Email Docker+Exim+Dovecot。不允许使用继电器
正在尝试使用文章配置Exim邮件服务器。我可以在我的本地网络中使用这个服务器,但当我试图从internet使用它时,我犯了一些错误。端口10000-20000转换到服务器计算机。我在CentOS 7 docker图像中所做的一切。主机也使用CentOS 7 缩写: test_domain.tk-我的测试域 test1、test2-测试用户 test@external.com-测试外部电子邮件 123.456.789.876-我的外部ip我有带NAT的路由器 10.0.7.30-码头隧道 使用以下命令启动docker:docker run-d-name mail-h test_domain.tk-p 10025:25-p 10587:587-p 10465:465-p 10143:143-p 10993:993邮件/服务器:localwork start_服务器 启动\u服务器: /etc/exim/exim.conf: 进出口日志: 当我尝试从internet连接时,邮件客户端出现超时错误,Exim中出现空日志。这可能是路由器的工作问题。如何让它工作Email Docker+Exim+Dovecot。不允许使用继电器,email,docker,nat,exim,dovecot,Email,Docker,Nat,Exim,Dovecot,正在尝试使用文章配置Exim邮件服务器。我可以在我的本地网络中使用这个服务器,但当我试图从internet使用它时,我犯了一些错误。端口10000-20000转换到服务器计算机。我在CentOS 7 docker图像中所做的一切。主机也使用CentOS 7 缩写: test_domain.tk-我的测试域 test1、test2-测试用户 test@external.com-测试外部电子邮件 123.456.789.876-我的外部ip我有带NAT的路由器 10.0.7.30-码头隧道 使用以下
问我你是否需要更多的数据。提前感谢。您将docker内部端口(例如10025)映射到标准smtp端口(例如25),但您将exim侦听标准端口,而不是映射的内部端口。将exim配置为在10025、10465、10587上侦听,并查看行为是否发生变化。根据此配置,反向DNS查找似乎存在问题。尝试禁用host_查找,看看是否有效:
host_lookup = 0.0.0.0/0
如果是这样,您将必须修复DNS设置,以将正确的域映射到主机。事实恰恰相反,OP将主机上的端口10025映射到容器中的25。如果是这样,它将永远无法工作。来自外部的任何人都不知道如何尝试传递到端口10025而不是端口25(默认SMTP端口)。必须做的第一件事是修复他的容器端口映射,以便外部的25映射到exim在内部侦听的任何内容。
primary_hostname = test_domain.tk
domainlist local_domains = @ : localhost : test_domain.tk
domainlist relay_to_domains =
hostlist relay_from_hosts =
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
av_scanner = clamd:/var/run/clamd.exim/clamd.sock
tls_advertise_hosts = *
tls_certificate = /etc/ssl/default.crt
tls_privatekey = /etc/ssl/default.key
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
allow_domain_literals
never_users = root
auth_advertise_hosts = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
begin acl
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first
warn condition = ${if eq{$sender_host_name}{} {1}}
set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons
accept
acl_check_rcpt:
accept hosts = :
control = dkim_disable_verify
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify
accept authenticated = *
control = submission
control = dkim_disable_verify
require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient
accept
acl_check_data:
warn condition = ${if !def:h_Message-ID: {1}}
set acl_m_greylistreasons = Message lacks Message-Id: header. Consult RFC2822.\n$acl_m_greylistreasons
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
{1}{0}}
accept
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
# if ipv6-enabled then instead use:
# ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
# user = exim
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
localuser:
driver = accept
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
transport = local_delivery
cannot_route_message = Unknown user
begin transports
remote_smtp:
driver = smtp
remote_msa:
driver = smtp
port = 587
hosts_require_auth = *
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
local_delivery:
driver = appendfile
directory = $home/Maildir
maildir_format
maildir_use_size_file
delivery_date_add
envelope_to_add
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
8 LOG: MAIN
8 exim 4.84 daemon started: pid=8, -q30m, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
16 LOG: host_lookup_failed MAIN
16 no host name found for IP address 123.456.789.876
16 LOG: MAIN REJECT
16 H=([10.0.7.30]) [123.456.789.876] X=SSLv3:DHE-RSA-AES128-SHA:128 F=<test1@test_domain.tk> rejected RCPT <test@external.com>: relay not permitted
16 LOG: lost_incoming_connection MAIN
16 unexpected disconnection while reading SMTP command from ([10.0.7.30]) [123.456.789.876]
host_lookup = 0.0.0.0/0