Debian
通過我的 VPS(postfix、dovecot、postfixadmin)從 Gmail 發送郵件
這個問題已經困擾了我很長時間,我希望它得到解決。在我的 VPS 上,我已將 Postfix 設置為與 postfixadmin 和 dovecot 一起正常工作。(我可以(通過終端)發送和接收郵件)因為我是 Gmail 等Google產品的忠實粉絲。使用 gmail 作為發送我的郵件的介面(通過我的 vps)會很好。那麼Gmail有這樣一個功能來添加一個現有的電子郵件地址。我想以這種方式將我的電子郵件地址添加到我的帳戶中。
但是每次我嘗試使用Google方法登錄時,它都會說失敗。我已經進去
/var/log/mail.log看看發生了什麼事。當我嘗試通過 gmail 連接到我的伺服器時,它給了我這 3 個警告:Apr 24 20:02:04 localhost postfix/master[7177]: daemon started -- version 2.11.3, configuration /etc/postfix Apr 24 20:03:08 localhost postfix/smtpd[7189]: connect from mail-wm0-f41.google.com[74.125.82.41] Apr 24 20:03:08 localhost postfix/smtpd[7189]: lost connection after CONNECT from mail-wm0-f41.google.com[74.125.82.41] Apr 24 20:03:08 localhost postfix/smtpd[7189]: disconnect from mail-wm0-f41.google.com[74.125.82.41]這是我的
/etc/postfix/master.cf文件的樣子:# SMTP on port 25, unencrypted. smtp inet n - - - - smtpd # SMTP with TLS on port 587. submission inet n - - - - smtpd # SMTP over SSL on port 465. smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes pickup unix n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr unix n - n 300 1 qmgr #qmgr unix n - n 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp relay unix - - - - - smtp showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}這就是我的
/etc/postfix/main.cf文件的樣子:# The text that follows the 220 status code in the SMTP greeting banner. smtpd_banner = $myhostname ESMTP biff = no append_dot_mydomain = no readme_directory = no # TLS parameters # Using default dovecot certs smtpd_tls_cert_file=/etc/letsencrypt/live/example.nl/fullchain.pem smtpd_tls_key_file=/etc/letsencrypt/live/example.nl/privkey.pem # Use TLS if this is supported by the remote SMTP server, otherwise use plaintext. smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache # smtpd_tls_auth_only = yes # Ensure we're not using no-longer-secure protocols. smtpd_tls_mandatory_protocols=!SSLv2 smtpd_tls_ciphers = high smtpd_tls_loglevel = 1 smtpd_tls_ask_ccert=yes #Enabling SMTP for authenticated users, and hand off authentication to Dovecot smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination # Outgoing encryption smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache myhostname = mail.example.nl alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $myhostname mydestination = localhost relayhost = mynetworks = 127.0.0.0/8 192.168.0.0/24 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all # Disable the SMTP VRFY command. This stops some techniques used to harvest email addresses. disable_vrfy_command = yes #Handing off local delivery to Dovecot's LMTP, and telling it where to store mail virtual_transport = lmtp:unix:private/dovecot-lmtp # This specifies where the virtual mailbox folders will be located. virtual_mailbox_base = /var/mail # This is for the mailbox location for each user. virtual_mailbox_maps = mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf # and their user id virtual_uid_maps = static:5000 # and group id virtual_gid_maps = static:5000 # This is for aliases. virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf # This is for domain lookups. virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf header_checks = regexp:/etc/postfix/header_checks queue_directory = /var/spool/postfix有什麼辦法讓我能夠使用上面解釋的選項和本文標題下的選項通過 gmail 發送郵件:https
I'm a Gmail or Google Apps user sending from an external address.: //support.google.com/mail/answer/22370?hl=en當我在 Google 上搜尋時,我得到了使用 gmail 作為中繼的後綴實例的結果,這不是我想要的。
順便說一句,我正在執行 Debian Jessie。
執行:
openssl s_client -connect domain.nl:587 -starttls smtp給我以下輸出:CONNECTED(00000003) depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/CN=stack.domain.nl i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 i:/O=Digital Signature Trust Co./CN=DST Root CA X3 --- Server certificate -----BEGIN CERTIFICATE----- MIIF6zCCBNOgAwIBAgISAx6j+Nm5lNYiux1hkrZfdLOaMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA0MjExMTIxMDBaFw0x NjA3MjAxMTIxMDBaMCAxHjAcBgNVBAMTFXN0YWNrLmFyamFuc3BpZWFyZC5ubDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfZTqHABdgGweSS+x/fSDTd QcgD/ZN1tdI4a8133ENsxnuLlZUEaexJ3WLLD+kHGsYT4iy8XWJKMrs/Rn4bxvrI 8nd+qlK5qEBgQggk2/s6B+6TEzBfS8gh+pqHBlfFguU5W5Ls+/jchScv5MY8eHDQ 04oLPYb6ssZk5Cv3RmfWmYJ/DfzezI7tC5NHnfX90XcIKH/hPgKgLGfLkwSjH5q/ 0GgNba+mp08TQ9zsgzIYK49/x/3x8bs5Wf9MrqmJm8wnaNQlJVFM/hu8VieSX4xA VrsdmI/1jfrYVgYp7kcFgQQYhS2AROamRYrsFDEykMlMLbJM0MkZIkde9QFQDlUC AwEAAaOCAvMwggLvMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURN1iPx/I2g4ODzxc fTq3m4Fw4nowHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYB BQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMubGV0c2Vu Y3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNl bmNyeXB0Lm9yZy8wgfwGA1UdEQSB9DCB8YITYXB0LmFyamFuc3BpZWFyZC5ubIIP YXJqYW5zcGllYXJkLm5sghNkZXYuYXJqYW5zcGllYXJkLm5sghNmdHAuYXJqYW5z cGllYXJkLm5sghZnaXRsYWIuYXJqYW5zcGllYXJkLm5sghdrYXJhb2tlLmFyamFu c3BpZWFyZC5ubIIUbWFpbC5hcmphbnNwaWVhcmQubmyCF3JlZG1pbmUuYXJqYW5z cGllYXJkLm5sghVzdGFjay5hcmphbnNwaWVhcmQubmyCE3RmMi5hcmphbnNwaWVh cmQubmyCE3d3dy5hcmphbnNwaWVhcmQubmwwgf4GA1UdIASB9jCB8zAIBgZngQwB AgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl dHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRl IG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQg b25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBm b3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkq hkiG9w0BAQsFAAOCAQEAPIASRLDbLjWFA51Z1sKg/SwLOiuBfygdPNXMfOukcoBT Okqs1xf7wAdOXzhR7yvkDPPeF39ztCY+z7yxUcvqXL6bIXid3rDuEcE9zSNBJgZY l2cbMeIn2jRw9SRBMQJ210xjrQIG6z6QbtiguHct8r4DAJNgX4x5x3sG103CZvpo RhdKusrZzFyznzEBgAzBO310CAOzsyz710AZ5PBPGHjyWP2cb/6kWmX726LvbMj8 Z5iqFuX1LYG+sux4NHpgQbqvv8uCqjRmvjXmqVHNsHL35MwGYrkzQTdugbwns6pP Upu2dBb/TX7lg0coJoEF8VzXASONxgTqkcjmB4Ep5A== -----END CERTIFICATE----- subject=/CN=stack.arjanspieard.nl issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 --- No client certificate CA names sent --- SSL handshake has read 3592 bytes and written 462 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: C4B5891C670E3F0D69A4569C0AFBE23EDA863AC6AC41316E78273217DBB36A28 Session-ID-ctx: Master-Key: 172AAAB858D6770614EF191EAC1BEF98C715927989A6C406E2C3E85425EC0963199333F2E6D9A32F9C9160A6AF8177C8 Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - 83 5a ad 68 ac da 62 2f-c1 0d c8 7c d9 d1 4d 00 .Z.h..b/...|..M. 0010 - 2f 98 4a 79 c6 a0 f5 fb-9a ea ad ae bc 74 63 54 /.Jy.........tcT 0020 - 0c bf 4c b4 26 77 2a 3c-e4 37 d7 ab 1e 25 9e af ..L.&w*<.7...%.. 0030 - 3d c0 03 d0 b0 6f a2 14-13 4d 89 3c de c7 3a 2e =....o...M.<..:. 0040 - 3a 4e 7b 46 42 92 28 89-f0 82 8c fa d1 c0 e7 eb :N{FB.(......... 0050 - 93 d2 57 f9 90 78 9f 45-8b e2 44 7a 28 1e 55 dc ..W..x.E..Dz(.U. 0060 - e0 70 98 1a a7 e3 da ea-a5 1d ee ab 92 df 5b fa .p............[. 0070 - 8b f4 9e f6 ed 5d 34 94-3f 19 52 35 5a a6 d1 5a .....]4.?.R5Z..Z 0080 - 2e 28 37 7a 96 13 14 24-22 ef ba 12 d8 07 22 87 .(7z...$".....". 0090 - 3d a1 e8 3e 25 b0 f6 d2-d3 4e 1d fd c0 fb 6d 07 =..>%....N....m. Start Time: 1461525221 Timeout : 300 (sec) Verify return code: 20 (unable to get local issuer certificate) --- 250 DSN我認為它必須是一些設置,
postfix/master.cf但我不知道是什麼..
我發現了錯誤。我沒有正確配置 Dovecot。這是我使用的教程:https ://www.crahl.ca/blog/postfixdovecotpostfixadmin-on-ubuntu-14-04/