4.9. FAQ

客户端反馈

			
SMTP ERROR: RCPT TO command failed: 501 5.1.3 Bad recipient address syntax
2015-09-23 08:06:12	SMTP Error: The following recipients failed: root@example.com: Bad recipient address syntax
<strong>SMTP Error: The following recipients failed: root@example.com: Bad recipient address syntax			
			
			

/var/log/maillog

			
Sep 23 16:12:00 smtp1 postfix/smtpd[982]: NOQUEUE: reject: RCPT from unknown[202.130.101.34]: 554 5.7.1 <netkiller@msn.com>: Relay access denied; from=<root@mail.example.com> to=<netkiller@msn.com> proto=ESMTP helo=<localhost.localdomain>
						
			

问题原因是 mynetworks 配置项没有放行客户端

[root@netkiller.github.io ~]# postconf | grep permit_mynetworks
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
			

设置mynetworks配置项，允许IP使用SMTP发送邮件

[root@netkiller.github.io ~]# postconf -n | grep mynetworks
mynetworks = 202.130.101.34
			

问题分析，上面2607:f8b0:400e:c00::1a是IPv6地址，在google默认是ipv6，但大陆机房几乎不支持ipv6.

Aug 26 03:19:52 localhost postfix/smtp[6468]: connect to gmail-smtp-in.l.google.com[2607:f8b0:400e:c00::1a]:25: Network is unreachable
Aug 26 03:19:53 localhost postfix/smtpd[6151]: connect from unknown[175.43.242.13]
			

解决方法禁用ipv6

postconf -e "inet_protocols = ipv4"
systemctl reload postfix
			

发送电子邮件并进行DKIM签名的前提是你邮件客户端的IP地址在 TrustedHosts 列表中

Aug 26 03:52:36 localhost opendkim[5762]: 3012A802C1DD: [49.213.11.18] [49.213.11.18] not internal
Aug 26 03:52:36 localhost opendkim[5762]: 3012A802C1DD: not authenticated
Aug 26 03:52:36 localhost opendkim[5762]: 3012A802C1DD: no signature data			
			

解决方法

添加 not internal IP地址到 /etc/opendkim/TrustedHosts 文件中，然后reload opendkim 进程。

			
Aug 26 02:46:52 localhost postfix/smtpd[5441]: connect from unknown[202.130.101.34]
Aug 26 02:46:53 localhost postfix/smtpd[5441]: 4CC5C802C382: client=unknown[202.130.101.34]
Aug 26 02:46:53 localhost postfix/cleanup[5445]: 4CC5C802C382: message-id=<860176544.0.1472194012792@Server>
Aug 26 02:46:53 localhost opendkim[12578]: 4CC5C802C382: [202.130.101.34] [202.130.101.34] not internal
Aug 26 02:46:53 localhost opendkim[12578]: 4CC5C802C382: not authenticated
Aug 26 02:46:53 localhost opendkim[12578]: 4CC5C802C382: no signature data
Aug 26 02:46:53 localhost postfix/qmgr[4605]: 4CC5C802C382: from=<neo@netkiller.cn>, size=530, nrcpt=1 (queue active)
Aug 26 02:46:53 localhost postfix/smtpd[5441]: disconnect from unknown[202.130.101.34]
Aug 26 02:46:54 localhost postfix/smtp[5446]: connect to gmail-smtp-in.l.google.com[2607:f8b0:400e:c00::1b]:25: Network is unreachable
Aug 26 02:46:54 localhost postfix/smtp[5446]: 4CC5C802C382: to=<netkiller@msn.com>, relay=gmail-smtp-in.l.google.com[74.125.25.27]:25, delay=1.3, delays=0.57/0.01/0.41/0.27, dsn=2.0.0, status=sent (250 2.0.0 OK 1472194014 m185si19680934pfc.265 - gsmtp)
Aug 26 02:46:54 localhost postfix/qmgr[4605]: 4CC5C802C382: removed
						
			

解决方案

[root@localhost ~]# egrep -v "^#|^$"  /etc/opendkim.conf
PidFile	/var/run/opendkim/opendkim.pid
Mode	sv
Syslog	yes
SyslogSuccess	yes
LogWhy	yes
UserID	opendkim:opendkim
Socket	inet:8891@localhost
Umask	002
SendReports	yes
SoftwareHeader	yes
Canonicalization	relaxed/relaxed
Selector	default
MinimumKeyBits	1024
KeyFile	/etc/opendkim/keys/default.private
KeyTable	/etc/opendkim/KeyTable
SigningTable	refile:/etc/opendkim/SigningTable
InternalHosts	refile:/etc/opendkim/TrustedHosts
OversignHeaders	From
			

注意下面几项配置

Mode	sv (这里默认是v便是校验邮件但不签名，s表示签名邮件)
KeyFile	/etc/opendkim/keys/default.private
KeyTable	/etc/opendkim/KeyTable
SigningTable	refile:/etc/opendkim/SigningTable
InternalHosts	refile:/etc/opendkim/TrustedHosts			
			

如果无法启动请查看启动日志

# grep opendkim  /var/log/messages
Aug 25 01:24:57 localhost yum[10052]: Installed: libopendkim-2.10.3-7.el7.x86_64
Aug 25 01:25:00 localhost yum[10052]: Installed: opendkim-2.10.3-7.el7.x86_64
Aug 25 01:55:08 localhost opendkim: /etc/opendkim/keys/default.private: open(): No such file or directory
Aug 25 01:55:08 localhost opendkim: opendkim: /etc/opendkim.conf: /etc/opendkim/keys/default.private: open(): No such file or directory
Aug 25 01:55:08 localhost systemd: opendkim.service: control process exited, code=exited status=78
Aug 25 01:55:08 localhost systemd: Unit opendkim.service entered failed state.
Aug 25 01:55:08 localhost systemd: opendkim.service failed.
Aug 25 01:56:10 localhost opendkim: /etc/opendkim/keys/default.private: open(): No such file or directory
Aug 25 01:56:10 localhost opendkim: opendkim: /etc/opendkim.conf: /etc/opendkim/keys/default.private: open(): No such file or directory
Aug 25 01:56:10 localhost systemd: opendkim.service: control process exited, code=exited status=78
Aug 25 01:56:10 localhost systemd: Unit opendkim.service entered failed state.
Aug 25 01:56:10 localhost systemd: opendkim.service failed.		
			

修改配置文件，指向你的密钥文件

KeyFile	/etc/opendkim/keys/default.private