postfix smtpd starttls 丢失连接

postfix smtpd starttls 丢失连接

我正在尝试使用 postfix、dovecot 和 roundcube 设置邮件服务器。我想使用 TLS 加密发送邮件,但收到以下消息:

来自 Roundcube:

[25-Apr-2018 14:43:00 -0700]: <2g3no7cf> SMTP Error: Authentication failure: STARTTLS failed (Code: ) in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1648 (POST /roundcube/?_task=mail&_unlock=loading1524692580810&_lang=undefined&_framed=1&_action=send)

来自 /var/log/mail.info 中的 postfix:

Apr 25 14:43:00 hwsrv-230549 postfix/submission/smtpd[8500]: connect from localhost[127.0.0.1]
Apr 25 14:43:00 hwsrv-230549 postfix/submission/smtpd[8500]: lost connection after STARTTLS from localhost[127.0.0.1]
Apr 25 14:43:00 hwsrv-230549 postfix/submission/smtpd[8500]: disconnect from localhost[127.0.0.1] ehlo=1 starttls=1 commands=2

这是我的 /etc/roundcube/config.inc.php:

$config = array();
$config['default_host'] = 'localhost';
$config['default_port'] = 143;
$config['smtp_server'] = 'tls://localhost';
$config['smtp_port'] = 587;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['smtp_auth_type'] = 'LOGIN';

这是我的 /etc/postfix/main.cf:

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
readme_directory = /usr/share/doc/postfix
compatibility_level = 2
smtpd_tls_cert_file=/etc/letsencrypt/live/host.hostprovider.com/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/host.hostprovider.com/privkey.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = host.hostprovider.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
html_directory = /usr/share/doc/postfix/html
config_directory = /etc/postfix
virtual_transport = dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
virtual_mailbox_domains = mysql:/etc/postfix/mysql-vdomains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-vusers.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-valias.cf

从我的 /etc/postfix/master.cf 中:

submission inet n       -       n       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

将其添加到我的 /etc/roundcube/config.inc.php 允许我发送邮件,但邮件未加密,而我的目标是发送加密电子邮件。

$config['smtp_conn_options'] = array(
    'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
    ),
);

我搜索后发现许多人都遇到了同样的问题,但没有找到明确的解决方案,而且到目前为止对我来说没有任何方法有用。

感谢您的帮助。

答案1

修改/改变/etc/postfix/main.cf如下所示:

smtpd_tls_cert_file=/etc/letsencrypt/live/host.hostprovider.com/fullchain.pem 
to
smtpd_tls_cert_file=/etc/letsencrypt/live/host.hostprovider.com/cert.pem

smtpd_tls_cert_file should point to cert.pem file and not fullchain.pem

相关内容