Server4You에 전용 서버가 있습니다. 머신에는 Debian 7.8 및 Plesk 11.5.30이 있습니다.
서버에는 각각 고유한 IP 주소를 가진 2개의 웹사이트가 있습니다.
문제는 내가 보내는 이메일이 모두 스팸으로 처리되고, 심지어 아웃룩 계정에도 메일이 도착하지 않는다는 점이다.
내 Server4you 전원 패널의 DNS 역방향은 IP 69.64.49.24의 경우 mail.gupropiedades.cl입니다.
내 PLESK DNS 설정은 다음과 같습니다.
접미사: master.cf
#smtp inet n - - - - smtpd
localhost:smtp inet n - n - - smtpd
69.64.49.24:smtp inet n - n - - smtpd -o myhostname=mail.gupropiedades.cl
209.126.115.118:smtp inet n - n - - smtpd -o myhostname=mail.evaluandome.org
#smtp inet n - - - 1 postscreen
#smtpd pass - - - - - smtpd
#dnsblog unix - - - - 0 dnsblog
#tlsproxy unix - - - - 0 tlsproxy
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
#smtps inet n - - - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 1 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe flags=R user=list:list argv=/usr/lib/plesk-9.0/postfix-mailman ${nexthop} ${user} ${recipient}
plesk_virtual unix - n n - - pipe flags=DORhu user=popuser:popuser argv=/usr/lib/plesk-9.0/postfix-local -f ${sender} -d ${recipient} -p /var/qmail/mailnames
plesk_saslauthd unix y y y - 1 plesk_saslauthd status=5 listen=6 dbpath=/plesk/passwd.db
smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes
69.64.49.24- unix - n n - - smtp -o smtp_bind_address=69.64.49.24 -o smtp_bind_address6= -o smtp_address_preference=ipv4
submission inet n - - - - smtpd -o smtpd_enforce_tls=yes -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
209.126.115.118- unix - n n - - smtp -o smtp_bind_address=209.126.115.118 -o smtp_bind_address6= -o smtp_address_preference=ipv4
124,1 Bot
주요 프로그램.cf
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = eagle354.startdedicated.com
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.startdedicated.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128 69.64.49.24/32
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, check_client_access pcre:/var/spool/postfix/plesk/non_auth.re
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, check_client_access pcre:/var/spool/postfix/plesk/no_relay.re, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = , inet:127.0.0.1:12768
non_smtpd_milters = , inet:127.0.0.1:12768
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
virtual_mailbox_limit = 0
message_size_limit = 10240000
메일 서버 테스트: mail.gupropiedades.cl
사용자가 받은 이메일은 스팸입니다.
Delivered-To: [email protected]
Received: by 10.180.7.166 with SMTP id k6csp2219431wia;
Fri, 3 Apr 2015 20:58:25 -0700 (PDT)
X-Received: by 10.42.133.71 with SMTP id g7mr7474120ict.15.1428119905135;
Fri, 03 Apr 2015 20:58:25 -0700 (PDT)
Return-Path: <[email protected]>
Received: from eagle354.startdedicated.com (mail.gupropiedades.cl. [69.64.49.24])
by mx.google.com with ESMTPS id 5si8751753ioj.32.2015.04.03.20.58.24
for <[email protected]>
(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 03 Apr 2015 20:58:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 69.64.49.24 as permitted sender) client-ip=69.64.49.24;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of [email protected] designates 69.64.49.24 as permitted sender) [email protected]
Received: from webmail.evaluandome.org (localhost [127.0.0.1])
by eagle354.startdedicated.com (Postfix) with ESMTP id 6D15941E79
for <[email protected]>; Sat, 4 Apr 2015 03:58:24 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=default; d=gupropiedades.cl;
b=SdEMBq9IY+Tz6uaz70kopEX29iETl9OEP3gzlHzJqpGSR1WklbYtZW2v+V+pd2w/t7s69pyve9tK4Rn28xCLtpKVDRt3hdt353j2t+CHALmCw9QwGEFjYeNugVaLDOYRSuvW/qqN5YMGFskB0S0TCGnKDllzDsmZRwVqh3mNZ2U=;
h=MIME-Version:Content-Type:Content-Transfer-Encoding:Date:From:To:Subject:Message-ID:X-Sender:User-Agent;
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
format=flowed
Content-Transfer-Encoding: 7bit
Date: Sat, 04 Apr 2015 00:58:24 -0300
From: Contacto Gupropiedades <[email protected]>
To: [email protected]
Subject: test
Message-ID: <[email protected]>
X-Sender: [email protected]
User-Agent: Roundcube Webmail/0.9.5
testing mail server
답변1
DKIM이 제대로 작동하는지 확인한 후:
나는 똑같은 문제가 있습니다. 모든 시험은 당신처럼 좋습니다. 문제는 이메일을 보내는 데 사용되는 자체 서명된 SSL 인증서에 있습니다.
Gmail 주소로 이메일을 보낼 때 서버 로그를 확인하면 '신뢰할 수 없는 연결'이라는 메시지가 나타납니다. 분명히 Gmail 등은 이것을 좋아하지 않습니다.
어느 날 자체 서명된 인증서를 합법적인 인증서로 교체하기로 결정했는데 갑자기 Gmail 등에 스팸이 더 이상 없어졌습니다. 오랫동안 작동해 왔습니다.
저는 이 서버에서 무료 Let's Encrypt 인증서를 사용하고 있으며 작동합니다. 하지만 제대로 작동하려면 몇 가지 사항을 확인해야 합니다.
컴퓨터에 Let's encrypt를 설치하세요.
cd /etc/ssl/certs openssl dhparam -out dhparam.pem 4096 cd ~ git clone https://github.com/letsencrypt/letsencrypt && cd letsencrypt서버 호스트 이름에 대한 sandalone SSL을 생성합니다.
(stop all web servers) cd ~/letsencrypt ./letsencrypt-auto --server https://acme-v01.api.letsencrypt.org/directory auth -d host.domain.devLet's Encrypt 중간 인증서를 시스템에 추가하세요.
Postfix에 필요한 인증서는 다음과 같습니다.
smtp_tls_CApath = /etc/ssl/certs smtpd_tls_key_file = privkey.pem smtpd_tls_cert_file = cert.pem smtpd_tls_CAfile = chain.pem
tail -f /var/log/mail.log이메일을 보낼 때 항상 postfix 로그를 확인하여 모든 것이 올바른지 확인하세요. 그렇다면 다음 내용이 표시되어야 합니다 Trusted TLS connection established to gmail-smtp-in. 실패하면 postfix는 연결이 신뢰할 수 없거나 인증서, CA 등을 찾을 수 없다고 불평합니다.
폴리스티렌: EXIM을 사용해 보시는 것이 좋을 것 같습니다. 일반적으로 대형 서비스 제공업체에서는 스팸 처리에 Postfix보다 EXIM을 선호합니다.