我按照本指南将 exim4 设置为具有智能主机传送功能(debian 10 vm)的本地 mta:DebianWiki 上的 Exim
如果我的智能主机需要 ssl 连接(ssl 上的 smtp),它就无法工作。
当本地 Web 应用程序向 localhost:25 发送电子邮件时,该电子邮件仍停留在队列中;如果我尝试强制发送它,就会发生以下情况:
root@testbug:~# date && exim -v -M 1nrqKZ-0003Ji-WE
Fri 20 May 2022 10:33:50 AM CEST
delivering 1nrqKZ-0003Ji-WE
R: smarthost for [email protected]
T: remote_smtp_smarthost for [email protected]
Transport port=25 replaced by host-specific port=465
Connecting to smtps.aruba.it [62.149.128.218]:465 ... connected
=========== stuck for a few seconds ===========
SMTP(close)>>
LOG: MAIN
H=smtps.aruba.it [62.149.128.218]: Remote host closed connection in response to initial connection
Transport port=25 replaced by host-specific port=465
Connecting to smtps.aruba.it [62.149.156.218]:465 ... connected
=========== stuck for a few seconds ===========
SMTP(close)>>
LOG: MAIN
H=smtps.aruba.it [62.149.156.218]: Remote host closed connection in response to initial connection
LOG: MAIN
== [email protected] R=smarthost T=remote_smtp_smarthost defer (-18) H=smtps.aruba.it [62.149.156.218]: Remote host closed connection in response to initial connection
这是该日志:
root@testbug:~# tail -3 /var/log/exim4/mainlog
2022-05-20 10:35:31 1nrqKZ-0003Ji-WE H=smtps.aruba.it [62.149.128.218]: Remote host closed connection in response to initial connection
2022-05-20 10:37:11 1nrqKZ-0003Ji-WE H=smtps.aruba.it [62.149.156.218]: Remote host closed connection in response to initial connection
2022-05-20 10:37:11 1nrqKZ-0003Ji-WE == [email protected] R=smarthost T=remote_smtp_smarthost defer (-18) H=smtps.aruba.it [62.149.156.218]: Remote host closed connection in response to initial connection
请注意,服务器接受 SSL 连接:
root@testbug:~# openssl s_client -connect smtps.aruba.it:465
CONNECTED(00000003)
depth=2 C = IT, L = Milan, O = Actalis S.p.A./03358520967, CN = Actalis Authentication Root CA
[...]
No client certificate CA names sent
[...]
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
[...]
---
220 smtpdh08.ad.aruba.it Aruba Outgoing Smtp ESMTP server ready
如果我切换到不同的智能主机服务器smtp.mydomain.it,由同一个提供商运行(因此我使用相同的凭证与智能主机进行身份验证)在端口 25 上使用 starttls,一切运行顺利,当我重新启动 exim 时,电子邮件被送达(在 starttls 中):
2022-05-20 10:42:48 exim 4.92 daemon started: pid=4015, -q30m, listening for SMTP on [127.0.0.1]:25 [::1]:25
2022-05-20 10:42:48 Start queue run: pid=4017
2022-05-20 10:42:51 1nrqKZ-0003Ji-WE => [email protected] R=smarthost T=remote_smtp_smarthost H=smtp.mydomain.it [62.149.128.203] X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no DN="C=IT,ST=Bergamo,L=Ponte San Pietro,O=Aruba S.p.A.,CN=*.aruba.it" A=plain C="250 2.0.0 ryDgn51y1TRWPryDinATBj mail accepted for delivery"
2022-05-20 10:42:51 1nrqKZ-0003Ji-WE Completed
2022-05-20 10:42:51 End queue run: pid=4017
您可以在starttls中看到电子邮件已正确发送:
root@testbug:~# ngrep -qt -dany port 25
interface: any
filter: ( port 25 ) and (ip || ip6)
T 2022/05/20 10:42:48.900722 62.149.128.203:25 -> MY.SRV.IP.ADDR:47932 [AP] #4
220 smtpdh13.ad.aruba.it Aruba Outgoing Smtp ESMTP server ready..
T 2022/05/20 10:42:48.900903 MY.SRV.IP.ADDR:47932 -> 62.149.128.203:25 [AP] #5
EHLO testbug.mydomain.it..
T 2022/05/20 10:42:49.025487 62.149.128.203:25 -> MY.SRV.IP.ADDR:47932 [AP] #7
250-smtpdh13.ad.aruba.it hello [MY.SRV.IP.ADDR], pleased to meet you..250-HELP..250-AUTH LOGIN PLAIN..250-SIZE 524288000..250-ENHANCEDSTATUSCODES..250-8BITMIME..250-STARTTLS..250 OK..
T 2022/05/20 10:42:49.025702 MY.SRV.IP.ADDR:47932 -> 62.149.128.203:25 [AP] #8
STARTTLS..
T 2022/05/20 10:42:49.092110 62.149.128.203:25 -> MY.SRV.IP.ADDR:47932 [AP] #10
220 2.0.0 Ready to start TLS..
T 2022/05/20 10:42:49.111151 MY.SRV.IP.ADDR:47932 -> 62.149.128.203:25 [AP] #11
....L...H..d.@"^.`I.....OU..x.N|Z..."...._@..:.........,.......+.....0...../.......5.....[...]
有人能指出我调查的正确方向吗?
这可能是网络/端口问题吗?或者是证书问题(我以略有不同的方式生成自签名证书,实际上我不知道为什么需要它,以及该证书是否经过服务器验证)?
多谢。
编辑:获得了更详细的输出以强制传递消息:https://pastebin.com/axRsQmwy