前言:
新上一台阿里的云主机,提供web服务,各种环境搭建完成,能够提供服务,没想到在最后的监控环节遇到各种发邮件的坑,这里分享给大家,你是否也遇到这种坑?
网易163免费邮箱相关服务器信息:
一、安装和配置:
1.1、安装
[root@linux-node2 ~]# yum install mailx -y
Loaded plugins: fastestmirror, security
Setting up Install Process
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
base | 3.7 kB 00:00
epel | 3.2 kB 00:00
epel/primary | 3.2 MB 00:00
epel 12521/12521
extras | 3.4 kB 00:00
icehouse | 2.9 kB 00:00
updates | 3.4 kB 00:00
updates/primary_ | 1.2 MB 00:00
Package mailx-12.4-8.el6_6.x86_64 already installed and latest version
Nothing to do
1.2、配置(以163邮箱为例)
首先你的邮箱要支持你的需求,到邮箱里去配置
然后到/etc/mail.rc的配置文件中去添加
set from=admin@163.com smtp=smtp.163.com smtp-auth-user=admin smtp-auth-password=xxxxxx smtp-auth=login
[root@linux-node2 ~]# echo “12345” | mail -v -s “test” admin@163.com
至此应该是没问题,但是就是收不到邮件。得了,开始排错!所有的网络、配置检查完成后,还是收不到邮件,最后检查到端口发现问题!!!
[root@linux-node2 ~]# telnet smtp.163.com 25
Trying 220.181.12.17...
^C
[root@orcherstrator ~]# nc -vz -w 1 smtp.163.com 25
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress
原来服务器根本就不能和第三方邮箱建立连接,问题找到,开始处理,一查才知道阿里云服务器把25端口给封了,需要申请解封。好吧!登录管理控制台,开始申请!!!
阿里云的审核速度还挺快的,两个多小时后反馈结果了,不过看看就吐口老血!!!
只能想其他的办法呗!!最后决定使用163邮箱的465加密端口
[root@orcherstrator ~]# telnet smtp.163.com 465
Trying 220.181.12.14...
Connected to smtp.163.com.
Escape character is '^]'.
^C
Connection closed by foreign host.
root@orcherstrator ~]# nc -vz -w 1 smtp.163.com 465
Connection to smtp.163.com 465 port [tcp/urd] succeeded!
看样子有戏哦!!!修改/etc/mail.rc的配置
set from=admin@163.com
set smtp="smtps://smtp.163.com:465"
set smtp-auth-user=admin@163.com
set smtp-auth-password=xxxxx
set smtp-auth=login
set smtp-use-starttls
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/
[root@linux-node2 ~]# echo 'hello' |mail -v -s "test" yueyuancun@163.com
Resolving host smtp.163.com . . . done.
Connecting to 123.125.50.133 . . . connected.
Error in certificate: Peer's certificate issuer is not recognized. ##没有对端的证书
Comparing DNS name: "*.163.com"
SSL parameters: cipher=AES-128-GCM, keysize=128, secretkeysize=128,
issuer=CN=GeoTrust SSL CA - G3,O=GeoTrust Inc.,C=US
subject=CN=*.163.com,O="NetEase (Hangzhou) Network Co., Ltd",L=HangZhou,ST=ZheJiang,C=CN
220 163.com Anti-spam GT for Coremail System (163com[20141201])
>>> EHLO linux-node2
250-mail
250-PIPELINING
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-coremail 1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UFVHs-cUCa0xDrUUUUj
250-STARTTLS
250 8BITMIME
>>> AUTH LOGIN
334 dXNlcm5hbWU6
>>> eXVleXVhbmN1bkAxNjMuY29t
334 UGFzc3dvcmQ6
>>> aGVsbG9uaWhhbzE5ODkxMA==
535 Error: authentication failed
smtp-server: 535 Error: authentication failed
"/root/dead.letter" 11/299
. . . message not sent. ##邮件没有发出去
至此,网上的case都说能收到邮件,但是我这就是收不到,那就根据错误来解决呗!!!搞证书
[root@linux-node2 ~]# mkdir -p /root/.certs/
[root@linux-node2 ~]# echo -n | openssl s_client -connect smtp.163.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/163.crt
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = GeoTrust Inc., CN = GeoTrust SSL CA - G3
verify return:1
depth=0 C = CN, ST = ZheJiang, L = HangZhou, O = "NetEase (Hangzhou) Network Co., Ltd", CN = *.163.com
verify return:1
DONE
[root@linux-node2 ~]# certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt
[root@linux-node2 ~]# certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt
[root@linux-node2 ~]# certutil -L -d /root/.certs
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
GeoTrust SSL CA C,,
[root@linux-node2 ~]# cd /root/.certs/
[root@linux-node2 .certs]# certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ./ -i 163.crt
Notice: Trust flag u is set automatically if the private key is present.
[root@linux-node2 .certs]# cd
[root@linux-node2 ~]# vim /etc/mail.rc
set from=admin@163.com
set smtp="smtps://smtp.163.com:465"
set smtp-auth-user=admin@163.com
set smtp-auth-password=xxxxx
set smtp-auth=login
set smtp-use-starttls
set ssl-verify=ignore
set nss-config-dir=/root/.certs
[root@linux-node2 ~]# echo 'hello' |mail -v -s "test" admin@163.com
Resolving host smtp.163.com . . . done.
Connecting to 123.125.50.132 . . . connected.
Comparing DNS name: "*.163.com"
SSL parameters: cipher=AES-128-GCM, keysize=128, secretkeysize=128,
issuer=CN=GeoTrust SSL CA - G3,O=GeoTrust Inc.,C=US
subject=CN=*.163.com,O="NetEase (Hangzhou) Network Co., Ltd",L=HangZhou,ST=ZheJiang,C=CN
220 163.com Anti-spam GT for Coremail System (163com[20141201])
>>> EHLO linux-node2
250-mail
250-PIPELINING
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-coremail 1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UF6b612UCa0xDrUUUUj
250-STARTTLS
250 8BITMIME
>>> AUTH LOGIN
334 dXNlcm5hbWU6
>>> eXVleXVhbmN1bkAxNjMuY29t
334 UGFzc3dvcmQ6
>>> aGVsbG9uaWhhbzE5ODk=
235 Authentication successful
>>> MAIL FROM:<admin@163.com>
250 Mail OK
>>> RCPT TO:<admin@163.com>
250 Mail OK
>>> DATA
354 End data with <CR><LF>.<CR><LF>
>>> .
250 Mail OK queued as smtp2,DNGowADH53eJp5BbGYUHAA--.2S2 1536206732
>>> QUIT
221 Bye
终于成功了!!!!
注:不管能否解决你遇到的问题,欢迎相互交流,共同提高!
咨 询 客 服