{"id":10112,"date":"2024-12-02T17:32:31","date_gmt":"2024-12-02T08:32:31","guid":{"rendered":"https:\/\/www.k-in.co.jp\/niwakan\/?p=10112"},"modified":"2024-12-02T17:32:31","modified_gmt":"2024-12-02T08:32:31","slug":"mail-server%e3%81%ae%e7%a7%bb%e8%a1%8c%ef%bc%88%e3%81%9d%e3%81%ae44%ef%bc%89postfix%e3%80%81dovecot%e3%81%ae%e5%86%8d%e6%a7%8b%e7%af%89","status":"publish","type":"post","link":"https:\/\/www.k-in.co.jp\/niwakan\/archives\/2024\/12\/10112\/","title":{"rendered":"mail server\u306e\u79fb\u884c\uff08\u305d\u306e44\uff09Postfix\u3001Dovecot\u306e\u518d\u69cb\u7bc9"},"content":{"rendered":"<p>mail server\u3092\u7acb\u3061\u4e0a\u3052\u305f\u3044\u3060\u3051\u306a\u306e\u306b\u3001Apache\u3084\u3089openssl\u3084\u3089\u5efb\u308a\u56de\u3063\u3066\u3001\u76ee\u304c\u56de\u308b\u3002<br \/>\n\u73fe\u6642\u70b9\u3067Postfix\u306bTSL\u63a5\u7d9a\u51fa\u6765\u308b\u69d8\u306b\u306a\u308b\u4e8b\u304c\u76ee\u6a19\u3002\u3068\u3057\u3088\u3046\u3002<br \/>\n<!--more--><\/p>\n<p>\u53d6\u308a\u6562\u3048\u305aopenssl\u3067\u63a5\u7d9a\u3057\u3066\u307f\u308b\u3002<\/p>\n<pre class=\"height:300 lang:default decode:true\" title=\"openssl s_client -connect\">% openssl s_client -connect mail.k-in.co.jp:25\r\nConnecting to 192.168.0.35\r\nCONNECTED(00000005)\r\nwrite:errno=54\r\n---\r\nno peer certificate available\r\n---\r\nNo client certificate CA names sent\r\n---\r\nSSL handshake has read 0 bytes and written 333 bytes\r\nVerification: OK\r\n---\r\nNew, (NONE), Cipher is (NONE)\r\nProtocol: TLSv1.3\r\nThis TLS version forbids renegotiation.\r\nCompression: NONE\r\nExpansion: NONE\r\nNo ALPN negotiated\r\nEarly data was not sent\r\nVerify return code: 0 (ok)\r\n---<\/pre>\n<p>root\u3067\u306a\u3051\u308c\u3070\u66f8\u304d\u8fbc\u307f\u30a8\u30e9\u30fc\u304c\u51fa\u308b\u3088\u3046\u3060\u3002<br \/>\n\u4f55\u3060\u304b\u5049\u3044\u6240\u306b\u66f8\u304d\u8fbc\u307f\u306b\u884c\u3063\u3066\u3044\u308b\u69d8\u3067\u3059\u3002<br \/>\n\u3067\u3082TSL\u63a5\u7d9a\u307e\u3067\u306f\u3067\u304d\u3066\u3044\u308b\u69d8\u5b50\u3002<\/p>\n<p>Dovecot\u3067\u306f\u3069\u3046\u3060\u308d\u3046\u3002<\/p>\n<pre class=\"height:300 lang:default decode:true\" title=\"openssl s_client -connect\">% openssl s_client -connect mail.k-in.co.jp:993\r\nConnecting to 192.168.0.35\r\nCONNECTED(00000005)\r\ndepth=2 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority\r\nverify return:1\r\ndepth=1 C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA\r\nverify return:1\r\ndepth=0 CN=mail.k-in.co.jp\r\nverify return:1\r\n---\r\nCertificate chain\r\n 0 s:CN=mail.k-in.co.jp\r\n   i:C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA\r\n   