Exim4 GnuTLS 错误(gnutls_handshake):收到了意外的 TLS 数据包

【问题标题】:Exim4 GnuTLS error (gnutls_handshake): An unexpected TLS packet was receivedExim4 GnuTLS 错误(gnutls_handshake):收到了意外的 TLS 数据包
【发布时间】:2020-04-29 13:55:29
【问题描述】:

我有 Exim4-heavy,GunTLS

配置正确,邮件工作正常

我突然无法使用 TLS,但是 SSL 证书已经过验证

当我 telnet 到 465 端口时,它给出了

# telnet localhost 465
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
ehlo foo

Connection closed by foreign host.

但是当我远程登录到端口 587

# telnet localhost 587
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 box01.xxxxxxxxx.com ESMTP Exim 4.90_1 Ubuntu Wed, 29 Apr 2020 15:49:41 +0200
ehlo foo
250-box01.xxxxxxxxx.com Hello foo [127.0.0.1]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250-PRDR
250 HELP
starttls
220 TLS go ahead
ehlo foo

Connection closed by foreign host.

我没有更新配置中的任何内容,它在 5 天前就可以工作

我在日志中也有很多这样的错误

2020-04-29 15:50:02 TLS error on connection from (foo) [127.0.0.1]:55212 I=[127.0.0.1]:587 (gnutls_handshake): An unexpected TLS packet was received.

【问题讨论】:

    标签: exim exim4


    【解决方案1】:

    exim4 也有类似的问题。我将分享一些我为使其工作而进行的配置。

        echo "IGNORE_SMTP_LINE_LENGTH_LIMIT='true'" >> /etc/exim4 exim4.conf.localmacros
    echo "REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *">> /etc/exim4/exim4.conf.localmacros
    echo "REQUIRE_PROTOCOL = smtps">> /etc/exim4/exim4.conf.localmacros
    echo "MAIN_HARDCODE_PRIMARY_HOSTNAME = localhost" >> /etc/exim4/exim4.conf.localmacros

    echo "MAIN_TLS_ENABLE = 1">> /etc/exim4/exim4.conf.localmacros
    echo "MAIN_TLS_CERTIFICATE=/opt/ssl/localhost.pem" >> /etc/exim4/exim4.conf.localmacros
    echo "MAIN_TLS_PRIVATEKEY=/opt/ssl/localhost-key.pem" >> /etc/exim4/exim4.conf.localmacros
    echo "daemon_smtp_ports = 25 : 465" >> etc/exim4/exim4.conf.localmacros
    echo "tls_on_connect_ports = 465" >> /etc/exim4/exim4.conf.localmacros
    
    echo "dc_other_hostnames='localhost'" >> /etc/exim4/update-exim4.conf.conf
    echo "dc_eximconfig_configtype='satellite'" >> /etc/exim4/update-exim4.conf.conf
    echo "dc_smarthost='localhost::465'" >> /etc/exim4/update-exim4.conf.conf

    我还确保允许 exim 读取证书。

    chown root:Debian-exim /opt/ssl/key.pem
chown root:Debian-exim /opt/ssl/cert.pem
chmod 640 /opt/ssl/key.pem
chmod 640 /opt/ssl/cert.pem

    【讨论】:

      猜你喜欢
      • 2018-12-07
      • 1970-01-01
      • 1970-01-01
      • 2015-09-11
      • 1970-01-01
      • 1970-01-01
      • 2019-11-02
      • 2019-08-12
      • 1970-01-01
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode