如何让 Postfix 使用 LMTP inet_listener 和 SSL 与 Dovecot 协同工作?

tag-icon tag-icon ssl postfix dovecot
如何让 Postfix 使用 LMTP inet_listener 和 SSL 与 Dovecot 协同工作?

我正在尝试让 Postfix 3.4.13 使用启用了 SSL 的 LMTP inet_listener 将邮件发送到远程 Dovecot 2.3.7.2 实例。LMTP 在没有启用 SSL 的情况下工作正常,其他 Dovecot 协议在使用相同的自签名 SSL 证书的情况下工作正常。使用 inet_listener 和 SSL 的 LMTP 则不行,Postfix 给出:

"lost connection with 192.168.1.105[192.168.1.105] while receiving the initial server greeting"

错误,来自 Dovecot 的这个:

Feb 28 18:34:05 curly dovecot: lmtp(360396): Connect from 192.168.1.115
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x10, ret=1: before SSL initialization
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: before SSL initialization
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2002, ret=-1: before SSL initialization
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: before SSL initialization
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS read client hello
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write server hello
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write change cipher spec
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: TLSv1.3 write encrypted extensions
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write certificate
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: TLSv1.3 write server certificate verify
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write finished
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: TLSv1.3 early data
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2002, ret=-1: TLSv1.3 early data
Feb 28 18:34:05 curly dovecot: message repeated 4 times: [ lmtp(360396): Debug: SSL: where=0x2002, ret=-1: TLSv1.3 early data]
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: TLSv1.3 early data
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS read finished
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x20, ret=1: SSLv3/TLS write session ticket
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write session ticket
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write session ticket
Feb 28 18:34:05 curly dovecot: lmtp(360396): Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully
Feb 28 18:35:18 curly dovecot: lmtp(360396): Debug: SSL error: Connection closed
Feb 28 18:35:18 curly dovecot: lmtp(360396): Debug: SSL alert: close notify
Feb 28 18:35:18 curly dovecot: lmtp(360396): Disconnect from 192.168.1.115: Remote closed connection (state=READY)

是否有人运行过此配置并成功使用 SSL,而无需依赖 Stunnel 等附加包?您能分享 Postfix master.cf、main.cf 和 Dovecot 配置的相关部分吗?

相关内容