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256\r\n   v:NotBefore: Nov 13 00:00:00 2024 GMT; NotAfter: Dec 14 23:59:59 2025 GMT\r\n 1 s:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority\r\n   i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services\r\n   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA384\r\n   v:NotBefore: Mar 12 00:00:00 2019 GMT; NotAfter: Dec 31 23:59:59 2028 GMT\r\n 2 s:C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA\r\n   i:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority\r\n   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA384\r\n   v:NotBefore: May 15 00:00:00 2019 GMT; NotAfter: May 14 23:59:59 2029 GMT\r\n 3 s:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services\r\n   i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services\r\n   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA1\r\n   v:NotBefore: Jan  1 00:00:00 2004 GMT; NotAfter: Dec 31 23:59:59 2028 GMT\r\n---\r\nServer certificate\r\n-----BEGIN CERTIFICATE-----\r\nMIIGETCCBPmgAwIBAgIQCca73n8qxWSYjijRmc6W\/TANBgkqhkiG9w0BAQsFADB1\r\nMQswCQYDVQQGEwJKUDEOMAwGA1UECBMFVG9reW8xEzARBgNVBAcTClNoaWJ1eWEt\r\na3UxFDASBgNVBAoTC05pamltbyBLLksuMSswKQYDVQQDEyJGdWppU1NMIFNIQTIg\r\nRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTI0MTExMzAwMDAwMFoXDTI1MTIxNDIz\r\nNTk1OVowGjEYMBYGA1UEAxMPbWFpbC5rLWluLmNvLmpwMIIBIjANBgkqhkiG9w0B\r\nAQEFAAOCAQ8AMIIBCgKCAQEA7mErt+xJhJxKSpwrUqF2giFN+5vM0S9sNSWqqOG1\r\nC86av+h04I9JfniVa1L3QxNEtN23ot6L90RCXikRlpV+ERo\/VOZWzW56vSHdAUUU\r\nwPwy+4A44UJmkv25wJNCjgc311s9E3TB+VSI3P3CrUjXDH4cds6Ch3HynjmSV2MX\r\nfK2co3dVueWbHVRW7KmeFMj+p8COR3SRax0hS0KMJjVk8EHcenVdv2lpSaO5+M76\r\nUiJFgUTD3JH97K8KliYOpML2H+xhpwYUFE+C3pjhe4IBPxRqGBYs8gOJKseaiXO+\r\n21H0UP2WaS76tEn2Kq79IHP6glCphRsmSNj2dY163GwdxwIDAQABo4IC9jCCAvIw\r\nHwYDVR0jBBgwFoAU5iJAT6RQqXotkzlRr7KdczbzwbAwHQYDVR0OBBYEFFnYVn30\r\nuzoNfmxAuTAOmWSXBv9CMA4GA1UdDwEB\/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G\r\nA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQB\r\nsjEBAgJFMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgG\r\nBmeBDAECATCBhwYIKwYBBQUHAQEEezB5MEsGCCsGAQUFBzAChj9odHRwOi8vbmlq\r\naW1vLmNydC5zZWN0aWdvLmNvbS9GdWppU1NMU0hBMkRvbWFpblNlY3VyZVNpdGVD\r\nQS5jcnQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9uaWppbW8ub2NzcC5zZWN0aWdvLmNv\r\nbTAaBgNVHREEEzARgg9tYWlsLmstaW4uY28uanAwggGABgorBgEEAdZ5AgQCBIIB\r\ncASCAWwBagB3AN3cyjSV1+EWBeeVMvrHn\/g9HFDf2wA6FBJ2Ciysu8gqAAABkyMp\r\n+zQAAAQDAEgwRgIhAPm7QNpI5fJKZcIPgV+1ZcTU5rRAJhMd\/ZO\/Mz\/pBsWVAiEA\r\n+R4Ryc39DZv1\/VzKpB3rcmEGBLg9KV\/irNuYM+Vqt8wAdgDM+w9qhXEJZf6Vm1PO\r\n6bJ8IumFXA2XjbapflTA\/kwNsAAAAZMjKfr6AAAEAwBHMEUCIQDOF2uQCPl2DloH\r\nwwYAvDjalC0tsIvJJJbGFTjn\/D\/amgIgJkwbpNbNN3WLYtw3HZmby2WMDp2vobNU\r\nYDR8SNukIn8AdwAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZMj\r\nKfrJAAAEAwBIMEYCIQCwrdwxcba4JSKMeCyd5m9ugt+7N+x6oDVbyPcr0IPkMQIh\r\nAL\/6uhLvGCWFO8Q0wypIs6HDd+JUGkrMn5zbG1aRtQjYMA0GCSqGSIb3DQEBCwUA\r\nA4IBAQApHWLWohT6Fg7JG7DCndHrIAwTwrHIkOi5OoG1Qx2WoVJwZ3kr3j3\/mT85\r\nhodkMOMrppVuCfS4ZbNGvHlEr+Ea3QYTDC61Ocqw3c4qZPFra+jMW4nALF9fIFm4\r\nX0AV5sSVh4Fx528u9BEIjsBL++6oqqx+H4p08IHiFRGaXyq998NehFYRh1vAEF3z\r\nWxoN2db1OrkDpuc0+mMp61petMx3hGZtHfUtCCk0IWPzAI5y+MtdHHP\/LeehGn28\r\n91BfhDFr5iftlyj0VIrlAIymQw62mErQXm9xr4KFd3fHtiSZm2aaVcox16DfKYGq\r\nFLSNIUk2ZnKEz\/nhAhbybbhG3781\r\n-----END CERTIFICATE-----\r\nsubject=CN=mail.k-in.co.jp\r\nissuer=C=JP, ST=Tokyo, L=Shibuya-ku, O=Nijimo K.K., CN=FujiSSL SHA2 Domain Secure Site CA\r\n---\r\nNo client certificate CA names sent\r\nPeer signing digest: SHA256\r\nPeer signature type: RSA-PSS\r\nServer Temp Key: X25519, 253 bits\r\n---\r\nSSL handshake has read 6162 bytes and written 413 bytes\r\nVerification: OK\r\n---\r\nNew, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384\r\nProtocol: TLSv1.3\r\nServer public key is 2048 bit\r\nThis TLS version forbids renegotiation.\r\nCompression: NONE\r\nExpansion: NONE\r\nNo ALPN negotiated\r\nEarly data was not sent\r\nVerify return code: 0 (ok)\r\n---\r\n---\r\nPost-Handshake New Session Ticket arrived:\r\nSSL-Session:\r\n    Protocol  : TLSv1.3\r\n    Cipher    : TLS_AES_256_GCM_SHA384\r\n    Session-ID: BCD04FF6AE20D614613FAB73D9E5B4FAC6E854A77B3DD98941454A98CED1F35B\r\n    Session-ID-ctx: \r\n    Resumption PSK: B47E46D839B2864DE59600637DF95109438D8BBA444697BF4660AF2EB7395522344835025AEF76CEE4242C9EDD3C85CE\r\n    PSK identity: None\r\n    PSK identity hint: None\r\n    SRP username: None\r\n    TLS session ticket lifetime hint: 7200 (seconds)\r\n    TLS session ticket:\r\n    0000 - 86 8e a4 d0 68 3a 4a 61-9d f5 1f 0c ee cd 22 cb   ....h:Ja......\".\r\n    0010 - 40 6d a0 58 74 21 52 73-9f 7f 5f 04 9e c1 6e 17   @m.Xt!Rs.._...n.\r\n    0020 - 9b e5 55 59 71 76 7e e5-06 50 1a 0f 68 45 d9 98   ..UYqv~..P..hE..\r\n    0030 - 9a c1 30 bd 05 2d 51 0d-95 7e d5 05 bd a8 83 4c   ..0..-Q..~.....L\r\n    0040 - fe 6c e7 8a 80 a7 12 69-8f 38 0d 39 a0 cd 94 93   .l.....i.8.9....\r\n    0050 - e0 46 fd 1b 07 29 72 df-2e 49 b1 f7 45 94 8b f5   .F...)r..I..E...\r\n    0060 - a0 8c 67 8d fc 11 44 e2-7c b8 7e 35 b2 4a 62 b1   ..g...D.|.~5.Jb.\r\n    0070 - 92 79 75 9c be e2 1b 2c-2c f5 57 02 c4 81 69 9d   .yu....,,.W...i.\r\n    0080 - 0d ca 93 69 c3 b7 26 cf-33 f4 1c ae 5b 28 f5 f7   ...i..