0\u7121\u6cd5\u53cd\u89e3\u5c0d\u65b9ip\u800c\u62d2\u7d55\u7684log\u5927\u81f4\u5982\u4e0b<br>Oct 29 11:26:32 mailser postfix\/smtpd[8137]: NOQUEUE: reject: RCPT from unknown[202.144.223.49]: 450 4.7.1 Client host rejected: cannot find your hostname, [202.144.223.49]; from= to= proto=ESMTP helo=<br><strong>reject_unknown_sender_domain<\/strong>&nbsp;\u627e\u4e0d\u5230dns\u88e1\u7684mx\/a\u8a18\u9304\u6642\u62d2\u7d55<\/p>\n\n\n\n<p>ps:<br>unknown_address_reject_code = 530 \/\/\u5c07\u4e0a\u884c\u7684\u932f\u8aa4\u6307\u4ee4\u78bc450\u6539\u6210530<br>unknown_client_reject_code = 540 \/\/\u5c07\u4e0a\u884c\u7684\u932f\u8aa4\u6307\u4ee4\u78bc450\u6539\u6210540<br>ps:<br>\u82e5\u5c0d\u65b9\u53cd\u89e3\u4e0d\u5230,\u4f46\u53c8\u8981\u6536\u5c0d\u65b9\u4fe1,\u53ef\u628a\u5c0d\u65b9ip\u52a0\u5165mynetworks<br>1 \u5c07\u5c0d\u65b9IP\u52a0\u5165\u4fe1\u4efb\u540d\u55ae<br>mynetworks = 11.22.33.44,<br>2 \u5141\u8a31\u4fe1\u4ef6\u540d\u55aeip,\u5176\u4ed6\u5247\u4f7f\u7528reject_unknown_client\u7684\u898f\u5247<br>smtpd_sender_restrictions =<br>permit_mynetworks<br>reject_unknown_client<\/p>\n\n\n\n<p>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;<br><strong>\u8a2d\u5b9a\u865b\u64ec\u4e3b\u6a5f<\/strong><br>1<br>\u8a2d\u5b9amain.cf<br>virual_alias_map = hash:\/etc\/postfix\/virual&nbsp; \/\/virtual host use<br>2<br>\u8a2d\u5b9avirual\u6a94\u6848,\u683c\u5f0f\u5982\u4e0b<br>&nbsp;usera@zzz.com usera.zzz<br>&nbsp;usera@xxx.com usera.xxx<br>3<br>\u57f7\u884cpostmap virual\u7522\u751fvirual.db<br><br>ps:virtual\u4f7f\u7528\u6b63\u898f\u8868\u793a\u6cd5<br>\u7de8\u8f2fmain.cf\u5982\u4e0b<br>virtual_alias_maps = regexp:\/etc\/postfix\/virtual<br>\u6b63\u898f\u8868\u793a\u6cd5virtual\u7bc4\u4f8b\u5982\u4e0b<br>ex:<br>\/^([8-9][0-9][0-9]{6,6})@\/ ${1}@com1.tw, ${1}@com2.tw&nbsp; #\u82e5\u5e33\u865f\u70ba89999999~99999999\u5247\u5bc4\u5230com1.tw\u548ccom2.tw<br>\/^(.+)@net.tw$\/ ${1}@com3.tw #\u82e5\u6c92\u6bd4\u5c0d\u5230\u7684\u5e33\u865f,\u800c\u4e14\u662f@net.tw\uff0c\u5247\u5bc4\u5230com3.tw<br>\/^(.+)@\/ ${1}@com.tw #\u82e5\u6c92\u6bd4\u5c0d\u5230\u7684\u5e33\u865f\uff0c\u5247\u5bc4\u5230com.tw<br>&nbsp;<\/p>\n\n\n\n<p>&#8230;&#8230;&#8230;&#8230;&#8230;.<\/p>\n\n\n\n<p>aliases&nbsp;<\/p>\n\n\n\n<p><strong>\u8a2d\u5b9a\u90f5\u4ef6\u5225\u540d<\/strong>,\u5c31\u662f\u6536\u5230\u4fe1\u5f8c\u81ea\u52d5\u5728\u5bc4\u5230\u67d0\u4eba\u7684\u4fe1\u7bb1<br>1<br>\u5728\/etc\/aliases\u8a2d\u5b9a,\u898f\u5247\u5982\u4e0b<br>vituralname:realname1,realname2&nbsp;&nbsp;\/\/if anybody sends mail to vituralname ,realname1 and realname2 will receive the mail<br>realname1:realname1,realname2 \/\/if anybody sends mail to realname1,realname1 and realname2 will receive the mail<br>name1:user@otherhostname \u5c07\u5bc4\u7d66name1\u7684\u5bc4\u5230user@otherhostname<br>2<br>\u6b64\u6a94\u88ab\u4fee\u6539\u5247\u9700\u57f7\u884cnewaliases\u6216postalias<br>postalias hash:\/etc\/aliases<br>ps,\u8a2d\u5b9a\u90f5\u4ef6\u5225\u540d\u6642,\u5728main.cf\u9700\u8981\u6709<br>alias_map = hash:\/etc\/aliases<br>alias_database = hash:\/etc\/aliases<br><br>&#8230;&#8230;&#8230;&#8230;..