ssl 将sendmail配置为使用端口465和TLS与SMTP服务器通信

fjaof16o  于 2023-06-30  发布在  其他
关注(0)|答案(2)|浏览(116)

请问我该怎么做?
我最近更换了电子邮件提供商,他们要求我使用端口465和TLS以及用户ID/密码身份验证。
以前我是连接到一个不同的smtp服务器上的端口587使用STARTTLS(我想)。
我尝试更改sendmail.mc以使用新服务器:

divert(-1)dnl
#-----------------------------------------------------------------------------
# $Sendmail: debproto.mc,v 8.15.2 2020-03-08 00:39:49 cowboy Exp $
#
# Copyright (c) 1998-2010 Richard Nelson.  All Rights Reserved.
#
# cf/debian/sendmail.mc.  Generated from sendmail.mc.in by configure.
#
# sendmail.mc prototype config file for building Sendmail 8.15.2
#
# Note: the .in file supports 8.7.6 - 9.0.0, but the generated
#   file is customized to the version noted above.
#
# This file is used to configure Sendmail for use with Debian systems.
#
# If you modify this file, you will have to regenerate /etc/mail/sendmail.cf
# by running this file through the m4 preprocessor via one of the following:
#   * make   (or make -C /etc/mail)
#   * sendmailconfig
#   * m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# The first two options are preferred as they will also update other files
# that depend upon the contents of this file.
#
# The best documentation for this .mc file is:
# /usr/share/doc/sendmail-doc/cf.README.gz
#
#-----------------------------------------------------------------------------
divert(0)dnl
#
#   Copyright (c) 1998-2005 Richard Nelson.  All Rights Reserved.
#
#  This file is used to configure Sendmail for use with Debian systems.
#
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.15.2-18 2020-03-08 00:39:49 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
undefine(`confHOST_STATUS_DIRECTORY')dnl        #DAEMON_HOSTSTATS=
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
dnl #
dnl # General defines
dnl #
dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot()
dnl #   into this directory before writing files.
dnl #   If *all* your user accounts are under /home then use that
dnl #   instead - it will prevent any writes outside of /home !
dnl #   define(`confSAFE_FILE_ENV',             `')dnl
dnl #
dnl # Daemon options - restrict to servicing LOCALHOST ONLY !!!
dnl # Remove `, Addr=' clauses to receive from any interface
dnl # If you want to support IPv6, switch the commented/uncommentd lines
dnl #
FEATURE(`no_default_msa')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MTA-v4, Port=smtps, M=s, Addr=127.0.0.1')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl
dnl #
dnl # Be somewhat anal in what we allow
define(`confPRIVACY_FLAGS',dnl
`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
dnl #
dnl # Define connection throttling and window length
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
dnl #
dnl # Features
dnl #
dnl # use /etc/mail/local-host-names
FEATURE(`use_cw_file')dnl
dnl #
dnl # The access db is the basis for most of sendmail's checking
FEATURE(`access_db', , `skip')dnl
dnl #
dnl # The greet_pause feature stops some automail bots - but check the
dnl # provided access db for details on excluding localhosts...
FEATURE(`greet_pause', `1000')dnl 1 seconds
dnl #
dnl # Delay_checks allows sender<->recipient checking
FEATURE(`delay_checks', `friend', `n')dnl
dnl #
dnl # If we get too many bad recipients, slow things down...
define(`confBAD_RCPT_THROTTLE',`3')dnl
dnl #
dnl # Stop connections that overflow our concurrent and time connection rates
FEATURE(`conncontrol', `nodelay', `terminate')dnl
465FEATURE(`ratecontrol', `nodelay', `terminate')dnl
dnl #
dnl # If you're on a dialup link, you should enable this - so sendmail
dnl # will not bring up the link (it will queue mail for later)
dnl define(`confCON_EXPENSIVE',`True')dnl
dnl #
dnl # Dialup/LAN connection overrides
dnl #
include(`/etc/mail/m4/dialup.m4')dnl
include(`/etc/mail/m4/provider.m4')dnl
dnl #
dnl # Masquerading options
FEATURE(`always_add_domain')dnl
MASQUERADE_AS(`perdrix.co.uk')dnl
FEATURE(`allmasquerade')dnl
FEATURE(`masquerade_envelope')dnl
dnl #
dnl # Default Mailer setup
define(`SMART_HOST', `smtp.ionos.co.uk')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 465')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 465')dnl
define(`confAUTH_OPTIONS', `A p y')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash -o /etc/mail/auth/client-info.db')dnl
MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(`smtp')dnl

但这不起作用-它从www.example.com获得连接重置smtp.ionos.co.uk,邮件永远停留在挂起队列中:(
这是当我尝试测试sendmail时看到的:

echo "Subject: sendmail test" | sendmail -v david.partridge@perdrix.co.uk
david.partridge@perdrix.co.uk... Connecting to [127.0.0.1] via relay...
220 charon.home ESMTP Sendmail 8.15.2/8.15.2/Debian-18; Mon, 26 Jun 2023 06:49:41 +0100; (No UCE/UBE) logging access from: localhost(OK)-localhost [127.0.0.1]
>>> EHLO charon.home
250-charon.home Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<amonra@charon.home> SIZE=23 AUTH=amonra@charon.home
250 2.1.0 <amonra@charon.home>... Sender ok
>>> RCPT To:<david.partridge@perdrix.co.uk>
>>> DATA
250 2.1.5 <david.partridge@perdrix.co.uk>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
050 <david.partridge@perdrix.co.uk>... Connecting to smtp.ionos.co.uk. port 465 via relay...
050 <david.partridge@perdrix.co.uk>... Deferred: Connection reset by smtp.ionos.co.uk.
250 2.0.0 35Q5nfKb090974 Message accepted for delivery
david.partridge@perdrix.co.uk... Sent (35Q5nfKb090974 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 charon.home closing connection

我已经尝试了各种各样的东西,六个小时后,我仍然在撕扯我的头发,试图让这个发挥:(
非常感谢您的指导...
谢谢大卫

oprakyz7

oprakyz71#

Sendmail智能主机需要SMTP AUTH:尽可能使用端口587(msa)而不是465(smtps)[2023-06-27]

尝试通过端口587(msa/提交)而不是465(smtps)进行智能主机。

  1. smtp.ionos.co.uk似乎服务端口587。
    telnet smtp.ionos.co.uk 587收到SMTP问候消息。
  2. smtp.ionos.co.uk似乎通过连接到端口587提供SMTP AUTH

启动后(开启加密)

它可以使用linux/debian上提供的telnet-ssl等工具进行测试。
telnet-ssl支持到smtps和STARTTLS的连接

解释:

AFAIK使sendmail支持支持outgoing连接到smtps端口(在启动SMTP之前自动启动加密)更加复杂。

lb3vh1jj

lb3vh1jj2#

我打电话给ionos -他们不再支持使用端口587。
因此,由于无法让sendmail与TLS一起工作,我删除了它并安装了PostFix -花了大约一个小时才正确设置,它工作正常!
有时候你只需要尝试不同的方法。
大卫

相关问题