OpenSSL 通过显式端口连接到 imap 服务器可以工作,但通过隐式端口连接会失败

OpenSSL 通过显式端口连接到 imap 服务器可以工作,但通过隐式端口连接会失败

我有一个邮件服务器,我使用 IMAP 协议从 ruby​​ 应用程序连接到该服务器。但我在 rails 控制台中收到错误:

Loading dev environment (Rails 7.0.4)
irb(main):001:0> @connection = Net::IMAP.new('mail.test.com.test', 993, true)

Traceback (most recent call last):
        2: from (irb):1
        1: from (irb):1:in `new'
Errno::ECONNRESET (Connection reset by peer - SSL_connect)

使用的版本:

rails: 7.0.4 
ruby: ruby 2.7.3p183

笔记:

我们之间有防火墙,并且允许端口 993 的规则。

nc -vz mail.test.com.test 993

mail.test.com.test (192.168.1.186:993) open

因此我开始通过隐式端口使用 OpenSSL 进行测试993并收到错误:

openssl s_client -connect mail.test.com.test:993 


CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 319 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

但看起来通过143带有 TLS 的显式端口建立的 IMAP 连接工作正常:

openssl s_client -connect mail.test.com.test:143 -starttls imap -brief


CONNECTION ESTABLISHED
Protocol version: TLSv1.2
Ciphersuite: <suite>
Peer certificate: CN = mail.test.com.test
Hash used: SHA256
Signature type: RSA
Verification: OK
Server Temp Key: <key>, P-384, 384 bits
. OK CAPABILITY completed.

在 Rails 控制台中,它将是这样的:

irb(main):061:0> @connection = Net::IMAP.new('mail.test.com.test', 143, false)
    
=> #<Net::IMAP:0x0000f0 @mon_data=#<Monitor:0x0000d78>, @mon_data_owner_object_id=5230, @host="mail.test.com.test", @port=143, @tag_prefix="RUBY", @tagno=0, @open_timeout=30, @idl...  
    
      
irb(main):064:0> @connection.starttls
        
=> #<struct Net::IMAP::TaggedResponse tag="RUBY0001", name="OK", data=#<struct Net::IMAP::ResponseText code=nil, text="Begin TLS negotiation now.">, raw_data="RUBY0001 OK Begin TLS negotiation now.\r\n">

为什么会发生这种情况?我该如何解决这个问题?

相关内容