Я пытаюсь настроить Sendmail с SSL от LetsEncrypt.
Сначала я не смог отправить письмо со своего сервера, например, на. gmail.com, из-за проблем с безопасностью, я думаю.
Я сгенерировал сертификат с помощью LestEncrypt и поместил код ниже в /etc/mail/sendmail.mc
:
(...)
dnl#
define(`confCACERT_PATH',`/etc/letsencrypt/live/mydomain.com')dnl
define(`confCACERT',`/etc/letsencrypt/live/mydomain.com/chain.pem')dnl
define(`confSERVER_CERT',`/etc/letsencrypt/live/mydomain.com/cert.pem')dnl
define(`confSERVER_KEY',`/etc/letsencrypt/live/mydomain.com/privkey.pem')dnl
dnl#
define(`confLOG_LEVEL', `14')dnl
Тем не менее, это все еще не работает. Вот что я получаю в логах:
Jan 24 04:03:50 vps636848 sm-mta[11490]: error: safesasl(/etc/sasl2/Sendmail.conf) failed: No such file or directory
Jan 24 04:03:50 vps636848 sm-mta[11490]: error: safesasl(/etc/sasl/Sendmail.conf) failed: No such file or directory
Jan 24 04:03:50 vps636848 sm-mta[11490]: error: safesasl(/usr/lib/x86_64-linux-gnu/sasl2/Sendmail.conf) failed: No such file or directory
Jan 24 04:03:50 vps636848 sm-mta[11490]: error: safesasl(/usr/lib/sasl2/Sendmail.conf) failed: No such file or directory
Jan 24 04:03:50 vps636848 sm-mta[11492]: starting daemon (8.15.2): SMTP+queueing@00:10:00
Jan 24 04:03:50 vps636848 sm-mta[11492]: STARTTLS: CRLFile missing
Jan 24 04:03:50 vps636848 sm-mta[11492]: STARTTLS=server, Diffie-Hellman init, key=2048 bit (I)
Jan 24 04:03:50 vps636848 sm-mta[11492]: STARTTLS=server, init=1
Jan 24 04:03:50 vps636848 sm-mta[11492]: started as: /usr/sbin/sendmail-mta -Am -L sm-mta -bd -q10m
Jan 24 04:04:01 vps636848 sendmail[11505]: x0O33wpa011505: from=kuba, size=5, class=0, nrcpts=1, msgid=<201901240303.x0O33wpa011505@mydomain.com>, relay=kuba@localhost
Jan 24 04:04:01 vps636848 sm-mta[11506]: NOQUEUE: connect from localhost [127.0.0.1]
Jan 24 04:04:01 vps636848 sm-mta[11506]: AUTH: available mech=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN ANONYMOUS, allowed mech=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
Jan 24 04:04:01 vps636848 sm-mta[11506]: x0O341lV011506: Milter: no active filter
Jan 24 04:04:01 vps636848 sendmail[11505]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Jan 24 04:04:01 vps636848 sm-mta[11506]: STARTTLS=server, relay=localhost [127.0.0.1], version=TLSv1.2, verify=NO, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Jan 24 04:04:01 vps636848 sm-mta[11506]: STARTTLS=server, cert-subject=, cert-issuer=, verifymsg=ok
Jan 24 04:04:01 vps636848 sm-mta[11506]: AUTH: available mech=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN ANONYMOUS, allowed mech=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
Jan 24 04:04:01 vps636848 sm-mta[11506]: poststats: /var/lib/sendmail/sendmail.st: No such file or directory
Jan 24 04:04:01 vps636848 sm-mta[11506]: ruleset=trust_auth, arg1=kuba@mydomain.com, relay=localhost [127.0.0.1], reject=550 5.7.1 <kuba@mydomain.com>... not authenticated
Jan 24 04:04:01 vps636848 sm-mta[11506]: x0O341lW011506: from=<kuba@mydomain.com>, size=271, class=0, nrcpts=1, msgid=<201901240303.x0O33wpa011505@mydomain.com>, proto=ESMTPS, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jan 24 04:04:01 vps636848 sm-mta[11506]: poststats: /var/lib/sendmail/sendmail.st: No such file or directory
Jan 24 04:04:01 vps636848 sendmail[11505]: x0O33wpa011505: to=saletra.kuba@gmail.com, ctladdr=kuba (1001/1001), delay=00:00:03, xdelay=00:00:00, mailer=relay, pri=30005, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (x0O341lW011506 Message accepted for delivery)
Jan 24 04:04:01 vps636848 sm-mta[11508]: x0O341lW011506: makeconnection (gmail-smtp-in.l.google.com. [IPv6:2a00:1450:400c:c04:0:0:0:1b]) failed: Network is unreachable
Jan 24 04:04:01 vps636848 sm-mta[11506]: poststats: /var/lib/sendmail/sendmail.st: No such file or directory
Jan 24 04:04:01 vps636848 sm-mta[11508]: x0O341lW011506: SMTP outgoing connect on mydomain.com
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS: ClientCertFile missing
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS: ClientKeyFile missing
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS: CRLFile missing
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS=client, init=1
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS=client, start=ok
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS: TLS cert verify: depth=1 /C=US/O=Google Trust Services/CN=Google Internet Authority G3, state=0, reason=unable to get local issuer certificate
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS=client, cert-subject=/C=US/ST=California/L=Mountain+20View/O=Google+20LLC/CN=mx.google.com, cert-issuer=/C=US/O=Google+20Trust+20Services/CN=Google+20Internet+20Authority+20G3, verifymsg=unable to get local issuer certificate
Jan 24 04:04:01 vps636848 sm-mta[11508]: x0O341lW011506: to=<saletra.kuba@gmail.com>, ctladdr=<kuba@mydomain.com> (1001/1001), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=120271, relay=gmail-smtp-in.l.google.com. [74.125.206.27], dsn=2.0.0, stat=Sent (OK 1548299041 h8si75004030wrv.45 - gsmtp)
Jan 24 04:04:01 vps636848 sm-mta[11508]: poststats: /var/lib/sendmail/sendmail.st: No such file or directory
Jan 24 04:04:01 vps636848 sm-mta[11508]: x0O341lW011506: done; delay=00:00:00, ntries=1
Jan 24 04:04:01 vps636848 sm-mta[11508]: poststats: /var/lib/sendmail/sendmail.st: No such file or directory
Jan 24 04:04:01 vps636848 sm-mta[11508]: STARTTLS=client, SSL_shutdown failed: -1