Todas as mensagens enviadas pelo Postfix são recebidas como spam

Navegue suas respostas
1

Eu tenho um servidor dedicado no Server4You. A máquina tem o Debian 7.8 e o Plesk 11.5.30.

No servidor eu tenho 2 sites, cada um com seu respectivo endereço IP.

O problema é que todas as mensagens que eu envio são recebidas como SPAM, pior, nas contas do Outlook nem sequer recebem e-mails.

My DNS Reverse no Power Panel do Server4you é: mail.gupropiedades.cl para o IP 69.64.49.24

Estas são minhas configurações de DNS PLESK:

Postfix:master.cf

#smtpinetn----smtpdlocalhost:smtpinetn-n--smtpd69.64.49.24:smtpinetn-n--smtpd-omyhostname=mail.gupropiedades.cl209.126.115.118:smtpinetn-n--smtpd-omyhostname=mail.evaluandome.org#smtpinetn---1postscreen#smtpdpass-----smtpd#dnsblogunix----0dnsblog#tlsproxyunix----0tlsproxysubmissioninetn----smtpd-osyslog_name=postfix/submission-osmtpd_tls_security_level=encrypt-osmtpd_sasl_auth_enable=yes-osmtpd_client_restrictions=permit_sasl_authenticated,reject-omilter_macro_daemon_name=ORIGINATING#smtpsinetn----smtpd#-osyslog_name=postfix/smtps#-osmtpd_tls_wrappermode=yes#-osmtpd_sasl_auth_enable=yes#-osmtpd_client_restrictions=permit_sasl_authenticated,reject#-omilter_macro_daemon_name=ORIGINATING#628inetn----qmqpdpickupfifon--601pickupcleanupunixn---0cleanupqmgrfifon-n11qmgr#qmgrfifon-n3001oqmgrtlsmgrunix---1000?1tlsmgrrewriteunix-----trivial-rewritebounceunix----0bouncedeferunix----0bouncetraceunix----0bounceverifyunix----1verifyflushunixn--1000?0flushproxymapunix--n--proxymapproxywriteunix--n-1proxymapsmtpunix-----smtprelayunix-----smtp#-osmtp_helo_timeout=5-osmtp_connect_timeout=5showqunixn----showqerrorunix-----errorretryunix-----errordiscardunix-----discardlocalunix-nn--localvirtualunix-nn--virtuallmtpunix-----lmtpanvilunix----1anvilscacheunix----1scache#====================================================================#Interfacestonon-Postfixsoftware.Besuretoexaminethemanual#pagesofthenon-Postfixsoftwaretofindoutwhatoptionsitwants.##ManyofthefollowingservicesusethePostfixpipe(8)delivery#agent.Seethepipe(8)manpageforinformationabout${recipient}#andothermessageenvelopeoptions.#====================================================================##maildrop.SeethePostfixMAILDROP_READMEfilefordetails.#Alsospecifyinmain.cf:maildrop_destination_recipient_limit=1#maildropunix-nn--pipeflags=DRhuuser=vmailargv=/usr/bin/maildrop-d${recipient}##====================================================================##RecentCyrusversionscanusetheexisting"lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe flags=R user=list:list argv=/usr/lib/plesk-9.0/postfix-mailman ${nexthop} ${user} ${recipient}


plesk_virtual unix - n n - - pipe flags=DORhu user=popuser:popuser argv=/usr/lib/plesk-9.0/postfix-local -f ${sender} -d ${recipient} -p /var/qmail/mailnames
plesk_saslauthd unix y y y - 1 plesk_saslauthd status=5 listen=6 dbpath=/plesk/passwd.db
smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes

69.64.49.24- unix - n n - - smtp -o smtp_bind_address=69.64.49.24 -o smtp_bind_address6= -o smtp_address_preference=ipv4

submission inet n - - - - smtpd -o smtpd_enforce_tls=yes -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

209.126.115.118- unix - n n - - smtp -o smtp_bind_address=209.126.115.118 -o smtp_bind_address6= -o smtp_address_preference=ipv4
                                                                                                                                                      124,1         Bot

Main.cf 

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = eagle354.startdedicated.com
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.startdedicated.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128 69.64.49.24/32
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, check_client_access pcre:/var/spool/postfix/plesk/non_auth.re
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, check_client_access pcre:/var/spool/postfix/plesk/no_relay.re, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = , inet:127.0.0.1:12768
non_smtpd_milters = , inet:127.0.0.1:12768
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
virtual_mailbox_limit = 0
message_size_limit = 10240000

Teste do servidor de email: mail.gupropiedades.cl

E-mail recebido como spam para um usuário. 

