Назад | Перейти на главную страницу

Постфикс: виртуальные пользователи не могут получать внешние электронные письма

Я новичок в postfix. Отправка электронной почты работает нормально, но я не могу получать внешние электронные письма. ERR: Пользователь не найден. Вот мои конфиги. В чем дело?

Система

Centos7.1 x64 (образ Конохи)

Программное обеспечение

postfix 3.1.1 (составлен мной)

make makefiles shared=yes shlib_directory=/usr/local/lib/postfix/3.1.1 dynamicmaps=yes 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\" ' 'AUXLIBS_MYSQL=-L/usr/lib64/mysql -lmysqlclient -lz -lm' 

голубятня 2.2.10 (ням)

cyrus-sasl 2.1.26 (ням)

cyrus-imapd * 2.4.17 (ням)

postfixadmin 2.93 (скачано с sf.net)

MariaDB 10.1.16 (ням)

nginx 1.6.3 (ням)

php (yum, отключены некоторые опасные функции)

Сети

Использование mydomain123.com вместо настоящего doname.

Использование 123.123.123.123 вместо реального ip.

Частные сети

192.168.0.1 (255.255.248.0)

10.0.0.1 (255.255.248.0)

Публичные сети

123.123.123.123 (255.255.254.0) (с PTR: mydomain.com)

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 123-123-123-123
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 123-123-123-123

имя хоста 123-123-123-123

Открытые порты

общедоступный 110 / TCP 80 / TCP 143 / TCP 995 / TCP 25 / TCP 993 / TCP 443 / TCP 587 / TCP 8025 / TCP (postfixadmin)

частный ВСЕ

Домен и DNS

Использование mydomain123.com вместо настоящего doname.

Использование 123.123.123.123 вместо реального ip.

mydomain123.com

@ A 123.123.123.123

@ MX mail.mydomain123.com

www A 123.123.123.123

почта A 123.123.123.123

поп А 123.123.123.123

pop3 A 123.123.123.123

imap A 123.123.123.123

smtp A 123.123.123.123

Пользователи

groupadd -g 5000 vmail

useradd -g vmail -u 5000 -s /sbin/nologin vmail

Остальные по умолчанию.

/etc/postfix/main.cf

compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.mydomain123.com
mydomain = mydomain123.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
local_recipient_maps =
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtpd_banner = $myhostname ESMTP unknow
debug_peer_level = 2
debugger_command =
     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
     ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
smtputf8_enable = no
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_unknown_sender_domain
smtpd_sasl_security_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_client_restrictions = permit_sasl_authenticated
smtpd_sasl_security_options = noanonymous
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps =
   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps =
   proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
   proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
meta_directory = /etc/postfix
shlib_directory = /usr/local/lib/postfix/${mail_version}

/etc/postfix/master.cf

smtp      inet  n       -       n       -       -       smtpd
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}

/etc/postfix/sql/mysql_virtual_alias_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

/etc/postfix/sql/mysql_virtual_domains_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'

/etc/postfix/sql/mysql_virtual_mailbox_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'

/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u','@',alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'

/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf

user = mymaildb
password = mypassword
hosts = localhost
dbname = mymaildb
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

/etc/dovecot/dovecot.conf

# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-327.22.2.el7.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core)  
#log_path = /var/log/dovecot.log
#info_log_path = /var/log/dovecot-info.log
protocols = imap pop3

listen = *

!include conf.d/*.conf

passdb {

  driver = sql

  args = /etc/dovecot/dovecot-sql.conf.ext

}

userdb {

  driver = static

  args = uid=5000 gid=5000 home=/home/vmail/%d/%n

}

#debug log

auth_debug_passwords=yes

mail_debug=yes

auth_verbose=yes

auth_verbose_passwords=plain

/etc/dovecot/conf.d/10-auth.conf

disable_plaintext_auth = no
auth_mechanisms = plain login cram-md5
!include auth-system.conf.ext

/etc/dovecot/conf.d/10-ssl.conf

ssl = no

/etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:/home/vmail/%d/%n/Maildir
namespace inbox {
  inbox = yes
}
mbox_write_locks = fcntl

/etc/dovecot/conf.d/10-logging.conf

log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
debug_log_path = /var/log/dovecot-debug.log
plugin {
}

