ローカルからのメールが送れないのに、迷惑メールはやって来る。
困ったものである。
ローカルは絶対に通す!と勢い込んでいたのだが、
|
1 2 3 4 5 6 |
smtpd_helo_restrictions = permit_mynetworks reject_invalid_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_helo_hostname smtpd_helo_required = yes |
smtpd_helo_restrictionsは、上の最終行smtpd_helo_required = yesが無いと動かないのだそうだ。
『Postfix Configuration Parameters』を一所懸命(Google先生が)翻訳して気が付いた。(そうだったのかぁ〜)
さて、それでもopensslで接続した結果が、
|
1 2 3 4 5 6 7 8 9 10 11 12 |
% openssl s_client -connect mail.k-in.co.jp:25 Connecting to 192.168.0.35 CONNECTED(00000005) 407BD051F87F0000:error:0A00010B:SSL routines:tls_validate_record_header:wrong version number:ssl/record/methods/tlsany_meth.c:81: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 5 bytes and written 333 bytes Verification: OK |
な訳で、またネット検索です。
見つけました。『SMTP fail to send email due to SSL wrong version number』に在りました。
『port 25じゃなくて587じゃね?』と云う返答。
そうだったのかぁ〜!
何時迄経っても一向に進まない訳が判りました。
で、早速遣ってみた。
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 |
% openssl s_client -connect mail.k-in.co.jp:587 Connecting to 192.168.0.35 CONNECTED(00000005) depth=2 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority verify return:1 depth=1 C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA verify return:1 depth=0 CN=mail.k-in.co.jp verify return:1 --- Certificate chain 0 s:CN=mail.k-in.co.jp i:C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Nov 13 00:00:00 2024 GMT; NotAfter: Dec 14 23:59:59 2025 GMT 1 s:C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA i:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA384 v:NotBefore: May 15 00:00:00 2019 GMT; NotAfter: May 14 23:59:59 2029 GMT 2 s:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA384 v:NotBefore: Mar 12 00:00:00 2019 GMT; NotAfter: Dec 31 23:59:59 2028 GMT 3 s:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA1 v:NotBefore: Jan 1 00:00:00 2004 GMT; NotAfter: Dec 31 23:59:59 2028 GMT --- Server certificate -----BEGIN CERTIFICATE----- MIIGETCCBPmgAwIBAgIQCca73n8qxWSYjijRmc6W/TANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJKUDEOMAwGA1UECBMFVG9reW8xEzARBgNVBAcTClNoaWJ1eWEt a3UxFDASBgNVBAoTC05pamltbyBLLksuMSswKQYDVQQDEyJGdWppU1NMIFNIQTIg RG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTI0MTExMzAwMDAwMFoXDTI1MTIxNDIz NTk1OVowGjEYMBYGA1UEAxMPbWFpbC5rLWluLmNvLmpwMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA7mErt+xJhJxKSpwrUqF2giFN+5vM0S9sNSWqqOG1 C86av+h04I9JfniVa1L3QxNEtN23ot6L90RCXikRlpV+ERo/VOZWzW56vSHdAUUU wPwy+4A44UJmkv25wJNCjgc311s9E3TB+VSI3P3CrUjXDH4cds6Ch3HynjmSV2MX fK2co3dVueWbHVRW7KmeFMj+p8COR3SRax0hS0KMJjVk8EHcenVdv2lpSaO5+M76 UiJFgUTD3JH97K8KliYOpML2H+xhpwYUFE+C3pjhe4IBPxRqGBYs8gOJKseaiXO+ 21H0UP2WaS76tEn2Kq79IHP6glCphRsmSNj2dY163GwdxwIDAQABo4IC9jCCAvIw HwYDVR0jBBgwFoAU5iJAT6RQqXotkzlRr7KdczbzwbAwHQYDVR0OBBYEFFnYVn30 uzoNfmxAuTAOmWSXBv9CMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQB sjEBAgJFMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgG BmeBDAECATCBhwYIKwYBBQUHAQEEezB5MEsGCCsGAQUFBzAChj9odHRwOi8vbmlq