{"id":9342,"date":"2022-10-27T19:58:57","date_gmt":"2022-10-27T10:58:57","guid":{"rendered":"https:\/\/www.k-in.co.jp\/niwakan\/?p=9342"},"modified":"2022-11-02T15:37:18","modified_gmt":"2022-11-02T06:37:18","slug":"mail-server%e3%81%ae%e7%a7%bb%e8%a1%8c%ef%bc%88%e3%81%9d%e3%81%ae16%ef%bc%89postfix%e3%81%ae%e5%86%8d%e7%a2%ba%e8%aa%8d%ef%bc%882%ef%bc%89","status":"publish","type":"post","link":"https:\/\/www.k-in.co.jp\/niwakan\/archives\/2022\/10\/9342\/","title":{"rendered":"mail server\u306e\u79fb\u884c\uff08\u305d\u306e16\uff09postfix\u306e\u518d\u78ba\u8a8d\uff082\uff09"},"content":{"rendered":"

Dovecot\u306f\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u305f\u307f\u305f\u3044\u3060\u3002
\n\u3060\u304c\u3001postfix\u306f\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u3066\u3044\u306a\u3044\u3002
\n\u306a\u306e\u3067\u3001mail\u3092\u66f8\u304d\u8fbc\u3081\u306a\u3044\u3002
\n<\/p>\n

\u30e6\u30fc\u30b6\u30fc\u8a8d\u8a3c\u3055\u3048\u306a\u3093\u3068\u304b\u306a\u308c\u3070\u5b9c\u3057\u3044\u3002
\nsql\u304b\u3089\u306f\u4e00\u6642\u7f6e\u3044\u3066\u304a\u304f\u3002
\nDovecot\u540c\u69d8\u3001\u30d1\u30b9\u30ef\u30fc\u30c9\u30d5\u30a1\u30a4\u30eb\u3092\u4f7f\u3063\u3066\u8a8d\u8a3c\u3059\u308b\u3002
\n\u305d\u308c\u3082\u5171\u901a\u5316\u3059\u3089\u3057\u306a\u3044\u3002
\n\u4e00\u5ea6\u63a5\u7d9a\u3067\u304d\u3066\u304b\u3089\u8003\u3048\u308b\u3053\u3068\u306b\u3059\u308b\u3002
\n\u3068\u3044\u3046\u3053\u3068\u3067\u3001Postfixn\u306b\u3088\u308bSMTP\u8a8d\u8a3c[AMTP-AUTH]\/Server-Config<\/a>\u3092\u53c2\u7167\u3055\u305b\u3066\u8cb0\u3063\u305f\u3002
\nsaslpasswd2\u3068\u3044\u3046\u30b3\u30de\u30f3\u30c9\u3067\u3001\/opt\/local\/etc<\/strong>\u306bsasldb2.db<\/strong>\u3068\u3044\u3046\u30d1\u30b9\u30ef\u30fc\u30c9\u30d5\u30a1\u30a4\u30eb\u304c\u3067\u304d\u308b\u3002
\n\u3053\u308c\u306f\u6700\u521d\u60a9\u3093\u3060\u3002
\n\u30b3\u30de\u30f3\u30c9\u3068\u3057\u3066\u306f\u3001<\/p>\n