/etc/dovecot/conf.d/10-master.conf

service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imaps {
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 110
  }
  inet_listener pop3s {
  }
}
service lmtp {
  unix_listener lmtp {
  }
}
service imap {
}
service pop3 {
}
service auth {
  unix_listener auth-userdb {
    mode = 0600
    user = vmail
    group = vmail
  }
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    user = postfix
  }
}
service auth-worker {
}
service dict {
  unix_listener dict {
  }
}

/etc/dovecot/conf.d/15-lda.conf

postmaster_address = postmaster@mydomain123.com
protocol lda {
}

/etc/dovecot/dovecot-sql.conf.ext

driver = mysql
connect = host=localhost dbname=mymaildb user=mymaildb password=mypassword
userdb_warning_disable=yes
#postfixadmin
default_pass_scheme = MD5-CRYPT
password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
user_query = SELECT CONCAT('/home/vmail/', maildir) AS home, 5000 AS uid, 5000 AS gid, CONCAT('*:bytes=', quota) as quota_rule FROM mailbox WHERE username = '%u' AND active='1'

postfixadmin config.inc.php

<?php

$CONF['configured'] = true;
$CONF['setup_password'] = 'mypasswordhash';
$CONF['default_language'] = 'en';
$CONF['language_hook'] = '';

$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'mymaildb';
$CONF['database_password'] = 'mypassword';
$CONF['database_name'] = 'mymaildb';
$CONF['database_prefix'] = '';
$CONF['database_tables'] = array (
    'admin' => 'admin',
    'alias' => 'alias',
    'alias_domain' => 'alias_domain',
    'config' => 'config',
    'domain' => 'domain',
    'domain_admins' => 'domain_admins',
    'fetchmail' => 'fetchmail',
    'log' => 'log',
    'mailbox' => 'mailbox',
    'vacation' => 'vacation',
    'vacation_notification' => 'vacation_notification',
    'quota' => 'quota',
    'quota2' => 'quota2',
);
$CONF['admin_email'] = '';
$CONF['smtp_server'] = 'localhost';
$CONF['smtp_port'] = '25';
$CONF['encrypt'] = 'dovecot:CRAM-MD5';
$CONF['authlib_default_flavor'] = 'md5raw';
$CONF['dovecotpw'] = "/usr/bin/doveadm pw";
$CONF['password_validation'] = array(
#    '/regular expression/' => '$PALANG key (optional: + parameter)',
    '/.{5}/'                => 'password_too_short 5',      # minimum length 5 characters
    '/([a-zA-Z].*){3}/'     => 'password_no_characters 3',  # must contain at least 3 characters
    '/([0-9].*){2}/'        => 'password_no_digits 2',      # must contain at least 2 digits
);
$CONF['generate_password'] = 'NO';
$CONF['show_password'] = 'NO';
$CONF['page_size'] = '10';
$CONF['default_aliases'] = array (
    'abuse' => 'abuse@mydomain123.com',
    'hostmaster' => 'hostmaster@mydomain123.com',
    'postmaster' => 'postmaster@mydomain123.com',
    'webmaster' => 'webmaster@mydomain123.com'
);
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['maildir_name_hook'] = 'NO';

