Postfixのssl接続は難しい。
理解できて居ないから余計で在る!(自慢にならない)
少しは進んで欲しい、今日この頃。
さて、エラーの内容が、
|
1 2 3 4 5 6 7 |
Nov 27 14:06:14 mail postfix/submission/smtpd[28122]: connect from macmi2.lo.k-in.co.jp[192.168.0.36] Nov 27 14:08:06 mail postfix/postscreen/postscreen[28149]: CONNECT from [192.168.0.36]:49998 to [192.168.0.35]:25 Nov 27 14:08:06 mail postfix/postscreen/postscreen[28149]: ALLOWLISTED [192.168.0.36]:49998 Nov 27 14:08:06 mail postfix/smtpd/smtpd[28151]: connect from macmi2.lo.k-in.co.jp[192.168.0.36] Nov 27 14:08:06 mail postfix/smtpd/smtpd[28151]: fatal: no SASL authentication mechanisms Nov 27 14:08:07 mail postfix/master[27731]: warning: process /opt/local/libexec/postfix/smtpd pid 28151 exit status 1 Nov 27 14:08:07 mail postfix/master[27731]: warning: /opt/local/libexec/postfix/smtpd: bad command startup -- throttling |
から、
こう変わった。
|
1 2 3 4 5 6 |
Nov 27 16:34:39 mail postfix/smtpd/smtpd[29765]: lost connection after EHLO from macmi2.lo.k-in.co.jp[192.168.0.36] Nov 27 16:34:39 mail postfix/smtpd/smtpd[29765]: disconnect from macmi2.lo.k-in.co.jp[192.168.0.36] ehlo=1 commands=1 Nov 27 16:34:39 mail postfix/submission/smtpd[29781]: connect from macmi2.lo.k-in.co.jp[192.168.0.36] Nov 27 16:38:58 mail postfix/submission/smtpd[29766]: SSL_accept error from macmi2.lo.k-in.co.jp[192.168.0.36]: Operation timed out Nov 27 16:38:58 mail postfix/submission/smtpd[29766]: lost connection after CONNECT from macmi2.lo.k-in.co.jp[192.168.0.36] Nov 27 16:38:58 mail postfix/submission/smtpd[29766]: disconnect from macmi2.lo.k-in.co.jp[192.168.0.36] commands=0/0 |
Dovecotのログでは、TSLでの認証が済んでいる様だ。
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
2024-11-27 16:34:39 auth: Debug: client in: AUTH 1 LOGIN service=imap secured=tls session=RMGO/98nBMfAqAAk lip=192.168.0.35 rip=192.168.0.36 lport=143 rport=50948 local_name=mail.k-in.co.jp 2024-11-27 16:34:39 auth: Debug: client passdb out: CONT 1 VXNlcm5hbWU6 2024-11-27 16:34:39 auth: Debug: client in: CONT 1 c3VwcG9ydEBrLWluLmNvLmpw (previous base64 data may contain sensitive data) 2024-11-27 16:34:39 auth: Debug: client passdb out: CONT 1 UGFzc3dvcmQ6 2024-11-27 16:34:39 auth: Debug: client in: CONT 1 S2l0YWRhSW5zYXRzdQ== (previous base64 data may contain sensitive data) 2024-11-27 16:34:39 auth: Debug: passwd-file(support,192.168.0.36,<RMGO/98nBMfAqAAk>): Performing passdb lookup 2024-11-27 16:34:39 auth: Debug: passwd-file(support,192.168.0.36,<RMGO/98nBMfAqAAk>): lookup: user=support file=/opt/local/etc/dovecot/users 2024-11-27 16:34:39 auth: Debug: passwd-file(support,192.168.0.36,<RMGO/98nBMfAqAAk>): Finished passdb lookup 2024-11-27 16:34:39 auth: Debug: auth(support,192.168.0.36,<RMGO/98nBMfAqAAk>): Auth request finished 2024-11-27 16:34:39 auth: Debug: client passdb out: OK 1 user=support original_user=support@k-in.co.jp 2024-11-27 16:34:39 auth: Debug: master in: REQUEST 4179623937 29779 1 1a8f40fcf3cec4d34c7754c6d098bb5b session_pid=29776 request_auth_token 2024-11-27 16:34:39 auth: Debug: passwd-file(support,192.168.0.36,<RMGO/98nBMfAqAAk>): Performing userdb lookup 2024-11-27 16:34:39 auth: Debug: passwd-file(support,192.168.0.36,<RMGO/98nBMfAqAAk>): lookup: user=support file=/opt/local/etc/dovecot/users 2024-11-27 16:34:39 auth: Debug: passwd-file(support,192.168.0.36,<RMGO/98nBMfAqAAk>): Finished userdb lookup 2024-11-27 16:34:39 auth: Debug: master userdb out: USER 4179623937 support uid=507 gid=20 home=/Volumes/Works/Library/mail/support/ auth_mech=LOGIN auth_token=605249d709d662d5ed949662442d6d3a04eafd06 auth_user=support@k-in.co.jp 2024-11-27 16:34:39 imap-login: Info: Login: user=<support>, method=LOGIN, rip=192.168.0.36, lip=192.168.0.35, mpid=29776, TLS 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: Loading modules from directory: /opt/local/lib/dovecot 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: Module loaded: /opt/local/lib/dovecot/lib20_zlib_plugin.so 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: Effective uid=507, gid=20, home=/Volumes/Works/Library/mail/support/ 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: open(/proc/self/stat) failed: No such file or directory 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: open(/proc/self/io) failed: No such file or directory 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/Volumes/Works/Library/mail/support 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: maildir++: root=/Volumes/Works/Library/mail/support, index=, indexpvt=, control=, inbox=/Volumes/Works/Library/mail/support, alt= 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Info: ID sent: name=Mac OS X Mail, version=16.0 (3826.200.121), os=Mac OS X, os-version=15.1.1 (24B91), vendor=Apple Inc. 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: Mailbox Drafts: Mailbox opened 2024-11-27 16:34:39 imap(support)<29776><RMGO/98nBMfAqAAk>: Debug: Mailbox INBOX: Mailbox opened 2024-11-27 16:34:39 auth: Debug: auth client connected (pid=29780) |
相変わらず
|
1 2 |
Debug: open(/proc/self/stat) failed: No such file or directory Debug: open(/proc/self/io) failed: No such file or directory |
は出っ放しだが、此れ良いのだろうか?
postfix の SNI 設定に書いて在ったので、試してみた。
|
1 |
openssl s_client -connect mail.k-in.co.jp:25 -servername mail.k-in.co.jp -starttls smtp |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
Connecting to 192.168.0.35 CONNECTED(00000005) Didn't find STARTTLS in server response, trying anyway... 408B8B5DF87F0000:error:0A000126:SSL routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:693: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 373 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Protocol: TLSv1.3 This TLS version forbids renegotiation. Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- |
全然駄目だった事が判った。
先ずは此れが通る様にしないと……。