for teratail questions 320475 LOCAL postconf -n , openssl s_client , /var/log/maillog
要求戴いた各種設定の結果等です。
ローカル環境正常動作時です。
(すみません、実験時刻帯の後先になってしまい、バーチャル環境での設定結果は明日以降になります)
※実験時刻2021/02/06、PM16:24~16:27頃
# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
auth plain *****base64_password*****
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.
# openssl s_client -connect localhost:995
socket: Bad file descriptor
connect:errno=9
# openssl s_client -connect localhost:587 -starttls smtp
CONNECTED(00000003)
didn't found starttls in server response, try anyway...
139946015500176:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 228 bytes and written 324 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1612596277
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
# postconf -n
alias_database = hash:/etc/postfix/aliases, hash:/etc/mailman/aliases
alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases
allow_mail_to_commands = alias,forward,include
allow_percent_hack = yes
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
home_mailbox = Maildir/
inet_interfaces = all
mail_owner = postfix
message_size_limit = 40960000
mydestination = $myhostname, localhost.$mydomain, mail.$mydomain, $mydomain
mydomain = example.com
myhostname = mail.example.com
mynetworks = 127.0.0.1/32, 192.168.0.0/24
mynetworks_style = subnet
myorigin = $mydomain
owner_request_special = no
queue_directory = /var/spool/postfix
recipient_delimiter = +
relay_domains = $mydestination
smtpd_banner = ESMTP unknown
smtpd_etrn_restrictions = permit_mynetworks, reject_invalid_hostname
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
swap_bangpath = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
以下当該時間のアタックを除く/var/log/maillog
-----
Feb 6 16:24:20 example dovecot: pop3-login: Login: user=<mailfoo>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=18212, secured, session=<QsNE06W6tOR/AAAB>
Feb 6 16:24:24 example dovecot: pop3(mainfoo): Disconnected: Logged out top=0/0, retr=0/0, del=0/1, size=9126
ローカル環境正常動作時です。
(すみません、実験時刻帯の後先になってしまい、バーチャル環境での設定結果は明日以降になります)
※実験時刻2021/02/06、PM16:24~16:27頃
# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
auth plain *****base64_password*****
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.
# openssl s_client -connect localhost:995
socket: Bad file descriptor
connect:errno=9
# openssl s_client -connect localhost:587 -starttls smtp
CONNECTED(00000003)
didn't found starttls in server response, try anyway...
139946015500176:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 228 bytes and written 324 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1612596277
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
# postconf -n
alias_database = hash:/etc/postfix/aliases, hash:/etc/mailman/aliases
alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases
allow_mail_to_commands = alias,forward,include
allow_percent_hack = yes
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
home_mailbox = Maildir/
inet_interfaces = all
mail_owner = postfix
message_size_limit = 40960000
mydestination = $myhostname, localhost.$mydomain, mail.$mydomain, $mydomain
mydomain = example.com
myhostname = mail.example.com
mynetworks = 127.0.0.1/32, 192.168.0.0/24
mynetworks_style = subnet
myorigin = $mydomain
owner_request_special = no
queue_directory = /var/spool/postfix
recipient_delimiter = +
relay_domains = $mydestination
smtpd_banner = ESMTP unknown
smtpd_etrn_restrictions = permit_mynetworks, reject_invalid_hostname
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
swap_bangpath = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
以下当該時間のアタックを除く/var/log/maillog
-----
Feb 6 16:24:20 example dovecot: pop3-login: Login: user=<mailfoo>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=18212, secured, session=<QsNE06W6tOR/AAAB>
Feb 6 16:24:24 example dovecot: pop3(mainfoo): Disconnected: Logged out top=0/0, retr=0/0, del=0/1, size=9126
お知らせ
実務でも趣味でも役に立つ多機能Webツールサイト【無限ツールズ】で、日常をちょっと便利にしちゃいましょう!
▶無限ツールズ
▶無限ツールズ
