[mailman][postfix-mysql][help] Je me prends le chou et Gmail et Postfix me font de venir chèvre :
Le
Ph. Gras

Bonsoir à tous,
comme je l'ai raconté dans un message précédent, j'ai installé =
Mailman sur un serveur Debian
avec php-fpm et NginX avec lequel je n'ai pas encore résolu tous mes =
ennuis d'interface Web.
Maintenant, j'ai en plus des problèmes de délivrabilité, notamment =
avec Gmail et Hotmail :
# cat mail.log
=
==
==
==
Mar 15 19:11:06 ma_machine postfix/smtp[19710]: E8F38420143: =
to=<xxxxxx@gmail.com>, =
relay=gmail-smtp-in.l.google.com[2a00:1450:400c:c02::1b]:25, =
delay=2.1, delays=1.3/0.02/0.21/0.64, dsn=4.7.1, status=SOFTBOUNCE=
(host gmail-smtp-in.l.google.com[2a00:1450:400c:c02::1b] said: =
550-5.7.1 [2001:41d0:8:c826::1] Our system has detected that this =
message does 550-5.7.1 not meet IPv6 sending guidelines regarding PTR =
records and 550-5.7.1 authentication. Please review 550-5.7.1 =
https://support.google.com/mail/?p=ipv6_authentication_error for more =
550 5.7.1 information. z16si25936559wmc.51 - gsmtp (in reply to end of =
DATA command))
=
==
==
==
Mar 15 18:53:47 ma_machine postfix/smtp[19615]: 27AD2420116: lost =
connection with mx4.hotmail.com[65.54.188.126] while performing the HELO =
handshake
Mar 15 18:53:47 ma_machine postfix/smtp[19609]: CE187420115: lost =
connection with mx3.hotmail.com[65.55.37.72] while performing the HELO =
handshake
# postconf -n
=
==
==
==
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
disable_vrfy_command = yes
inet_interfaces = all
mailbox_size_limit = 0
mailman_destination_recipient_limit = 1
mydestination = XX.XX.XX.in-addr.arpa, localhost.localdomain, =
localhost
myhostname = XX.XX.XX.in-addr.arpa
mynetworks = 127.0.0.0/8, XX.XX.XX
myorigin = 38.191.135.5.in-addr.arpa
policy_time_limit = 3600
recipient_delimiter = +
relay_domains = $mydestination, subdomain.example.com
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = sleep 1, reject_unauth_pipelining, =
permit_mynetworks
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_unknown_helo_hostname, =
reject_invalid_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks, =
reject_non_fqdn_recipient, permit_sasl_authenticated, =
check_policy_service unix:private/policy, check_relay_domains
smtpd_sender_restrictions = warn_if_reject, permit_mynetworks
soft_bounce = yes
transport_maps = mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_maps = =
mysql:/etc/postfix/mysql-virtual_aliases.cf,mysql:/etc/postfix/mysql-virtu=
al_aliases_comptes.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/spool/vmail/
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domaines.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_comptes.cf
virtual_uid_maps = static:5000
# cat mail.warn
=
==
==
==
Mar 15 19:24:03 ks3294494 postfix/smtpd[19765]: warning: support for =
restriction "check_relay_domains" will be removed from Postfix; use =
"reject_unauth_destination" instead
Mar 15 15:53:03 ks3294494 postfix/smtpd[17473]: fatal: parameter =
"smtpd_recipient_restrictions": specify at least one working instance =
of: check_relay_domains, reject_unauth_destination, reject, defer or =
defer_if_permit
# cat mail.err
=
==
==
==
Mar 15 15:53:03 ks3294494 postfix/smtpd[17473]: fatal: parameter =
"smtpd_recipient_restrictions": specify at least one working instance =
of: check_relay_domains, reject_unauth_destination, reject, defer or =
defer_if_permit
=
==
==
==
Une centaine de pages plus tard, je suis toujours dans les choux, j'ai =
la rate qui se dilate et je ne
parviens toujours pas à effectuer correctement mes relais…
Si vous avez une piste sérieuse, ne vous abstenez pas !
Ph. Gras=
comme je l'ai raconté dans un message précédent, j'ai installé =
Mailman sur un serveur Debian
avec php-fpm et NginX avec lequel je n'ai pas encore résolu tous mes =
ennuis d'interface Web.