sudo saslpasswd2 -c -u `\/usr\/sbin\/postconf -h myhostname` UserName\r\nPassword:\r\nAgain (for verification):<\/pre>\n
\u3067\u3001\u30d1\u30b9\u30ef\u30fc\u30c9\u30d5\u30a1\u30a4\u30eb\u306e\u540d\u524d\u3082\u6240\u5728\u3082\u5224\u3089\u306a\u3044\u3002
\n\u307e\u305f\u3001sudo\u3067root\u306b\u306a\u3089\u306a\u3044\u3068saslpasswd2: generic failure<\/strong>\u3068\u4f55\u306e\u4e8b\u3084\u3089\u306e\u30e1\u30c3\u30bb\u30fc\u30b8\u304c\u51fa\u308b\u3002\u7406\u89e3\u3067\u304d\u305a\u306b\u56f0\u3063\u305f\u3002<\/p>\n
\u4ed6\u306b\u3001openssl\u3067587\u306b\u63a5\u7d9a\u3057\u305f\u6642\u306e\u30e1\u30c3\u30bb\u30fc\u30b8\u304c\u3001pop3s\u306b-starttls\u3092\u4ed8\u3051\u3066\u63a5\u7d9a\u3057\u305f\u306e\u3068\u540c\u3058\u3060\u3068\u6c17\u304c\u3064\u3044\u305f\u3002 <\/p>\n
openssl s_client -connect macmi2:587 -starttls smtp\r\nCONNECTED(00000005)\r\nDidn't find STARTTLS in server response, trying anyway...\r\n0086201A01000000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:ssl\/record\/ssl3_record.c:355:\r\n---\r\nno peer certificate available\r\n---\r\nNo client certificate CA names sent\r\n---\r\nSSL handshake has read 220 bytes and written 330 bytes\r\nVerification: OK\r\n---\r\nNew, (NONE), Cipher is (NONE)\r\nSecure Renegotiation IS NOT supported\r\nCompression: NONE\r\nExpansion: NONE\r\nNo ALPN negotiated\r\nEarly data was not sent\r\nVerify return code: 0 (ok)\r\n---<\/pre>\n
\u3064\u307e\u308a\u3001\u6574\u5408\u6027\u304c\u53d6\u308c\u3066\u3044\u306a\u3044\uff1f<\/p>\n
gmail.com\u3067\u8a66\u3057\u3066\u307f\u305f\u3002 <\/p>\n
% openssl s_client -connect smtp.gmail.com:587 -starttls smtp -quiet\r\ndepth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1\r\nverify return:1\r\ndepth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3\r\nverify return:1\r\ndepth=0 CN = smtp.gmail.com\r\nverify return:1\r\n250 SMTPUTF8<\/pre>\n
-quiet<\/strong>\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u4ed8\u3051\u308b\u3068\u51fa\u529b\u3055\u308c\u308b\u60c5\u5831\u304c\u5c11\u306a\u3044\u3002\u78ba\u8a8d\u3060\u3051\u306a\u3089\u826f\u3044\u304b\u3082\u77e5\u308c\u306a\u3044\u3002
\n\u7d30\u304b\u3044\u3068\u3053\u308d\u306f\u3001Postfix TLS Support<\/a>\u304c\u4fbf\u5229\u3002\u82f1\u8a9e\u3060\u3051\u3069\u3001safari\u306e\u7ffb\u8a33\u3067\u6240\u3005\u8aad\u307f\u76f4\u3057\u306a\u304c\u3089\u4f55\u3092\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u306e\u304b\u78ba\u8a8d\u3067\u304d\u308b\u3002
\nTLS library problem – SSL routines:SSL3_GET_RECORD – wrong version number<\/a>\u3067\u3001\u74b0\u5883\u306f\u305a\u3044\u3076\u3093\u9055\u3044\u305d\u3046\u3060\u3051\u3069\u3001\u89e3\u6c7a\u3057\u3066\u3044\u308b\u307f\u305f\u3044\u306e\u3092\u898b\u3064\u3051\u305f\u3002
\n\u305d\u3053\u3067\u3001openssl\u306e\u63a5\u7d9a\u306b-tls1<\/strong>\u3092\u4ed8\u3051\u308b\u3068\u3044\u3051\u308b\u3068\u66f8\u304b\u308c\u3066\u3044\u305f\u306e\u3067\u8a66\u3059\u3002
\nopenssl s_client -connect macmini:587 -starttls smtp -tls1<\/strong>
\n\u3046\u3093\u3001\u6b63\u5e38\u306b\u8fd4\u4e8b\u304c\u8fd4\u3063\u3066\u304d\u305f\u3002
\n\u3082\u3046\u5c11\u3057\u304b\u3082\u77e5\u308c\u306a\u3044\u3002<\/p>\n
TLS library problem – SSL routines:SSL3_GET_RECORD – wrong version number<\/a>\u306b\u540c\u69d8\u306a\u72b6\u6cc1\u3092\u898b\u3064\u3051\u3001\u305d\u3053\u3067\u3001tls protocol\u306e\u8a2d\u5b9a\u3067TLSv1.1\u3068TLSv1.2\u3092\u5916\u3057\u3061\u3083\u3048\uff01\u3068\u66f8\u304b\u308c\u3066\u3044\u305f\u305f\u3081\u3001\u3084\u3063\u3066\u307f\u305f\u3002<\/p>\n
#smtp_tls_protocols = !SSLv2, !SSLv3\r\n#smtp_tls_mandatory_protocols = !SSLv2, !SSLv3\r\n#smtpd_tls_protocols = !SSLv2, !SSLv3\r\n#smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3\r\nsmtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1.1, !TLSv1.2\r\nsmtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1.1, !TLSv1.2\r\nsmtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1.1, !TLSv1.2\r\nsmtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1.1, !TLSv1.2\r\n<\/pre>\n
\u4e0a\u304c\u5143\u306e\u3001\u4e0b\u304c\u5916\u3057\u305f\u3082\u306e\u3002<\/p>\n
\u3053\u308c\u3067openssl\u3067\u901a\u5e38\u3069\u304a\u308a\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u3063\u305f\u3002
\n\u6b21\u306f\u30ed\u30b0\u3060\u306a\u301c\u3002\u5168\u7136\u5168\u304f\u4f55\u306b\u3082\u51fa\u3066\u3053\u306a\u3044\u3002\u3053\u308c\u306f\u8f9b\u3044\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
Dovecot\u306f\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u305f\u307f\u305f\u3044\u3060\u3002 \u3060\u304c\u3001postfix\u306f\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u3066\u3044\u306a\u3044\u3002 \u306a\u306e\u3067\u3001mail\u3092\u66f8\u304d\u8fbc\u3081\u306a\u3044\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[115],"tags":[175,148,24],"class_list":["post-9342","post","type-post","status-publish","format-standard","hentry","category-software","tag-postfix","tag-server","tag-system"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/posts\/9342","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/comments?post=9342"}],"version-history":[{"count":0,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/posts\/9342\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/media?parent=9342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/categories?post=9342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.k-in.co.jp\/niwakan\/wp-json\/wp\/v2\/tags?post=9342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}