阿里云Centos6.X发邮件遇到的各种问题

前言:

新上一台阿里的云主机，提供web服务，各种环境搭建完成，能够提供服务，没想到在最后的监控环节遇到各种发邮件的坑，这里分享给大家，你是否也遇到这种坑？

网易163免费邮箱相关服务器信息：

一、安装和配置:

1.1、安装

[root@linux-node2 ~]# yum install mailx -y

Loaded plugins: fastestmirror, security

Setting up Install Process

Determining fastest mirrors

 * base: mirrors.aliyun.com

 * extras: mirrors.aliyun.com

 * updates: mirrors.aliyun.com

base            | 3.7 kB  00:00  

epel            | 3.2 kB  00:00  

epel/primary           | 3.2 MB  00:00  

epel              12521/12521

extras            | 3.4 kB  00:00  

icehouse           | 2.9 kB  00:00

updates            | 3.4 kB  00:00  

updates/primary_          | 1.2 MB  00:00  

Package mailx-12.4-8.el6_6.x86_64 already installed and latest version

Nothing to do

1.2、配置(以163邮箱为例)

首先你的邮箱要支持你的需求，到邮箱里去配置

然后到/etc/mail.rc的配置文件中去添加

set from=admin@163.com smtp=smtp.163.com smtp-auth-user=admin smtp-auth-password=xxxxxx  smtp-auth=login

[root@linux-node2 ~]# echo “12345” | mail -v -s “test” admin@163.com

至此应该是没问题，但是就是收不到邮件。得了，开始排错！所有的网络、配置检查完成后，还是收不到邮件，最后检查到端口发现问题！！！

[root@linux-node2 ~]# telnet smtp.163.com 25

Trying 220.181.12.17...

^C

[root@orcherstrator ~]# nc -vz -w 1 smtp.163.com 25

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

nc: connect to smtp.163.com port 25 (tcp) timed out: Operation now in progress

原来服务器根本就不能和第三方邮箱建立连接，问题找到，开始处理，一查才知道阿里云服务器把25端口给封了，需要申请解封。好吧！登录管理控制台，开始申请！！！

阿里云的审核速度还挺快的，两个多小时后反馈结果了，不过看看就吐口老血！！！

只能想其他的办法呗！！最后决定使用163邮箱的465加密端口

[root@orcherstrator ~]# telnet smtp.163.com 465

Trying 220.181.12.14...

Connected to smtp.163.com.

Escape character is '^]'.

^C

Connection closed by foreign host.

root@orcherstrator ~]# nc -vz -w 1 smtp.163.com 465

Connection to smtp.163.com 465 port [tcp/urd] succeeded!

看样子有戏哦！！！修改/etc/mail.rc的配置

set from=admin@163.com

set smtp="smtps://smtp.163.com:465"

set smtp-auth-user=admin@163.com

set smtp-auth-password=xxxxx

set smtp-auth=login

set smtp-use-starttls

set ssl-verify=ignore

set nss-config-dir=/etc/pki/nssdb/

[root@linux-node2 ~]# echo 'hello' |mail -v -s "test" yueyuancun@163.com

Resolving host smtp.163.com . . . done.

Connecting to 123.125.50.133 . . . connected.

Error in certificate: Peer's certificate issuer is not recognized. ##没有对端的证书 

Comparing DNS name: "*.163.com"

SSL parameters: cipher=AES-128-GCM, keysize=128, secretkeysize=128,

issuer=CN=GeoTrust SSL CA - G3,O=GeoTrust Inc.,C=US

subject=CN=*.163.com,O="NetEase (Hangzhou) Network Co., Ltd",L=HangZhou,ST=ZheJiang,C=CN

220 163.com Anti-spam GT for Coremail System (163com[20141201])

> EHLO linux-node2

250-mail

250-PIPELINING

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-coremail 1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UFVHs-cUCa0xDrUUUUj

250-STARTTLS

250 8BITMIME

> AUTH LOGIN

334 dXNlcm5hbWU6

> eXVleXVhbmN1bkAxNjMuY29t

334 UGFzc3dvcmQ6

> aGVsbG9uaWhhbzE5ODkxMA==

535 Error: authentication failed

smtp-server: 535 Error: authentication failed

"/root/dead.letter" 11/299

. . . message not sent. ##邮件没有发出去

至此，网上的case都说能收到邮件，但是我这就是收不到，那就根据错误来解决呗！！！搞证书

[root@linux-node2 ~]# mkdir -p /root/.certs/

[root@linux-node2 ~]# echo -n | openssl s_client -connect smtp.163.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/163.crt

depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA

verify return:1

depth=1 C = US, O = GeoTrust Inc., CN = GeoTrust SSL CA - G3

verify return:1

depth=0 C = CN, ST = ZheJiang, L = HangZhou, O = "NetEase (Hangzhou) Network Co., Ltd", CN = *.163.com

verify return:1

DONE

[root@linux-node2 ~]# certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt

[root@linux-node2 ~]# certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt

[root@linux-node2 ~]# certutil -L -d /root/.certs

Certificate Nickname                                      Trust Attributes

                                                   SSL,S/MIME,JAR/XPI

GeoTrust SSL CA                                          C,,  

[root@linux-node2 ~]# cd /root/.certs/

[root@linux-node2 .certs]# certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu"  -d ./ -i 163.crt

Notice: Trust flag u is set automatically if the private key is present.

[root@linux-node2 .certs]# cd 

[root@linux-node2 ~]# vim /etc/mail.rc 

set from=admin@163.com

set smtp="smtps://smtp.163.com:465"

set smtp-auth-user=admin@163.com

set smtp-auth-password=xxxxx

set smtp-auth=login

set smtp-use-starttls

set ssl-verify=ignore

set nss-config-dir=/root/.certs

[root@linux-node2 ~]# echo 'hello' |mail -v -s "test" admin@163.com

Resolving host smtp.163.com . . . done.

Connecting to 123.125.50.132 . . . connected.

Comparing DNS name: "*.163.com"

SSL parameters: cipher=AES-128-GCM, keysize=128, secretkeysize=128,

issuer=CN=GeoTrust SSL CA - G3,O=GeoTrust Inc.,C=US

subject=CN=*.163.com,O="NetEase (Hangzhou) Network Co., Ltd",L=HangZhou,ST=ZheJiang,C=CN

220 163.com Anti-spam GT for Coremail System (163com[20141201])

> EHLO linux-node2

250-mail

250-PIPELINING

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-coremail 1Uxr2xKj7kG0xkI17xGrU7I0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UF6b612UCa0xDrUUUUj

250-STARTTLS

250 8BITMIME

> AUTH LOGIN

334 dXNlcm5hbWU6

> eXVleXVhbmN1bkAxNjMuY29t

334 UGFzc3dvcmQ6

> aGVsbG9uaWhhbzE5ODk=

235 Authentication successful

> MAIL FROM:<admin@163.com>

250 Mail OK

> RCPT TO:<admin@163.com>

250 Mail OK

> DATA

354 End data with <CR><LF>.<CR><LF>

> .

250 Mail OK queued as smtp2,DNGowADH53eJp5BbGYUHAA--.2S2 1536206732

> QUIT

221 Bye

终于成功了！！！！

注:不管能否解决你遇到的问题，欢迎相互交流，共同提高！