无法从 Unifi 控制器向 Postfix SMTP 中继发送电子邮件通知

Question

我们正在尝试通过 UniFi 控制器向 Postfix SMTP 中继服务器发送电子邮件。 SMTP 端的错误消息是：

Oct 1 16:39:10 localhost postfix/smtpd[16188]: SSL_accept error from unknown[192.168.0.1]: -1
Oct 1 16:39:10 localhost postfix/smtpd[16188]: warning: TLS library problem: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../ssl/record/rec_layer_s3.c:1544:SSL alert number 46:
Oct 1 16:39:10 localhost postfix/smtpd[16188]: lost connection after STARTTLS from unknown[192.168.0.1]
Oct 1 16:39:10 localhost postfix/smtpd[16188]: disconnect from unknown[192.168.0.1] ehlo=1 starttls=0/1 commands=1/2

在 UniFi 控制器端，错误消息是：

There was an error sending test mail to xyz@test.com. Failed to send email for unknown reasons.

我们没有在 Postfix SMTP 中继中安装 SSL 证书。 SMTP 配置如下：

# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
forward_path = /$home/.forward
inet_interfaces = all
inet_protocols = ipv4
mail_name = V1
mailbox_size_limit = 0
mydestination = localhost, localhost.$mydomain, $mydomain, $myhostname
mydomain = g1.test.com
myhostname = V1.test.com
mynetworks = /etc/postfix/relay_table
myorigin = /etc/mailname
notify_classes = delay,resource,software
readme_directory = no
recipient_delimiter = +
relayhost = smtp-relay.gmail.com:25
smtp_destination_concurrency_limit = 5
smtp_destination_rate_delay = 1s
smtp_extra_recipient_limit = 10
smtp_fallback_relay = 192.168.0.100
smtp_generic_maps = hash:/etc/postfix/generic
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 60
smtpd_discard_ehlo_keywords = silent-discard, dsn
smtpd_error_sleep_time = 1s
smtpd_hard_error_limit = 20
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_soft_error_limit = 10
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 1
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
smtpd_use_tls = yes

我们还没有创建文件： smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key

我们不想在 SMTP 中继中安装 SSL CA 证书。

请帮助我如何解决此问题，以便 UniFi 控制器凸轮从 SMTP 中继发送电子邮件。

Answer 1

我发现我也有同样的问题。我找到了这篇关于手动编辑 system.properties 文件的文章https://help.ui.com/hc/en-us/articles/205202580-UniFi-Explaining-the-system-properties-File。我在文件中添加了 smtp.starttls_enabled=false 并重新启动了 unifi 服务，现在测试电子邮件已送达。