<\/p>\n\n\n\n<p>access&nbsp;<\/p>\n\n\n\n<p><strong>\u8a2d\u5b9a\u4e3b\u6a5f\u958b\u653eRelay\u6216\u62d2\u7d55\u9023\u7dda\u7684\u4f86\u6e90\u6216\u76ee\u6a19\u4f4d\u5740\u7b49\u8cc7\u8a0a<\/strong><br>1<br>\u7de8\u8f2f\/etc\/postfix\/access,\u898f\u5247\u5982\u4e0b<br>ip\u6216\u7db2\u57df ACCEPT\u6216REJECT<br>ex:<br>\u62d2\u7d55\u52d5\u614bIP\u6240\u767c\u51fa\u4f86\u7684\u4fe1\u4ef6<br>dynamic.apol.com.tw REJECT We can&#8217;t allow dynamic IP to relay!<br>dynamic.giga.net.tw REJECT We can&#8217;t allow dynamic IP to relay!<br>dynamic.hinet.net REJECT We can&#8217;t allow dynamic IP to relay!<br>2<br>\u4fee\u6539\u5f8c\u57f7\u884cpostmap hash:\/etc\/postfix\/access<br>ps:\u5728main.cf\u7684mynetworks\u9078\u9805\u9700\u8981\u6709hash:\/etc\/postfix\/access<\/p>\n\n\n\n<p>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;..<\/p>\n\n\n\n<p><strong>postfix\u7684mail queues\u76ee\u9304<\/strong><br>incoming \u5bc4\u9001\u5230\u672c\u5730\u7684\u4fe1<br>active \u6b63\u6e96\u5099\u8981\u9001\u7684\u4fe1<br>defered \u66ab\u6642\u7121\u6cd5\u88ab\u50b3\u9001\u7684\u4fe1,mail server\u6703\u4f9dBackoff time\u898f\u5247\u53bb\u8a66\u8457\u5728\u9001\u4e00\u6b21<br>corrupt \u7121\u6cd5\u8b80\u53d6\u6216\u6bc0\u640d\u7684\u4fe1<br>hold \u88ab\u66ab\u505c\u767c\u9001\u7684\u4fe1,\u9700\u8981\u624b\u52d5\u624d\u53ef\u5bc4\u51fa<br>defer \u66ab\u6642\u7121\u6cd5\u88ab\u50b3\u9001\u7684\u4fe1,\u4e26\u8a18\u9304\u70ba\u4f55\u88ab\u5ef6\u9072\u5bc4\u4fe1,\u5e38\u767c\u751f\u5728mail server\u88ab\u5217\u5165graylist\u7684\u6642\u5019<br>bounce \u6bcf\u4f4d\u6536\u4ef6\u8005\u7684\u50b3\u9001\u72c0\u614b,\u4e26\u8a18\u9304\u70ba\u4f55\u6703\u88ab\u9000\u4fe1<br>ps:<br>\u8a72\u76ee\u9304\u901a\u5e38\u5728\/var\/spool\/postfix<\/p>\n\n\n\n<p>&#8230;&#8230;&nbsp;<\/p>\n\n\n\n<p>refer<br>http:\/\/www.l-penguin.idv.tw\/article\/postfix_spam.htm<\/p>\n","protected":false},"excerpt":{"rendered":"<p>postfix(http:\/\/www.postfix.org &#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[21],"tags":[],"class_list":["post-700","post","type-post","status-publish","format-standard","hentry","category-linuxservice"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/700","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=700"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/700\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=700"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=700"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=700"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}