Plesk發送電子郵件TLS不可用

Question

來自Plesk的郵件。

但我收到這個答案

Out: 220 **DOMAIN** ESMTP Postfix (Debian/GNU) 
In:  EHLO [10.33.205.183] 
Out: 250-**DOMAIN** 
Out: 250-PIPELINING 
Out: 250-SIZE 31457280 
Out: 250-ETRN 
Out: 250-STARTTLS 
Out: 250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN 
Out: 250-ENHANCEDSTATUSCODES 
Out: 250-8BITMIME 
Out: 250 DSN 
In:  STARTTLS 
Out: 454 4.7.0 TLS not available due to local problem 
In:  ??? 
Out: 502 5.5.2 Error: command not recognized 
In:  ?????(?'?????? 
Out: 502 5.5.2 Error: command not recognized 
In:  ???? 
Out: 502 5.5.2 Error: command not recognized 
Out: 421 4.4.2 **DOMAIN** Error: timeout exceeded 

Session aborted, reason: timeout 

For other details, see the local mail logfile 

這裏是我的main.cf：

# See /usr/share/postfix/main.cf.dist for a commented, more complete version 


# Debian specific: Specifying a file name will cause the first 
# line of that file to be used as the name. The Debian default 
# is /etc/mailname. 
#myorigin = /etc/mailname 

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) 
biff = no 

# appending .domain is the MUA's job. 
append_dot_mydomain = no 

# Uncomment the next line to generate "delayed mail" warnings 
#delay_warning_time = 4h 

readme_directory = no 

# TLS parameters 
smtpd_tls_cert_file = /etc/postfix/tls/httpsd.pem 
smtpd_tls_key_file = $smtpd_tls_cert_file 
smtpd_use_tls = yes 
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 
# information on enabling SSL in the smtp client. 

myhostname = ***DOMAIN*** 
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases 
alias_database = hash:/etc/aliases 
myorigin = /etc/mailname 
mydestination = localhost.startdedicated.de, localhost, localhost.localdomain 
relayhost = 
mynetworks = 127.0.0.0/8 [::1]/128 **IP**/32 
mailbox_command = procmail -a "$EXTENSION" 
mailbox_size_limit = 0 
recipient_delimiter = + 
inet_interfaces = all 
inet_protocols = all 
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains 
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual 
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox 
transport_maps = , hash:/var/spool/postfix/plesk/transport 
smtpd_tls_security_level = may 
smtp_tls_security_level = may 
smtp_use_tls = no 
smtpd_timeout = 3600s 
smtpd_proxy_timeout = 3600s 
disable_vrfy_command = yes 
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated 
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated 
smtp_send_xforward_command = yes 
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128 
smtpd_sasl_auth_enable = yes 
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination 
virtual_mailbox_base = /var/qmail/mailnames 
virtual_uid_maps = static:30 
virtual_gid_maps = static:31 
smtpd_milters = , inet:127.0.0.1:12768 
non_smtpd_milters = 
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps 
virtual_transport = plesk_virtual 
plesk_virtual_destination_recipient_limit = 1 
mailman_destination_recipient_limit = 1 
virtual_mailbox_limit = 0 
message_size_limit = 31457280 

我應該說，那我豈不是在Linux和郵寄的專家！

配置文件位於：/etc/postfix/main.cf cert /etc/postfix/tls/httpsd.pem是服務器的默認證書。

謝謝！

Answer 1

TL; TR：壞客戶端和壞服務器。

您使用的郵件服務器配置錯誤，因爲它認爲它可以通過TLS（如在包含STARTTLS的EHLO中看到的），但卻無法實際使用TLS（客戶端嘗試使用TLS時發生錯誤）。此外，客戶端簡單地忽略了STARTTLS命令的錯誤消息，並繼續進行TLS握手。這會導致來自服務器的錯誤消息，該消息需要正確的SMTP命令，但是會得到類似垃圾的內容（TLS ClientHello）。