Postfix
Dovecot 和 Postfix 沒有 STARTTLS
我做了很多搜尋,但沒有找到解決方案。
我不得不在我的電子郵件伺服器上重新載入 Mageia 6。我正在使用
dovecot-2.2.34-1.mga6
和postfix-3.1.6-1.mga6
。Openssl 是openssl-1.0.2o-1.mga6
.
Postbox
我可以從(基於 Thunderbird)發送和接收帶有密碼且未加密的電子郵件,但是當嘗試STARTTLS
從 telnet 到 587 或 465 時,我得到:454 4.7.0 TLS 由於本地問題不可用
這是在文件系統損壞之前工作的,我不得不重新安裝 Mageia。舊配置文件不適用於新安裝。
從遠端登錄:
Escape character is '^]'. 220 robob.robob.com ESMTP Postfix (3.1.6) (Linux) EHLO robob.robob.com 250-robob.robob.com 250-PIPELINING 250-SIZE 252400000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN STARTTLS 454 4.7.0 TLS not available due to local problem
Dovecot 應該進行身份驗證。
# 2.2.34 (874deae): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 4.14.65-desktop-1.mga6 i686 Mageia 6 # Hostname: robob.robob.com auth_debug = yes auth_mechanisms = plain login disable_plaintext_auth = no listen = * mail_access_groups = mail mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded- character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext mbox_write_locks = fcntl passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } vsz_limit = 512 M } service imap-login { process_min_avail = 10 service_count = 1 vsz_limit = 2 G } service imap { vsz_limit = 640 M } service managesieve-login { process_min_avail = 10 } service managesieve { vsz_limit = 640 M } service pop3-login { process_min_avail = 10 } service pop3 { vsz_limit = 640 M } ssl_cert = </etc/pki/tls/certs/dovecot.pem ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { postmaster_address = postmaster@example.com }
非常感謝您的幫助,因為我已經為此工作了大約 30 個小時,幾乎沒有睡眠。我有幾個使用者,不希望他們不安全地連接。
謝謝,羅伯特
# Please be sure to read the /usr/share/doc/postfix/README.MDK file # to learn about differences from stock postfix to Mandriva package. # This file contains only the parameters changed from a default install # see /etc/postfix/main.cf.dist for a commented, fuller version of this file. # These are changed by postfix install script readme_directory = /usr/share/doc/postfix/README_FILES html_directory = /usr/share/doc/postfix/html sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop command_directory = /usr/sbin manpage_directory = /usr/share/man daemon_directory = /usr/libexec/postfix newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq queue_directory = /var/spool/postfix mail_owner = postfix # User configurable parameters mydomain = robob.com mydestination = $myhostname, localhost.$mydomain, $mydomain, eoberjr.com #inet_interfaces = localhost #mynetworks_style = host #delay_warning_time = 4h smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Linux) unknown_local_recipient_reject_code = 450 smtp-filter_destination_concurrency_limit = 2 lmtp-filter_destination_concurrency_limit = 2 data_directory = /var/lib/postfix mailbox_size_limit = 2000000000 message_size_limit = 252400000 #mailbox_command = /usr/bin/procmail -a "$EXTENSION" local_recipient_maps = proxy:unix:passwd.byname $alias_maps mail_spool_directory = /var/spool/mail relay_domains = $mydestination /etc/postfix/relay_domains mynetworks = 75.148.212.32/29, 127.0.0.1 canonical_maps = hash:/etc/postfix/canonical virtual_maps = hash:/etc/postfix/virtual alias_maps = hash:/etc/postfix/aliases alias_database = hash:/etc/postfix/aliases maps_rbl_domains = blackholes.mail-abuse.org smtpd_sasl_auth_enable = yes ssl_cert = /etc/pki/tls/certs/dovecot.pem ssl_key = /etc/pki/tls/private/dovecot.pem smtp_tls_cert_file = /etc/pki/tls/certs/dovecot.pem ssl_key = /etc/pki/tls/private/dovecot.pem smtpd_sasl_type = dovecot #smtpd_sasl_path = smtpd smtpd_sasl_path = private/auth smtpd_sasl_local_domain = robob.com smtpd_sasl_security_options = noanonymous smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client 2.0.0.127.b.barracudacentral.org smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_relay_domains, reject_unauth_destinationa, reject_rbl_client bl.spamcop.net broken_sasl_auth_clients = yes inet_protocols = ipv4
我已經嘗試了很多方法。目前配置應該讓 Dovecot 進行身份驗證。我很欣賞澄清。那麼,Dovecot 進行身份驗證,然後 Postfix 協商加密?我之前嘗試過 cyrus sasl,但也沒有用,所以我刪除了它。
謝謝
您的 Postfix 配置中似乎有錯字。
smtp_tls_cert_file = /etc/pki/tls/certs/dovecot.pem
smtp_
當 Postfix 與其他伺服器建立傳出SMTP 連接時,使用以 開頭的指令。特別是,僅當 Postfix 旨在使用客戶端證書向另一個 SMTP 伺服器進行身份驗證時才使用此指令。這是一種極為罕見的情況,不是你現在的情況。您可能打算輸入
smtpd_tls_cert_file
.smtpd_
以適用於傳入 SMTP 連接的指令開頭。
smtpd_tls_key_file
您還需要在指令中提供與證書對應的私鑰。您可能還需要其他配置更改。仔細閱讀相關的 Postfix 文件。