我正在尝试让 gmail 从我的虚荣域名发送电子邮件 - 可以理解的是,它希望使用为该域名设置的 SMTP 服务器。我尝试将 postfix 配置为我的虚荣域名的 SMTP 服务器,但在 gmail 中,我不断收到身份验证错误。我的经历似乎与Postfix 作为 Gmail 的 SMTP 服务器。(“以...身份发送邮件”Google 选项) 我在网上找到的关于这个特定问题的其他有用信息非常少。大多数询问此问题的其他用户似乎都得到了“这是如何使用 gmail 作为 SMTP 服务器”的答案,这显然没有帮助。Gmail 无法从我的虚荣域发送邮件,这就是我(和它)需要 SMTP 服务器的原因。
这是我的配置文件,我使用 host.example.com 作为运行 postfix 的服务器的完整主机名和域名。 - 我使用 vanity.domain 作为虚荣域名,试图与 gmail 和 user1 等作为不同的用户一起工作。
我添加了 Letsencrypt 证书,因为有人建议 gmail 可能会拒绝自签名证书。我不知道这是否正确,或者我是否做对了 - 我在 host.domain.com 上使用了 certbot --apache - 证书在 host.exmaple.com 的浏览器中有效。
顺便说一句,我还没有设法让 postfix 使用端口 587 - 所以我从配置中的 [vanity.domain]:587 中删除了 :587。
main.cf(由于不同的指南建议添加所有内容,它变得很长)
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/host.example.com/fullchain.pem
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/letsencrypt/live/host.example.com/privkey.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = host.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, host.example.com, host, localhost.localdomain, localhost
#relayhost =[vanity.domain]:587
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_domains = vanity.domain
virtual_alias_maps = hash:/etc/postfix/virtual
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noplaintext,noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_sasl_auth_enable = yes
smtp_use_tls = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
#smtp_tls_security_level = may
#smtp_tls_protocols = !SSLv2, !SSLv3
#smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
#smtp_tls_mandatory_ciphers = high
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtp_tls_security_level = may
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers = high
smtp_tls_loglevel = 1
sender_canonical_maps = tcp:127.0.0.1:10001
sender_canonical_classes = envelope_sender
recipient_canonical_maps = tcp:127.0.0.1:10002
recipient_canonical_classes = envelope_recipient
等/postfix/虚拟:
[email protected] [email protected]
[email protected] [email protected]
[email protected] [email protected]
[email protected] [email protected]
@vanity.domain [email protected]
当我尝试连接时的日志(已删除 IP、日期和时间):
connect from mail-ua1-f41.google.com
Anonymous TLS connection established from mail-ua1-f41.google.com: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
warning: mail-ua1-f41.google.com: SASL PLAIN authentication failed:
lost connection after AUTH from mail-ua1-f41.google.com
disconnect from mail-ua1-f41.google.com ehlo=2 starttls=1 auth=0/1 commands=3/4
sasl 密码
[vanity.domain] user1:longpassword
最后,在 gmail 的 SMTP 设置中,我填写了以下内容:
smtp 服务器:host.example.com 用户:user1(我试过[电子邮件保护]和[电子邮件保护]也 - 我不确定应该是哪一个)密码:长密码端口:25(也试过 587 和 465)安全性:TLS(试过 SSL 和不安全的)
答案1
我放弃了,改用 sendgrid