Delivered-To: [email protected]
Received: by 10.180.7.166 with SMTP id k6csp2219431wia;
        Fri, 3 Apr 2015 20:58:25 -0700 (PDT)
X-Received: by 10.42.133.71 with SMTP id g7mr7474120ict.15.1428119905135;
        Fri, 03 Apr 2015 20:58:25 -0700 (PDT)
Return-Path: <[email protected]>
Received: from eagle354.startdedicated.com (mail.gupropiedades.cl. [69.64.49.24])
        by mx.google.com with ESMTPS id 5si8751753ioj.32.2015.04.03.20.58.24
        for <[email protected]>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 03 Apr 2015 20:58:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 69.64.49.24 as permitted sender) client-ip=69.64.49.24;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of [email protected] designates 69.64.49.24 as permitted sender) [email protected]
Received: from webmail.evaluandome.org (localhost [127.0.0.1])
    by eagle354.startdedicated.com (Postfix) with ESMTP id 6D15941E79
    for <[email protected]>; Sat,  4 Apr 2015 03:58:24 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1;  q=dns; c=nofws;
  s=default; d=gupropiedades.cl;
  b=SdEMBq9IY+Tz6uaz70kopEX29iETl9OEP3gzlHzJqpGSR1WklbYtZW2v+V+pd2w/t7s69pyve9tK4Rn28xCLtpKVDRt3hdt353j2t+CHALmCw9QwGEFjYeNugVaLDOYRSuvW/qqN5YMGFskB0S0TCGnKDllzDsmZRwVqh3mNZ2U=;
  h=MIME-Version:Content-Type:Content-Transfer-Encoding:Date:From:To:Subject:Message-ID:X-Sender:User-Agent;
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Sat, 04 Apr 2015 00:58:24 -0300
From: Contacto Gupropiedades <[email protected]>
To: [email protected]
Subject: test
Message-ID: <[email protected]>
X-Sender: [email protected]
User-Agent: Roundcube Webmail/0.9.5

testing mail server
    
por user109148 04.04.2015 / 06:00

1 resposta

0

Logo depois de se certificar de que o seu DKIM está a funcionar corretamente:

Eu tive exatamente o mesmo problema. Cada teste foi ok, assim como você. O problema era o certificado SSL auto-assinado usado para enviar e-mail.

Se você verificar seus registros do servidor enquanto envia um e-mail para um endereço do Gmail, receberá algo como "conexão não confiável". Aparentemente, o gmail etc não gosta disso.

Um dia, decidi substituir o certificado autoassinado por um legítimo e, de repente, não há mais spam no Gmail, etc. Ele está funcionando bem por um longo tempo.

Estou usando um certificado gratuito para criptografar esse servidor e funciona. Mas há algumas coisas que você precisa verificar para que funcione:

  1. Instalar vamos criptografar na sua máquina: 

    cd /etc/ssl/certs
openssl dhparam -out dhparam.pem 4096
cd ~
git clone https://github.com/letsencrypt/letsencrypt && cd letsencrypt

  2. Gere um sandalone SSL para o seu nome de host do servidor: 

    (stop all web servers)
cd ~/letsencrypt
./letsencrypt-auto --server https://acme-v01.api.letsencrypt.org/directory auth -d host.domain.dev

  3. Adicione criptografar o certificado intermediário ao seu sistema;

  4. O postfix requer o certificado como: 

    smtp_tls_CApath = /etc/ssl/certs        
smtpd_tls_key_file = privkey.pem
smtpd_tls_cert_file = cert.pem
smtpd_tls_CAfile = chain.pem

Sempre verifique o log do postfix tail -f /var/log/mail.log ao enviar um e-mail para verificar se tudo está certo. Se é você deveria ver: Trusted TLS connection established to gmail-smtp-in . Se algo falhar, o postfix irá reclamar sobre conexão não confiável / não encontrar o certificado, a CA etc.

Espero que isso também ajude você.

PS : Talvez você devesse tentar o EXIM, geralmente grandes provedores como o Postfix em termos de SPAM.

    
por 25.01.2016 / 04:06

Tags

CentOS 6 Endereço IP Estático Como posso informar consistentemente ao OpenSUSE para atualizar o relógio / hora atual?