主题: postfix mynetworks问题

公司装的是CentOS5 ,postfix开了smtp认证,有一台mantis服务器不能开smtp认证,导致mantis发邮件用户收不到,在main.cf中设了mynetworks=mantis所在的网段,但不起作用,下面是main.cf内容:
mynetworks_style = subnet
#mynetworks = 127.0.0.0/8
mynetworks = 192.168.1.0/24, 127.0.0.0/8
receive_override_options = no_address_mappings
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_reject_unlisted_recipient = yes
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
delay_warning_time = 4h
policy_time_limit = 3600
enable_original_recipient = no
home_mailbox = Maildir/
maximal_backoff_time = 4000s
allow_min_user = no
mailbox_size_limit = 15728640
message_size_limit = 15728640
virtual_mailbox_limit_override = yes
virtual_overquota_bounce = yes
virtual_mailbox_limit_message = Sorry, the user's maildir has overdrawn the disk quota, please notice the user and try again later.
virtual_minimum_uid = 500
virtual_uid_maps = static:500
virtual_gid_maps = static:500
virtual_mailbox_base = /home/vmail
check_sender_access = hash:/etc/postfix/sender_access
header_checks = pcre:/etc/postfix/header_checks
transport_maps = mysql:/etc/postfix/mysql_transport_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
sender_bcc_maps = mysql:/etc/postfix/mysql_sender_bcc_maps_domain.cf, mysql:/etc/postfix/mysql_sender_bcc_maps_user.cf
recipient_bcc_maps = mysql:/etc/postfix/mysql_recipient_bcc_maps_domain.cf, mysql:/etc/postfix/mysql_recipient_bcc_maps_user.cf
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_sender_login_maps.cf
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = auvtech.com
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_helo_required = yes
smtpd_sasl_authenticated_header = no
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_policy_service inet:127.0.0.1:10031
#
# Postfix TLS support. Please refer to:
#   * http://www.postfix.org/TLS_README.html
#   * http://code.google.com/p/iredmail/wiki/ … LS_Support
#
# Example:
#    $ openssl req -newkey rsa:1024 -x509 -nodes -out postfixCert.pem -keyout postfixKey.pem
#
# Enable TLS. Note: 'smtpd_use_tls' equal to 'smtpd_tls_security_level'.
#
smtpd_tls_security_level = may
smtpd_enforce_tls = no
smtpd_tls_loglevel = 0
smtpd_tls_key_file = /etc/pki/iRedMail/SSL_Key.pem
smtpd_tls_cert_file = /etc/pki/iRedMail/SSL_Cert.pem
#smtpd_tls_CAfile =
tls_random_source = dev:/dev/urandom
tls_daemon_random_source = dev:/dev/urandom
#
# Uncomment the following line to enable policyd sender throttle.
#
#smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10032
mailbox_command = /usr/libexec/dovecot/deliver
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = dovecot-auth
content_filter = smtp-amavis:[127.0.0.1]:10024
Type  :quit<Enter>  to exit Vim
maillog中:
May  7 01:27:45 mail postfix/smtpd[7676]: NOQUEUE: reject: RCPT from mail.auvtech.com[218.80.193.59]: 450 4.7.1 <mantis@auvtech.com>: Recipient address rejected: Policy Rejection- Please try later.; from=<>
to=<mantis@auvtech.com> proto=ESMTP helo=<localhost.localdomain>

回复: postfix mynetworks问题

May  7 01:27:45 mail postfix/smtpd[7676]: NOQUEUE: reject: RCPT from mail.auvtech.com[218.80.193.59]: 450 4.7.1 <mantis@auvtech.com>: Recipient address rejected: Policy Rejection- Please try later.; from=<> to=<mantis@auvtech.com> proto=ESMTP helo=<localhost.localdomain>


从这里来看,只是灰名单(greylist)的作用,邮件服务器自行重试几次之后应该就可以顺利投递了。

是否有后续的日志?贴上来将更有利于分析。