完美解決Centos6.X發郵件遇到的各類坑

時間 2019-11-05

標籤完美解決 centos6.x centos 郵件遇到各類欄目 CentOS 简体版

原文原文鏈接

前言:
node

新上一臺阿里的雲主機，提供web服務，各類環境搭建完成，可以提供服務，沒想到在最後的監控環節遇到各類發郵件的坑，這裏分享給你們，你是否也遇到這種坑？linux

網易163免費郵箱相關服務器信息：web

1、安裝和配置:vim

1.1、安裝服務器

[root@linux-node2 ~]# yum install mailx -y 網絡

Loaded plugins: fastestmirror, securityapp

Setting up Install Processtcp

Determining fastest mirrorside

* base: mirrors.aliyun.com阿里雲

* extras: mirrors.aliyun.com

* updates: mirrors.aliyun.com

base | 3.7 kB 00:00

epel | 3.2 kB 00:00

epel/primary | 3.2 MB 00:00

epel 12521/12521

extras | 3.4 kB 00:00

icehouse | 2.9 kB 00:00

updates | 3.4 kB 00:00

updates/primary_ | 1.2 MB 00:00

Package mailx-12.4-8.el6_6.x86_64 already installed and latest version

Nothing to do

1.2、配置(以163郵箱爲例)

首先你的郵箱要支持你的需求，到郵箱裏去配置

而後到/etc/mail.rc的配置文件中去添加

set from=admin@163.com smtp=smtp.163.com smtp-auth-user=admin smtp-auth-password=xxxxxx smtp-auth=login

[root@linux-node2 ~]# echo 「12345」 | mail -v -s 「test」 admin@163.com

至此應該是沒問題，可是就是收不到郵件。得了，開始排錯！全部的網絡、配置檢查完成後，仍是收不到郵件，最後檢查到端口發現問題！！！

[root@linux-node2 ~]# telnet smtp.163.com 25

Trying 220.181.12.17...

[root@orcherstrator ~]# nc -vz -w 1 smtp.163.com 25

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

原來服務器根本就不能和第三方郵箱創建鏈接，問題找到，開始處理，一查才知道阿里雲服務器把25端口給封了，須要申請解封。好吧！登陸管理控制檯，開始申請！！！

阿里雲的審覈速度還挺快的，兩個多小時後反饋結果了，不過看看就吐口老血！！！

只能想其餘的辦法唄！！最後決定使用163郵箱的465加密端口

[root@orcherstrator ~]# telnet smtp.163.com 465

Trying 220.181.12.14...

Connected to smtp.163.com.

Escape character is '^]'.

Connection closed by foreign host.

root@orcherstrator ~]# nc -vz -w 1 smtp.163.com 465

Connection to smtp.163.com 465 port [tcp/urd] succeeded!

看樣子有戲哦！！！修改/etc/mail.rc的配置

set from=admin@163.com

set smtp="smtps://smtp.163.com:465"

set smtp-auth-user=admin@163.com

set smtp-auth-password=xxxxx

set smtp-auth=login

set smtp-use-starttls

set ssl-verify=ignore

set nss-config-dir=/etc/pki/nssdb/

[root@linux-node2 ~]# echo 'hello' |mail -v -s "test" yueyuancun@163.com

Resolving host smtp.163.com . . . done.

Connecting to 123.125.50.133 . . . connected.

Error in certificate: Peer's certificate issuer is not recognized. ##沒有對端的證書

Comparing DNS name: "*.163.com"

SSL parameters: cipher=AES-128-GCM, keysize=128, secretkeysize=128,

issuer=CN=GeoTrust SSL CA - G3,O=GeoTrust Inc.,C=US

subject=CN=*.163.com,O="NetEase (Hangzhou) Network Co., Ltd",L=HangZhou,ST=ZheJiang,C=CN

220 163.com Anti-spam GT for Coremail System (163com[20141201])

>>> EHLO linux-node2

250-mail

250-PIPELINING

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-coremail 1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UFVHs-cUCa0xDrUUUUj

250-STARTTLS

250 8BITMIME

>>> AUTH LOGIN

334 dXNlcm5hbWU6

>>> eXVleXVhbmN1bkAxNjMuY29t

334 UGFzc3dvcmQ6

>>> aGVsbG9uaWhhbzE5ODkxMA==

535 Error: authentication failed

smtp-server: 535 Error: authentication failed

"/root/dead.letter" 11/299

. . . message not sent. ##郵件沒有發出去

至此，網上的case都說能收到郵件，可是我這就是收不到，那就根據錯誤來解決唄！！！搞證書

[root@linux-node2 ~]# mkdir -p /root/.certs/

[root@linux-node2 ~]# echo -n | openssl s_client -connect smtp.163.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/163.crt

depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA

verify return:1

depth=1 C = US, O = GeoTrust Inc., CN = GeoTrust SSL CA - G3

verify return:1

depth=0 C = CN, ST = ZheJiang, L = HangZhou, O = "NetEase (Hangzhou) Network Co., Ltd", CN = *.163.com

verify return:1

DONE

[root@linux-node2 ~]# certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt

[root@linux-node2 ~]# certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt

[root@linux-node2 ~]# certutil -L -d /root/.certs

Certificate Nickname Trust Attributes

SSL,S/MIME,JAR/XPI

GeoTrust SSL CA C,,

[root@linux-node2 ~]# cd /root/.certs/

[root@linux-node2 .certs]# certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ./ -i 163.crt

Notice: Trust flag u is set automatically if the private key is present.

[root@linux-node2 .certs]# cd

[root@linux-node2 ~]# vim /etc/mail.rc

set from=admin@163.com

set smtp=smtps://smtp.163.com:465

set smtp-auth-user=admin@163.com

set smtp-auth-password=xxxxxx

set smtp-auth=login

set ssl-verify=ignore

set nss-config-dir=/root/.certs

[root@linux-node2 ~]# echo 'hello' |mail -v -s "test" admin@163.com

Resolving host smtp.163.com . . . done.

Connecting to 123.125.50.132 . . . connected.

Comparing DNS name: "*.163.com"

SSL parameters: cipher=AES-128-GCM, keysize=128, secretkeysize=128,

issuer=CN=GeoTrust SSL CA - G3,O=GeoTrust Inc.,C=US

subject=CN=*.163.com,O="NetEase (Hangzhou) Network Co., Ltd",L=HangZhou,ST=ZheJiang,C=CN

220 163.com Anti-spam GT for Coremail System (163com[20141201])

>>> EHLO linux-node2

250-mail

250-PIPELINING

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-coremail 1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UF6b612UCa0xDrUUUUj

250-STARTTLS

250 8BITMIME

>>> AUTH LOGIN

334 dXNlcm5hbWU6

>>> eXVleXVhbmN1bkAxNjMuY29t

334 UGFzc3dvcmQ6

>>> aGVsbG9uaWhhbzE5ODk=

235 Authentication successful

>>> MAIL FROM:<admin@163.com>

250 Mail OK

>>> RCPT TO:<admin@163.com>

250 Mail OK

>>> DATA

354 End data with <CR><LF>.<CR><LF>

>>> .

250 Mail OK queued as smtp2,DNGowADH53eJp5BbGYUHAA--.2S2 1536206732

>>> QUIT

221 Bye

終於成功了！！！！

注:無論可否解決你遇到的問題，歡迎相互交流，共同提升！

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。