我一直在通过一个教程运行: http : //www.cerebellumstrategies.com/amazon-linux-postfix-dovecot/和一切工作通过整个教程直到检查身份validation。
在实例中,我可以运行:
[ec2-user@domU-... ~]$ openssl s_client -starttls smtp -connect localhost:25 CONNECTED(00000003) didn't found starttls in server response, try anyway... 140326462789448:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:699: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 238 bytes and written 148 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- [ec2-user@domU-12-31-39-05-61-27 ~]$ 但从我自己的笔记本电脑:
Drew-Sonnes-MacBook-Pro:~ drew$ openssl s_client -starttls smtp -connect mail.symbiosislaboratories.com:25 connect: Connection refused connect:errno=61
我的安全小组有25个端口(有几个星期)。 为了debugging我的问题,我closures了iptables:
[ec2-user@domU-... ~]$ sudo service iptables status iptables: Firewall is not running.
我已经要求我的反向DNS和端口25从亚马逊开放,他们通过了几天前。 我已经确定我的DNS正确parsing。 我已经通过教程,固定错别字,双重和三重检查我的设置,并找不到我做错了什么。 还有谁知道其他什么会阻止这个?
这是与SASL。 关键是关键,pem是CA文件,crt和颁发证书。
/etc/dovecot/conf.d/main.cf:
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES virtual_alias_maps = hash:/etc/postfix/virtual sender_bcc_maps = hash:/etc/postfix/bcc mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME home_mailbox = Maildir/ smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination mailbox_size_limit = 0 allow_percent_hack = no ## Specify the keys/certificates smtpd_tls_key_file = /etc/pki/tls/private/localhost.key smtpd_tls_CAfile = /etc/pki/tls/cert.pem smtpd_tls_cert_file = /etc/ssl/certs/localhost.crt smtpd_tls_security_level = may ##
/etc/dovecot/master.cf:
# ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes smtps inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes