System.Net.Mail.SmtpClient和Postfix [英] System.Net.Mail.SmtpClient and Postfix

问题描述

我有自己的Postfix服务器，我们每天都使用Thunderbird客户端。



当我尝试通过Postfix发送邮件时服务器通过System.Net.Mail.SmtpClient，我收到错误5.7.1中继访问被拒绝。为了解决这个问题，我已将办公室的静态IP地址添加到$ mynetworks。我宁愿正确认证。



我注意到Thunderbird客户创建了这样的日志条目：

I have my own Postfix server that we use every day with Thunderbird clients.

When I try to send mail through our Postfix server via System.Net.Mail.SmtpClient, I'm getting error 5.7.1 Relay Access Denied. To work around this, I've added our office's static IP address to $mynetworks. I would rather authenticate properly though.

I noticed Thunderbird clients create a log entry like this:

Aug 15 17:07:42 mail postfix/smtpd[28367]: connect from unknown[a.b.c.d]
Aug 15 17:07:42 mail postfix/smtpd[28367]: setting up TLS connection from unknown[a.b.c.d]
Aug 15 17:07:42 mail postfix/smtpd[28367]: Anonymous TLS connection established from unknown[a.b.c.d]: TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)
Aug 15 17:07:42 mail postfix/smtpd[28367]: 495BB420D1: client=unknown[a.b.c.d], sasl_method=PLAIN, sasl_username=myusername
Aug 15 17:07:42 mail postfix/cleanup[28150]: 495BB420D1: message-id=<520D0ADC.8010901@xxx.com>
Aug 15 17:07:42 mail postfix/qmgr[28127]: 495BB420D1: from=<administrator@xxx.com>, size=722, nrcpt=1 (queue active)
Aug 15 17:07:42 mail clamsmtpd: 1023D8: accepted connection from: 127.0.0.1
Aug 15 17:07:42 mail postfix/smtpd[28173]: connect from localhost[127.0.0.1]
Aug 15 17:07:42 mail postfix/smtpd[28173]: 72217420D6: client=unknown[a.b.c.d]
Aug 15 17:07:42 mail postfix/cleanup[28157]: 72217420D6: message-id=<520D0ADC.8010901@xxx.com>
Aug 15 17:07:42 mail postfix/qmgr[28127]: 72217420D6: from=<administrator@xxx.com>, size=1277, nrcpt=1 (queue active)
Aug 15 17:07:42 mail postfix/smtp[28144]: 495BB420D1: to=<dave@xxx.com>, relay=127.0.0.1[127.0.0.1]:10025, delay=0.27, delays=0.16/0/0.04/0.07, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 72217420D6)
Aug 15 17:07:42 mail postfix/qmgr[28127]: 495BB420D1: removed

注意第四行中的sasl_username部分。这表明我已登录。



当我从System.Net.Mail.SmtpClient发送时，我的日志显示：

Notice the sasl_username part in the fourth line. This is showing that I logged in.

When I send from System.Net.Mail.SmtpClient my log shows this:

Aug 15 17:13:55 mail postfix/smtpd[28870]: connect from unknown[a.b.c.d]
Aug 15 17:13:55 mail postfix/smtpd[28870]: setting up TLS connection from unknown[a.b.c.d]
Aug 15 17:13:55 mail postfix/smtpd[28870]: Anonymous TLS connection established from unknown[a.b.c.d]: TLSv1 with cipher AES128-SHA (128/128 bits)
Aug 15 17:13:56 mail postfix/smtpd[28870]: NOQUEUE: reject: RCPT from unknown[a.b.c.d]: 554 5.7.1 <dave@xxx.com>: Relay access denied; from=<administrator@xxx.com> to=<dave@xxx.com> proto=ESMTP helo=<AMSTERDAM>
Aug 15 17:13:56 mail postfix/smtpd[28870]: lost connection after RCPT from unknown[a.b.c.d]
Aug 15 17:13:56 mail postfix/smtpd[28870]: disconnect from unknown[a.b.c.d]

这里我找不到SmtpClient尝试登录的任何证据，即使我设置了

Here I can't find any evidence that SmtpClient tried to log in even though I set

.Credentials = new NetworkCredential(username, password);

我的代码如下所示：

My code looks like this:

smtp = new SmtpClient(server, port);
smtp.UseDefaultCredentials = false;
smtp.Credentials = new NetworkCredential(username, password);
smtp.EnableSsl = true;
MailMessage mail = new MailMessage();
mail.To.Add(to);
mail.From = new MailAddress(from);
mail.Subject = subject;
mail.Body = body;
smtp.Send(mail);

有什么特别的东西我和SmtpClient有关，或者可能有些设置我可以更改/etc/postfix/main.cf?

Is there something special I have to do with SmtpClient, or maybe some setting I can change in /etc/postfix/main.cf?

推荐答案

mynetworks。我宁愿正确认证。



我注意到Thunderbird客户创建了这样的日志条目：

mynetworks. I would rather authenticate properly though.

I noticed Thunderbird clients create a log entry like this:

Aug 15 17:07:42 mail postfix/smtpd[28367]: connect from unknown[a.b.c.d]
Aug 15 17:07:42 mail postfix/smtpd[28367]: setting up TLS connection from unknown[a.b.c.d]
Aug 15 17:07:42 mail postfix/smtpd[28367]: Anonymous TLS connection established from unknown[a.b.c.d]: TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)
Aug 15 17:07:42 mail postfix/smtpd[28367]: 495BB420D1: client=unknown[a.b.c.d], sasl_method=PLAIN, sasl_username=myusername
Aug 15 17:07:42 mail postfix/cleanup[28150]: 495BB420D1: message-id=<520D0ADC.8010901@xxx.com>
Aug 15 17:07:42 mail postfix/qmgr[28127]: 495BB420D1: from=<administrator@xxx.com>, size=722, nrcpt=1 (queue active)
Aug 15 17:07:42 mail clamsmtpd: 1023D8: accepted connection from: 127.0.0.1
Aug 15 17:07:42 mail postfix/smtpd[28173]: connect from localhost[127.0.0.1]
Aug 15 17:07:42 mail postfix/smtpd[28173]: 72217420D6: client=unknown[a.b.c.d]
Aug 15 17:07:42 mail postfix/cleanup[28157]: 72217420D6: message-id=<520D0ADC.8010901@xxx.com>
Aug 15 17:07:42 mail postfix/qmgr[28127]: 72217420D6: from=<administrator@xxx.com>, size=1277, nrcpt=1 (queue active)
Aug 15 17:07:42 mail postfix/smtp[28144]: 495BB420D1: to=<dave@xxx.com>, relay=127.0.0.1[127.0.0.1]:10025, delay=0.27, delays=0.16/0/0.04/0.07, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 72217420D6)
Aug 15 17:07:42 mail postfix/qmgr[28127]: 495BB420D1: removed

注意第四行中的sasl_username部分。这表明我已登录。



当我从System.Net.Mail.SmtpClient发送时，我的日志显示：

Notice the sasl_username part in the fourth line. This is showing that I logged in.

When I send from System.Net.Mail.SmtpClient my log shows this:

Aug 15 17:13:55 mail postfix/smtpd[28870]: connect from unknown[a.b.c.d]
Aug 15 17:13:55 mail postfix/smtpd[28870]: setting up TLS connection from unknown[a.b.c.d]
Aug 15 17:13:55 mail postfix/smtpd[28870]: Anonymous TLS connection established from unknown[a.b.c.d]: TLSv1 with cipher AES128-SHA (128/128 bits)
Aug 15 17:13:56 mail postfix/smtpd[28870]: NOQUEUE: reject: RCPT from unknown[a.b.c.d]: 554 5.7.1 <dave@xxx.com>: Relay access denied; from=<administrator@xxx.com> to=<dave@xxx.com> proto=ESMTP helo=<AMSTERDAM>
Aug 15 17:13:56 mail postfix/smtpd[28870]: lost connection after RCPT from unknown[a.b.c.d]
Aug 15 17:13:56 mail postfix/smtpd[28870]: disconnect from unknown[a.b.c.d]

这里我找不到SmtpClient尝试登录的任何证据，即使我设置了

Here I can't find any evidence that SmtpClient tried to log in even though I set

.Credentials = new NetworkCredential(username, password);

我的代码如下所示：

My code looks like this:

smtp = new SmtpClient(server, port);
smtp.UseDefaultCredentials = false;
smtp.Credentials = new NetworkCredential(username, password);
smtp.EnableSsl = true;
MailMessage mail = new MailMessage();
mail.To.Add(to);
mail.From = new MailAddress(from);
mail.Subject = subject;
mail.Body = body;
smtp.Send(mail);

有什么特别的东西我和SmtpClient有关，或者可能有些设置我可以在/etc/postfix/main.cf中更改吗？

Is there something special I have to do with SmtpClient, or maybe some setting I can change in /etc/postfix/main.cf?

你在正确的轨道上！，我不是SMTP的专家，但我确实有几百个小时。



当使用邮件服务器将邮件中继到它的目的地时，你没有真正登录到邮件服务器，只要你传递一条SMTP邮件就可以了符合邮件服务器的标准。邮件服务器将完成查找目标邮件服务器的艰苦工作，并从那里开始工作。

Microsoft Exchange邮件服务器确实需要在网络内登录Windows。我知道很多人可以争辩说你必须登录才能传递一封邮件，但这是另一个我要保存一天的争论。



所以如果你不记录in，你在做什么？



邮件服务器有一套符合你输入的标准，比如

*允许IP地址范围

*端口号

*域名

*您的DNS区域文件中的SPT记录

* SSL或TLS协商和密钥请求

*密码协商

*邮件服务器黑名单

*电子邮件地址黑名单

*连接或IP地址黑名单



我使用的是Exchange Server，以及Windows Server 2003+中包含的SMTP邮件服务器，我认为它是其中的一部分IIS Web服务器。因此，在我们拥有的每个Web服务器上，我们都有SMTP服务器设置。我们的.Net Apps使用邮件客户端将邮件消息传递给SMTP服务器，后者可以转发到交换服务器，然后将消息发送出去。



.Net - > IIS中的SMTP服务器 - >目的地邮件服务器



花了我一个星期来配置整个事情，并解决发送到AOL，时代华纳等问题，并重写我的。网络邮件客户端程序。



您可能需要考虑更改设计，但我不确定您的基础架构是如何设置的。



////////////////////////////////////////// ///////////////////////////////////////////

对于你想要做的事情，



.Net - >后缀服务器 - >目标服务器



您可以从网络内部直接进入内部邮件服务器。



修复TLS协商，我认为你的postfix服务器在这里有问题，并且不能解决与.Net邮件客户端的协议。检查你的端口号。



下面概述了它是如何工作的。



http://technet.microsoft.com/en-us/library/cc783349%28v = ws.10％29.aspx [ ^ ]



这是TLS Negociation的RFC 3207，它描述了退出代码554



如果SMTP客户端决定认证级别或

隐私不足以让它继续，它应该发出一个

完成TLS协商后的b $ b SMTP QUIT命令。

如果SMTP服务器认定身份验证级别或
隐私不够高，无法继续，它应该回复

来自客户端的每个SMTP命令（除了QUIT命令）

554回复代码（带有可能的文本字符串，例如由于缺乏安全性而命令

被拒绝）。



完整文件


http://www.ietf.org/rfc/rfc3207.txt [ ^ ]



我有一段时间没有使用Linux，从未使用过postfix，但我知道你可以调整配置文件来改变安全级别。



您在第一个日志条目上已连接，但在TLS协商时已断开连接

Your on the right track!, I'm not an expert at SMTP but I do have a couple hundred hours into it.

When using a mail server to relay a message to it's destination, your not really logging in to the mail server, your just passing a SMTP message through it as long as you meet the criteria of the mail server. The mail server will do the hard work of finding the destination mail server, and do it's work from there on.
Microsoft Exchange Mail Servers do require a windows login inside the network. I know many can argue that you have to login to pass a mail message, but that's another argument I'll save for a another day.

So if your not logging in, then what are you doing?

The mail server has a set of criteria to match your input from, such as
*Allowed IP Address range
*Port Numbers
*Domain Names
*SPT Record in your DNS Zone File
*SSL or TLS negotiation and request for keys
*Cipher negoiation
*Mail Server Black List
*Email Address Black list
*Connection or IP Address Black list

I use an Exchange Server, and the SMTP Mail server that is included in Windows Server 2003+, I think it's part of IIS Web Server. So on each web server we have, we have the SMTP Server setup on it. Our .Net Apps using the mail Client passes the mail message to the SMTP Server, which can relay to the exchange server, and then send the message out.

.Net --> SMTP Server in IIS --> Destination Mail Server

It took me a week to configure the whole thing, and to fix issues with sending to AOL, Time Warner and so on, and to rewrite my .net mail Client program.

You may want to consider changing your design, but I'm not sure how your infrastructure it setup.

/////////////////////////////////////////////////////////////////////////////////////
For what your trying to do,

.Net --> postfix server --> Destination Server

Looks like your going straight to your internal mail server from inside your network.

Fix the TLS negotiation, I think your postfix server is at issue here, and cannot settle on a protocol with the .Net mail Client. Check your port number to.

Below is an overview of how it works.

http://technet.microsoft.com/en-us/library/cc783349%28v=ws.10%29.aspx[^]

This is the RFC 3207 for TLS Negociation, which describes your exit code of 554

If the SMTP client decides that the level of authentication or
privacy is not high enough for it to continue, it SHOULD issue an
SMTP QUIT command immediately after the TLS negotiation is complete.
If the SMTP server decides that the level of authentication or
privacy is not high enough for it to continue, it SHOULD reply to
every SMTP command from the client (other than a QUIT command) with
the 554 reply code (with a possible text string such as "Command
refused due to lack of security").

Complete Document

http://www.ietf.org/rfc/rfc3207.txt[^]

I haven't worked with Linux in a while, never worked with postfix, but I know you can adjust the config file to change the level of security.

You connected on the first log entry, but was disconnected upon TLS negociation

Aug 15 17:13:55 mail postfix/smtpd[28870]: Anonymous TLS connection established from unknown[a.b.c.d]: TLSv1 with cipher AES128-SHA (128/128 bits)
Aug 15 17:13:56 mail postfix/smtpd[28870]: NOQUEUE: reject: RCPT from unknown[a.b.c.d]: 554 5.7.1 <dave@xxx.com>: Relay access denied; from=<administrator@xxx.com> to=<dave@xxx.com> proto=ESMTP helo=<AMSTERDAM>

继电器访问被拒绝;



我没有看到，中继访问被拒绝，简单明了，返回并将配置文件设置回日志文件的那个日期，并添加一个中继预存，解决了！

Relay access denied;

I didn't see that, relay access denied, plain and simple, go back and set your config file back to that date of the log file, and add a relay premission, solved!

这篇关于System.Net.Mail.SmtpClient和Postfix的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！