$CONF['admin_struct_hook']          = '';
$CONF['domain_struct_hook']         = '';
$CONF['alias_struct_hook']          = '';
$CONF['mailbox_struct_hook']        = '';
$CONF['alias_domain_struct_hook']   = '';
$CONF['fetchmail_struct_hook']      = '';
$CONF['aliases'] = '1000';
$CONF['mailboxes'] = '1000';
$CONF['maxquota'] = '1000';
$CONF['domain_quota_default'] = '2048';
$CONF['quota'] = 'YES';
$CONF['domain_quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
$CONF['transport'] = 'NO';
$CONF['transport_options'] = array (
    'virtual',  // for virtual accounts
    'local',    // for system accounts
    'relay'     // for backup mx
);
$CONF['transport_default'] = 'virtual';
$CONF['vacation'] = 'NO';
$CONF['vacation_domain'] = 'autoreply.mydomain123.com';
$CONF['vacation_control'] ='YES';
$CONF['vacation_control_admin'] = 'YES';
$CONF['vacation_choice_of_reply'] = array (
   0 => 'reply_once',        // Sends only Once the message during Out of Office
   # considered annoying - only send a reply on every mail if you really need it
   # 1 => 'reply_every_mail',       // Reply on every email
   60*60 *24*7 => 'reply_once_per_week'        // Reply if last autoreply was at least a week ago
);
$CONF['alias_control'] = 'YES';
$CONF['alias_control_admin'] = 'YES';
$CONF['special_alias_control'] = 'NO';
$CONF['alias_goto_limit'] = '0';
$CONF['alias_domain'] = 'YES';
$CONF['backup'] = 'NO';
$CONF['sendmail'] = 'YES';
$CONF['logging'] = 'YES';
$CONF['fetchmail'] = 'NO';
$CONF['fetchmail_extra_options'] = 'NO';
$CONF['show_header_text'] = 'NO';
$CONF['header_text'] = ':: Postfix Admin ::';
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to mydomain123.com';
$CONF['footer_link'] = 'mydomain123.com';
$CONF['motd_user'] = '';
$CONF['motd_admin'] = '';
$CONF['motd_superadmin'] = '';
$CONF['welcome_text'] = <<<EOM
Hi,
Welcome to your new account.
EOM;
$CONF['emailcheck_resolve_domain']='YES';
$CONF['show_status']='YES';
$CONF['show_status_key']='YES';
$CONF['show_status_text']='&nbsp;&nbsp;';
$CONF['show_undeliverable']='YES';
$CONF['show_undeliverable_color']='tomato';
$CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext");
$CONF['show_popimap']='YES';
$CONF['show_popimap_color']='darkgrey';
$CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext");
$CONF['show_custom_colors']=array("lightgreen","lightblue");
$CONF['recipient_delimiter'] = "";
$CONF['mailbox_postcreation_script'] = '';
$CONF['mailbox_postedit_script'] = '';
$CONF['mailbox_postdeletion_script'] = '';
$CONF['domain_postcreation_script'] = '';
$CONF['domain_postdeletion_script'] = '';
$CONF['create_mailbox_subdirs'] = array();
$CONF['create_mailbox_subdirs_host']='localhost';
$CONF['create_mailbox_subdirs_prefix']='INBOX.';
$CONF['used_quotas'] = 'YES';
$CONF['new_quota_table'] = 'YES';
$CONF['create_mailbox_subdirs_hostoptions'] = array('');
$CONF['theme_logo'] = 'images/logo-default.png';
$CONF['theme_css'] = 'css/default.css';
$CONF['theme_custom_css'] = '';
$CONF['xmlrpc_enabled'] = false;
if (file_exists(dirname(__FILE__) . '/config.local.php')) {
    include(dirname(__FILE__) . '/config.local.php');
}
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

/ var / log / maillog [ошибок нет]

localhost postfix/smtpd[31623]: 1077ADEA2: client=unknown[myip], sasl_method=CRAM-MD5, sasl_username=test1@mydomain123.com
localhost postfix/smtpd[31623]: disconnect from unknown[myip] ehlo=1 auth=1 mail=1 rcpt=1 quit=1 unknown=0/1 commands=5/6

/var/log/dovecot.log [НЕТ ошибок при отправке электронного письма, но ...]

auth: Fatal: master: service(auth): child 30172 killed with signal 11 (core dumped)
lda: Error: userdb lookup(test1@mydomain123.com): Disconnected unexpectedly
lda: Fatal: Internal error occurred. Refer to server log for more information.
auth: Fatal: master: service(auth): child 30757 killed with signal 11 (core dumped)
auth: Fatal: master: service(auth): child 30976 killed with signal 11 (core dumped)
lda: Error: userdb lookup(test1@mydomain123.com): Disconnected unexpectedly
08:18:07 lda: Fatal: Internal error occurred. Refer to server log for more information.
lda: Error: userdb lookup(test1@mydomain123.com): Disconnected unexpectedly
lda: Fatal: Internal error occurred. Refer to server log for more information.
auth: Fatal: master: service(auth): child 31229 killed with signal 11 (core dumped)

/var/log/dovecot-info.log [НЕТ ошибок]