aW1vLmNydC5zZWN0aWdvLmNvbS9GdWppU1NMU0hBMkRvbWFpblNlY3VyZVNpdGVD QS5jcnQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9uaWppbW8ub2NzcC5zZWN0aWdvLmNv bTAaBgNVHREEEzARgg9tYWlsLmstaW4uY28uanAwggGABgorBgEEAdZ5AgQCBIIB cASCAWwBagB3AN3cyjSV1+EWBeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABkyMp +zQAAAQDAEgwRgIhAPm7QNpI5fJKZcIPgV+1ZcTU5rRAJhMd/ZO/Mz/pBsWVAiEA +R4Ryc39DZv1/VzKpB3rcmEGBLg9KV/irNuYM+Vqt8wAdgDM+w9qhXEJZf6Vm1PO 6bJ8IumFXA2XjbapflTA/kwNsAAAAZMjKfr6AAAEAwBHMEUCIQDOF2uQCPl2DloH wwYAvDjalC0tsIvJJJbGFTjn/D/amgIgJkwbpNbNN3WLYtw3HZmby2WMDp2vobNU YDR8SNukIn8AdwAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZMj KfrJAAAEAwBIMEYCIQCwrdwxcba4JSKMeCyd5m9ugt+7N+x6oDVbyPcr0IPkMQIh AL/6uhLvGCWFO8Q0wypIs6HDd+JUGkrMn5zbG1aRtQjYMA0GCSqGSIb3DQEBCwUA A4IBAQApHWLWohT6Fg7JG7DCndHrIAwTwrHIkOi5OoG1Qx2WoVJwZ3kr3j3/mT85 hodkMOMrppVuCfS4ZbNGvHlEr+Ea3QYTDC61Ocqw3c4qZPFra+jMW4nALF9fIFm4 X0AV5sSVh4Fx528u9BEIjsBL++6oqqx+H4p08IHiFRGaXyq998NehFYRh1vAEF3z WxoN2db1OrkDpuc0+mMp61petMx3hGZtHfUtCCk0IWPzAI5y+MtdHHP/LeehGn28 91BfhDFr5iftlyj0VIrlAIymQw62mErQXm9xr4KFd3fHtiSZm2aaVcox16DfKYGq FLSNIUk2ZnKEz/nhAhbybbhG3781 -----END CERTIFICATE----- subject=CN=mail.k-in.co.jp issuer=C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 6158 bytes and written 413 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Protocol: TLSv1.3 Server public key is 2048 bit This TLS version forbids renegotiation. Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: 27A41F2F35690D4851866C751FE4333642DCA68E779E249790F7AD884C898D5B Session-ID-ctx: Resumption PSK: D652AA60566D7DC762AF56717D6595FE703C1F81F948B5473668DA6C4A802EAA92F6BA7C3E7B87B75EB5E1F9289B177C PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - d2 61 e6 7a c8 a6 fa d3-e3 db 6d 47 4a f7 c2 66 .a.z......mGJ..f 0010 - 38 8f 11 7f b8 4f a9 6c-42 27 0c a5 bf d6 19 62 8....O.lB'.....b 0020 - 2e d9 91 ca d7 7a d5 08-8d 67 e6 60 5f b8 6f ab .....z...g.`_.o. 0030 - cd b5 ee d1 f0 b9 96 49-74 49 89 8d 98 cf d3 fc .......ItI...... 0040 - 54 84 e6 9e 05 2e a3 eb-ed 1d a5 91 ca 8d 3b a5 T.............;. 0050 - ae 50 44 ae b6 86 9e 90-1e 0e c9 59 00 e9 06 fd .PD........Y.... 0060 - 8d fa e8 60 6a 83 22 19-a1 05 80 8c c3 41 02 84 ...`j."......A.. 0070 - 66 9a 37 df 11 16 a1 ec-8d a1 ad 42 7c 2c 28 ca f.7........B|,(. 0080 - 5e 1d da b0 f2 11 8b 4a-4b b5 84 f3 d2 d4 27 5f ^......JK.....'_ 0090 - d3 ce 62 e3 0b 85 51 b6-04 d6 3f 6d 59 fe 5b 59 ..b...Q...?mY.[Y 00a0 - 61 cd a2 1f 32 9b ba ec-a6 ed db 3e e4 42 9f 6b a...2......>.B.k 00b0 - 88 37 5d bb 25 7c 52 52-71 74 d0 9c 29 29 7e 0e .7].%|RRqt..))~. 00c0 - 06 8b 2d a0 72 8a 96 e4-65 60 10 9b 72 0c 84 82 ..-.r...e`..r... Start Time: 1733211916 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK 220 mail.k-in.co.jp ESMTP Postfix EHLO macmi2.lo.k-in.co.jp 250-mail.k-in.co.jp 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 CHUNKING quit 221 2.0.0 Bye closed |
出来て居るんじゃね?
やったねっ!
でもね、Macのメールアプリからは送信出来ないんだ。
何でだろう?