Maintenant, j'ai en plus des problèmes de délivrabilité, notamment =
avec Gmail et Hotmail :
# cat mail.log
=
==
==
==
Mar 15 19:11:06 ma_machine postfix/smtp[19710]: E8F38420143: =
to=<xxxxxx@gmail.com>, =
relay=gmail-smtp-in.l.google.com[2a00:1450:400c:c02::1b]:25, =
delay=2.1, delays=1.3/0.02/0.21/0.64, dsn=4.7.1, status=SOFTBOUNCE=
(host gmail-smtp-in.l.google.com[2a00:1450:400c:c02::1b] said: =
550-5.7.1 [2001:41d0:8:c826::1] Our system has detected that this =
message does 550-5.7.1 not meet IPv6 sending guidelines regarding PTR =
records and 550-5.7.1 authentication. Please review 550-5.7.1 =
https://support.google.com/mail/?p=ipv6_authentication_error for more =
550 5.7.1 information. z16si25936559wmc.51 - gsmtp (in reply to end of =
DATA command))
=
==
==
==
Mar 15 18:53:47 ma_machine postfix/smtp[19615]: 27AD2420116: lost =
connection with mx4.hotmail.com[65.54.188.126] while performing the HELO =
handshake
Mar 15 18:53:47 ma_machine postfix/smtp[19609]: CE187420115: lost =
connection with mx3.hotmail.com[65.55.37.72] while performing the HELO =
handshake
# postconf -n
=
==
==
==
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
disable_vrfy_command = yes
inet_interfaces = all
mailbox_size_limit = 0
mailman_destination_recipient_limit = 1
mydestination = XX.XX.XX.in-addr.arpa, localhost.localdomain, =
localhost
myhostname = XX.XX.XX.in-addr.arpa
mynetworks = 127.0.0.0/8, XX.XX.XX
myorigin = 38.191.135.5.in-addr.arpa
policy_time_limit = 3600
recipient_delimiter = +
relay_domains = $mydestination, subdomain.example.com
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = sleep 1, reject_unauth_pipelining, =
permit_mynetworks
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_unknown_helo_hostname, =
reject_invalid_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks, =
reject_non_fqdn_recipient, permit_sasl_authenticated, =
check_policy_service unix:private/policy, check_relay_domains
smtpd_sender_restrictions = warn_if_reject, permit_mynetworks
soft_bounce = yes
transport_maps = mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_maps = =
mysql:/etc/postfix/mysql-virtual_aliases.cf,mysql:/etc/postfix/mysql-virtu=
al_aliases_comptes.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/spool/vmail/
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domaines.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_comptes.cf
virtual_uid_maps = static:5000
# cat mail.warn
=
==
==
==
Mar 15 19:24:03 ks3294494 postfix/smtpd[19765]: warning: support for =
restriction "check_relay_domains" will be removed from Postfix; use =
"reject_unauth_destination" instead
Mar 15 15:53:03 ks3294494 postfix/smtpd[17473]: fatal: parameter =
"smtpd_recipient_restrictions": specify at least one working instance =
of: check_relay_domains, reject_unauth_destination, reject, defer or =
defer_if_permit
# cat mail.err
=
==
==
==
Mar 15 15:53:03 ks3294494 postfix/smtpd[17473]: fatal: parameter =
"smtpd_recipient_restrictions": specify at least one working instance =
of: check_relay_domains, reject_unauth_destination, reject, defer or =
defer_if_permit
=
==
==
==
Une centaine de pages plus tard, je suis toujours dans les choux, j'ai =
la rate qui se dilate et je ne
parviens toujours pas à effectuer correctement mes relais…
Si vous avez une piste sérieuse, ne vous abstenez pas !
Ph. Gras=
Mar 15 19:11:06 ma_machine postfix/smtp[19710]: E8F38420143:
to relay=gmail-smtp-in.l.google.com[2a00:1450:400c:c02::1b]:25, delay=2.1,
delays=1.3/0.02/0.21/0.64, dsn=4.7.1, status=SOFTBOUNCE (host
gmail-smtp-in.l.google.com[2a00:1450:400c:c02::1b] said: 550-5.7.1
[2001:41d0:8:c826::1] Our system has detected that this message does
550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and
550-5.7.1 authentication. Please review 550-5.7.1
https://support.google.com/mail/?p=ipv6_authentication_error for more
550 5.7.1 information. z16si25936559wmc.51 - gsmtp (in reply to end of
DATA command))
Concernant le message sur IPv6, il faut que ton IP ait un reverse (PTR)
vers un nom d'hôte, et que la résolution de ce nom d'hôte donne la même IP.
--
============================================= | FRÉDÉRIC MASSOT |
| http://www.juliana-multimedia.com |
| mailto: |
| +33.(0)2.97.54.77.94 +33.(0)6.67.19.95.69 |
==========================Þbian=GNU/Linux===
C'est ce que je me suis dit aussi Frédéric, jusqu'à ce que je lise (la bible) ceci :
https://wiki.debian.org/fr/Bind9#Les_fichiers_dans_var.2Fcache.2Fbind.2F
Parce que je me demandais bien comment faire un PTR quand on n'a pas d'IPv6.
Retour à la case départÂ…
Et puis quand tu lis ça, tu te demandes aussi si GG ne se fout pas un peu de ta fiole :
https://support.google.com/a/answer/3726730?hl=fr
(Il faut aller jusqu'à la série 550-5.7.1)
Ph. Gras
la bonne réponse, c'est ça :
# postconf -n
========================= ========================= ========================
[Â…]
mydestination = ks3294494.kimsufi.com localhost.localdomain localhost
myhostname = ks_serial_nb.kimsufi.com # au lieu de XX.XX.XX.XX.in-addr.arpa
mynetworks = 127.0.0.0/8, XX.XX.XX.XX
myorigin = ks_serial_nb.kimsufi.com # au lieu de XX.XX.XX.XX.in-addr.arpa
[Â…]
========================= ========================= =========================
Il faut que myhostname soit un FDQN :
http://www.postfix.org/postconf.5.html#myhostname
Maintenant, j'ai encore ça à trouver :
# cat mail.warn
========================= ========================= =========================
Mar 15 19:24:03 ks3294494 postfix/smtpd[19765]: warning: support for restriction "check_relay_domains" will be removed from Postfix; use "reject_unauth_destination" instead
Mar 15 15:53:03 ks3294494 postfix/smtpd[17473]: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
# cat mail.err
========================= ========================= =========================
Mar 15 15:53:03 ks3294494 postfix/smtpd[17473]: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
========================= ========================= =========================
Merci pour votre sollicitude,
Ph. Gras
Le 15 mars 2016 à 21:47, Ph. Gras