起因:
[[email protected] ~]# echo 123|mail -s "123" [email protected]
[[email protected] ~]# smtp-server: 530 5.7.0 Must issue a STARTTLS command first. 71sm664699pfs.63 - gsmtp
"/root/dead.letter" 11/317
. . . message not sent.
之前一直使用的qq邮箱给自己发送邮件,做数据备份用,今天想把qq邮箱换成gmail邮箱,结果出现了上面的错误,网上查找了下资料终于得以解决,但中途坑比较多,总结一下方便日后遇坑。
为方便查看,用红色表示输入的命令,蓝色表示输入的内容
1、在/etc/postfix/main.cf文件末尾添加如下字段。
vi /etc/postfix/main.cf
smtp_sasl_security_options = noanonymous
relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
2、配置SASL认证
创建passwd文件并添加账号密码信息
mkdir -p /etc/postfix/sasl
vi /etc/postfix/sasl/passwd
[smtp.gmail.com]:587 你的邮箱:应用专用密码
注意邮箱账号和密码之间的“:",不要漏掉。例如:我公司购买的google邮箱服务,我生成的密码是123qwe则配置[smtp.gmail.com]:587 [email protected]:123qwe
由于google的安全限制,使用非web方式使用需要设置【应用专用密码】
应用专用密码生成网站:https://security.google.com/settings/security/apppasswords
3、更改文件权限
chmod 600 /etc/postfix/sasl/passwd
4、创建查找表
postmap /etc/postfix/sasl/passwd
5、生成CA证书
cd /etc/pki/tls/certs
make 你的名字.pem #例如:我叫小明,则 make xiaoming.pem
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
cat $PEM1 > xiaoming.pem ; \
echo "" >> xiaoming.pem ; \
cat $PEM2 >> xiaoming.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
....................................+++
....................................................................+++
writing new private key to ‘/tmp/openssl.gHSN9F‘
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.‘, the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:beijing
Locality Name (eg, city) [Default City]:beijing
Organization Name (eg, company) [Default Company Ltd]:gongsi
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server‘s hostname) []:xiaoming
Email Address []:[email protected]
cp /etc/pki/tls/certs/zhaoxinxing.pem /etc/postfix/cacert.pem
7、重启postfix服务
/etc/init.d/postfix restart
8、测试、完成
把/etc/hosts文件作为附件发送到自己的gmail邮箱。
echo “mail test”|mail -a /etc/hosts -s "hosts" [email protected]