&.3...[(..\r\n    0090 - 0b 5c 82 9e 39 c1 ea d7-ba 63 25 df 1a 18 21 ba   .\\..9....c%...!.\r\n    00a0 - f6 56 00 74 26 cb e6 5f-4f f1 7e 35 fc 8c 68 68   .V.t&.._O.~5..hh\r\n    00b0 - 8a 1e 45 33 12 cf a3 50-4a ea 11 fe fc 28 af a2   ..E3...PJ....(..\r\n    00c0 - 07 cb e2 0d 5e a7 3c 95-91 92 5f a6 c8 bc 3b dd   ....^.<..._...;.\r\n    00d0 - 49 35 c6 3d 8d d7 6e b8-3c 44 96 2a c0 df fe 52   I5.=..n.<D.*...R\r\n\r\n    Start Time: 1733126558\r\n    Timeout   : 7200 (sec)\r\n    Verify return code: 0 (ok)\r\n    Extended master secret: no\r\n    Max Early Data: 0\r\n---\r\nread R BLOCK\r\n---\r\nPost-Handshake New Session Ticket arrived:\r\nSSL-Session:\r\n    Protocol  : TLSv1.3\r\n    Cipher    : TLS_AES_256_GCM_SHA384\r\n    Session-ID: 260C2CB0CE1C9F07D608B9D96D23F9D261B8DF9F4D267EE5C0B65543EF203381\r\n    Session-ID-ctx: \r\n    Resumption PSK: 8066588631D1A044471BFA828508A0A5F7CDE8DCADEE3429425304C2915B4156538C331735422B4C10762BB74E8FA4FD\r\n    PSK identity: None\r\n    PSK identity hint: None\r\n    SRP username: None\r\n    TLS session ticket lifetime hint: 7200 (seconds)\r\n    TLS session ticket:\r\n    0000 - 86 8e a4 d0 68 3a 4a 61-9d f5 1f 0c ee cd 22 cb   ....h:Ja......\".\r\n    0010 - fa c6 7d 99 7d a4 e5 3f-93 72 26 62 21 d6 b2 0e   ..}.}..?.r&#038;b!...\r\n    0020 - 8d a7 98 02 f3 07 99 72-62 0b 66 45 6e 00 a6 83   .......rb.fEn...\r\n    0030 - 03 55 2b f5 31 86 b8 f3-d7 c4 70 77 e0 3d 06 c0   .U+.1.....pw.=..\r\n    0040 - c2 08 b1 39 af db 60 7e-8b 2b 5b a7 67 84 7a 0c   ...9..`~.+[.g.z.\r\n    0050 - 09 2d 57 e9 ec 9e 74 1d-3c df c4 1c bb be 1c 65   .-W...t.<......e\r\n    0060 - f0 42 98 52 52 84 e9 62-27 63 65 23 f2 f1 1e e2   .B.RR..b'ce#....\r\n    0070 - 44 17 4d 76 0b f9 6c 99-17 0f 5c 93 d8 42 13 fe   D.Mv..l...\\..B..\r\n    0080 - 81 4a 8d 70 21 46 f6 53-81 69 bc 18 28 d9 ca 14   .J.p!F.S.i..(...\r\n    0090 - 6d 3c a6 54 f0 11 89 23-a7 4c 0e 59 ee ca f3 1a   m<.T...#.L.Y....\r\n    00a0 - 7a e3 1c 74 38 24 02 db-b1 fb 05 ee d1 5f 86 34   z..t8$......._.4\r\n    00b0 - bb 21 4d fb 78 fb 3b 6b-c1 75 bc 64 1c dd 22 43   .!M.x.;k.u.d..\"C\r\n    00c0 - ae 0a 2d 84 7b b7 a1 aa-69 4d c6 82 28 4a ed 7a   ..-.{...iM..(J.z\r\n    00d0 - d0 4f 53 74 e2 c0 e4 d0-c2 28 bf 4d 26 f3 41 70   .OSt.....(.M&#038;.Ap\r\n\r\n    Start Time: 1733126558\r\n    Timeout   : 7200 (sec)\r\n    Verify return code: 0 (ok)\r\n    Extended master secret: no\r\n    Max Early Data: 0\r\n---\r\nread R BLOCK\r\n* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\n* BYE Disconnected for inactivity.\r\nclosed<\/pre>\n<p>web service\u306b\u63a5\u7d9a\u3057\u305f\u6642\u3068\u540c\u69d8\u306a\u8868\u793a\u3092\u3057\u3066\u3044\u308b\u304b\u3089\u3001\u304d\u3063\u3068\u6b63\u3057\u3044\u306e\u3060\u308d\u3046\u3002\uff08\u305d\u3046\u6709\u3063\u3066\u6b32\u3057\u3044\uff09<br \/>\n\u3064\u307e\u308a\u3001<strong>Postfix\u3060\u3051<\/strong>\u8a2d\u5b9a\u304c\u304a\u304b\u3057\u3044\u3002<\/p>\n<p>\u5fd8\u308c\u306a\u3044\u5185\u306b\u53c2\u8003\u3057\u305f\u30b5\u30a4\u30c8\u3092\u66f8\u3044\u3066\u304a\u3053\u3046\u3002<br \/>\n\u4e00\u3064\u76ee\u306f\u3001<a href=\"https:\/\/pki.world-tls.com\/openssl-web-server\/\">OpenSSL\u3067\u30a6\u30a7\u30d6\u30b5\u30fc\u30d0\u30fc\u306b\u4e2d\u9593CA\u8a3c\u660e\u66f8\u304c\u6b63\u3057\u304f\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u308b\u304b\u78ba\u8a8d\u3059\u308b\u65b9\u6cd5<\/a>\u3002<br \/>\n\u4e8c\u3064\u76ee\u306f\u3001<a href=\"https:\/\/qiita.com\/3244\/items\/8c7e6892efdb4e500be9\">\u4eca\u5ea6\u3053\u305dopenssl\u30b3\u30de\u30f3\u30c9\u3092\u7406\u89e3\u3057\u3066\u4f7f\u3044\u305f\u3044 (2) \u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\uff08openssl.cnf\uff09\u3092\u7406\u89e3\u3059\u308b<\/a>\u3002<br \/>\n\u3042\u3068\u3001\u6b64\u51e6\u306f\u5927\u4e8b\u3002<a href=\"https:\/\/www.postfix-jp.info\/trans-2.3\/jhtml\/postconf.5.html#smtpd_tls_auth_only\">Postfix\u8a2d\u5b9a\u30d1\u30e9\u30e1\u30fc\u30bf<\/a>\u3002\u65e5\u672c\u8a9e\u3067\u89e3\u8aac\u3057\u3066\u5449\u308c\u3066\u5c45\u308b\u306e\u3067\u6709\u308a\u96e3\u3044\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>mail server\u3092\u7acb\u3061\u4e0a\u3052\u305f\u3044\u3060\u3051\u306a\u306e\u306b\u3001Apache\u3084\u3089openssl\u3084\u3089\u5efb\u308a\u56de\u3063\u3066\u3001\u76ee\u304c\u56de\u308b\u3002 \u73fe\u6642\u70b9\u3067Postfix\u306bTSL\u63a5\u7d9a\u51fa\u6765\u308b\u69d8\u306b\u306a\u308b\u4e8b\u304c\u76ee\u6a19\u3002\u3068\u3057\u3088\u3046\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[115],"tags":[177,176,164,175,148],"class_list":["post-10112","post","type-post","status-publish","format-standard","hentry","category-software","tag-dovecot","tag-mail","tag-openssl","tag-postfix","tag-server"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/posts\/10112","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/comments?post=10112"}],"version-history":[{"count":0,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/posts\/10112\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/media?parent=10112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/categories?post=10112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/tags?post=10112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}