Aug 02 10:22:24 aauth-worker(31671): Info: passwd(test1@mydomain123.com,myip): unknown user 
Aug 02 10:22:24 imap-login: Info: Login: user=<test1@mydomain123.com>, method=CRAM-MD5, rip=myip, lip=123.123.123.123, mpid=31673, session=<my session>

/var/log/dovecot-debug.log [НЕТ ошибок, декодирование BASE64]

auth: Debug: auth client connected (pid=0)
auth: Debug: client in: AUTH    1   CRAM-MD5    service=smtp    nologin lip=123.123.123.123 rip=myip
auth: Debug: client passdb out: CONT    1   <2224380703338822.1470101122@123.123.123.123>
auth: Debug: client in: CONT    1   test1@mydomain123.com [some hash..] (previous base64 data may contain sensitive data)
auth: Debug: password(test1@mydomain123.com,myip): passdb doesn't support credential lookups
auth-worker(31687): Debug: Loading modules from directory: /usr/lib64/dovecot/auth
auth-worker(31687): Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_mysql.so
auth-worker(31687): Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
auth-worker(31687): Debug: sql(test1@mydomain123.com,myip): query: SELECT username AS user,password FROM mailbox WHERE username = 'test1@mydomain123.com' AND active='1'
auth: Debug: password(test1@mydomain123.com,myip): Credentials: [some hash]
auth: Debug: client passdb out: OK  1   user=test1@mydomain123.com

Журнал SQL [ошибок нет, но нет запроса о почтовом ящике. Почему ???]

 /usr/sbin/mysqld, Version: 10.1.16-MariaDB (MariaDB Server). started with:
    Tcp port: 0  Unix socket: (null)
    Time                 Id Command    Argument
            2 Connect   mymaildb@localhost as anonymous on mymaildb
                2 Query SELECT username AS user,password FROM mailbox WHERE username = 'test1@mydomain123.com' AND active='1'
                3 Connect   mymaildb@localhost as anonymous on mymaildb
                3 Query SELECT goto FROM alias WHERE address='mydomain123.com' AND active = '1'
                4 Connect   mymaildb@localhost as anonymous on mymaildb
                4 Query SELECT domain FROM domain WHERE domain='mydomain123.com' AND active = '1'
                3 Query SELECT goto FROM alias WHERE address='test1@mydomain123.com' AND active = '1'
                3 Query SELECT goto FROM alias WHERE address='test1@mydomain123.com' AND active = '1'

Журнал SQL (электронное письмо для root)

5 Connect   mymaildb@localhost as anonymous on mymaildb
            5 Query SELECT goto FROM alias WHERE address='mydomain123.com' AND active = '1'
            6 Connect   mymaildb@localhost as anonymous on mymaildb
            6 Query SELECT domain FROM domain WHERE domain='mydomain123.com' AND active = '1'
            7 Connect   mymaildb@localhost as anonymous on mymaildb
            7 Query SELECT username AS user,password FROM mailbox WHERE username = 'test1@mydomain123.com' AND active='1'
            7 Quit  

            5 Query SELECT goto FROM alias WHERE address='root@localhost' AND active = '1'
            8 Connect   mymaildb@localhost as anonymous on mymaildb
            8 Query SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = 'localhost' and alias.address = CONCAT('root', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
            9 Connect   mymaildb@localhost as anonymous on mymaildb
            9 Query SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = 'localhost' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
            5 Query SELECT goto FROM alias WHERE address='root' AND active = '1'
            5 Query SELECT goto FROM alias WHERE address='@localhost' AND active = '1'
            9 Query SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = 'localhost' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
            5 Query SELECT goto FROM alias WHERE address='localhost' AND active = '1'
            6 Query SELECT domain FROM domain WHERE domain='localhost' AND active = '1'

            8 Quit  
            6 Quit  
            9 Quit  
            5 Quit  

Судя по вашему /var/log/dovecot.log, ваш lda (местный агент доставки) не может найти имя получателя в базе данных. Так что, вероятно, ваша проблема в SQL Связанный. Также я вижу, что вы используете anonymous пользователь для поиска (кстати, плохая практика). Итак, прежде всего вам нужно убедиться, что anonymous пользователю разрешено выполнять все требуемые запросы. Также вы можете проверить свой SQL журналы сервера на наличие ошибок и разместите его здесь (если есть).