利用 mailx 通过 QQ 邮箱 SMTP 发送邮件,出现问题,也许是证书原因,请大家指教
TheOtherBruce 2016-05-02 11:43:27 +08:00 21519 次点击这是一个创建于 3530 天前的主题,其中的信息可能已经有所发展或是发生改变。
OS Centos 7
ln -s /bin/mailx /bin/email /etc/mail.rc 里是这样设置的
set smtp-use-starttls set ssl-verify=ignore set nss-config-dir=/root/.certs #set from set [email protected] # set smtp=smtp://smtp.server.tld:port_number set smtp=smtp.qq.com:465 ( or 587 ) # set the user for SMTP # set [email protected] set [email protected] # set the password for authorisation set smtp-auth-password=XXXXXXX # tell mailx that it needs to authorise set smtp-auth=login 465 端口测试 没反馈
echo hello|email -v -s "test" [email protected] Resolving host smtp.qq.com . . . done. Connecting to 14.17.57.241:465 . . . connected. ^C 587 端口测试
echo hello|email -v -s "test" [email protected] Resolving host smtp.qq.com . . . done. Connecting to 14.17.57.241:587 . . . connected. 220 smtp.qq.com Esmtp QQ Mail Server >>> EHLO XXXX.guest 250-smtp.qq.com 250-PIPELINING 250-SIZE 73400320 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN 250-MAILCOMPRESS 250 8BITMIME >>> STARTTLS 220 Ready to start TLS Error initializing NSS: Unknown error -8015. "/root/dead.letter" 11/301 . . . message not sent. 查看腾讯的证书
465 端口
openssl s_client -showcerts -connect smtp.qq.com:465 CONNECTED(00000003) depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1 depth=1 C = US, O = GeoTrust Inc., CN = GeoTrust SSL CA - G3 verify return:1 depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = Shenzhen Tencent Computer Systems Company Limited, OU = R&D, CN = pop.qq.com verify return:1 --- Certificate chain 0 s:/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Tencent Computer Systems Company Limited/OU=R&D/CN=pop.qq.com i:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3 -----BEGIN CERTIFICATE----- MIIGbzCCBVegAwIBAgIQZlTnxqFc/rVo50RzuVnejDANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYwMTI3MDAwMDAwWhcNMTYxMDIzMjM1 OTU5WjCBkzELMAkGA1UEBhMCQ04xEjAQBgNVBAgTCUd1YW5nZG9uZzERMA8GA1UE BxQIU2hlbnpoZW4xOjA4BgNVBAoUMVNoZW56aGVuIFRlbmNlbnQgQ29tcHV0ZXIg U3lzdGVtcyBDb21wYW55IExpbWl0ZWQxDDAKBgNVBAsUA1ImRDETMBEGA1UEAxQK cG9wLnFxLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALeSY7Vb 60Cvv7P2O+zhaZnqlz/KFs//DH4It3xmyMPFOPUFopzN1h8n3/4FPqGBtqEEuWBE /o7soZT30E8bw30Tl07VOcYm/fPKi1pyro3hNEdLi5Wlta9fKxDAvw0U3clSq39R qihYIDAA3QrDuqI54gULa5IZnqM16A9VBULPfIDaXbdgaAIJ5Ak92nC13YcdQYuv egL6jOWSKzCRTqeRAg+6dWkfce1+gAOCuCUDgAso2EJ+k9nFe/LAMMGdGbe4KI9H CwpDCMo+2k2u4SQtXOmuYke7nNmRnpJeL3qZnGWsqT7l3N0mYCc/+3zcMfAcmyuo H90stoWF/G2T2rcCAwEAAaOCAwswggMHMIIBggYDVR0RBIIBeTCCAXWCCm14Mi5x cS5jb22CEmltYXAuZXhtYWlsLnFxLmNvbYISdXBsb2FkLm1haWwucXEuY29tgg90 ZWwubWFpbC5xcS5jb22CFGh3c210cC5leG1haWwucXEuY29tgg9tb2IubWFpbC5x cS5jb22CEXJ0eC5leG1haWwucXEuY29tgg1teGJpejIucXEuY29tgg1teGJpejEu cXEuY29tgg5oay5tYWlsLnFxLmNvbYIOY2xvdWRteC5xcS5jb22CFGh3aW1hcC5l eG1haWwucXEuY29tggpteDEucXEuY29tghJzbXRwLmV4bWFpbC5xcS5jb22CEXBv cC5leG1haWwucXEuY29tghNod3BvcC5leG1haWwucXEuY29tggpteDMucXEuY29t ggtzbXRwLnFxLmNvbYIKZGF2LnFxLmNvbYIJZXgucXEuY29tgg9jbmMubWFpbC5x cS5jb22CC2ltYXAucXEuY29tggpwb3AucXEuY29tMAkGA1UdEwQCMAAwDgYDVR0P AQH/BAQDAgWgMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20v Z24uY3JsMIGdBgNVHSAEgZUwgZIwgY8GBmeBDAECAjCBhDA/BggrBgEFBQcCARYz aHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xl Z2FsMEEGCCsGAQUFBwICMDUMM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNv dXJjZXMvcmVwb3NpdG9yeS9sZWdhbDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwHwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUH AQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUF BzAChhpodHRwOi8vZ24uc3ltY2IuY29tL2duLmNydDANBgkqhkiG9w0BAQsFAAOC AQEAvta4aGvK5qe31ZnLbmtblhgLD11dAdSom3sEnkF8UHtoi+gPiHBmHy1t39Du 2w+5aeriqwsetdDNuAhh6ckKJhGjc9ochWw2lvyuHPko8sSDdBd/oUYBh60lREwB DoAi7x37QIjia4yprFCNs/+bV+bee+2nijeNYibgwLQ+5jZL89jC6BVXxLSTenVw B2bzQPauNo+DOsB6ubY/i5r9p2E1DHAO9AluN/epJZ1gwZhYlOey71s59341w/ql ZJImDrWch+Gj1ZgnXWnttgOSafqynPA6VtiFyYGF4zLboxIkNiyuwj+ZzuugV97z IurYVE9FA7vTlfeJhAkG2gIwsA== -----END CERTIFICATE----- 1 s:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3 i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA -----BEGIN CERTIFICATE----- MIIETzCCAzegAwIBAgIDAjpvMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTMxMTA1MjEzNjUwWhcNMjIwNTIwMjEzNjUwWjBEMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg U1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjvn4K hqPPa209K6GXrUkkTdd3uTR5CKWeop7eRxKSPX7qGYax6E89X/fQp3eaWx8KA7UZ U9ulIZRpY51qTJEMEEe+EfpshiW3qwRoQjgJZfAU2hme+msLq2LvjafvY3AjqK+B 89FuiGdT7BKkKXWKp/JXPaKDmJfyCn3U50NuMHhiIllZuHEnRaoPZsZVP/oyFysx j0ag+mkUfJ2fWuLrM04QprPtd2PYw5703d95mnrU7t7dmszDt6ldzBE6B7tvl6QB I0eVH6N3+liSxsfQvc+TGEK3fveeZerVO8rtrMVwof7UEJrwEgRErBpbeFBFV0xv vYDLgVwts7x2oR5lAgMBAAGjggFKMIIBRjAfBgNVHSMEGDAWgBTAephojYn7qwVk DBF9qn1luMrMTjAdBgNVHQ4EFgQU0m/3lvSFP3I8MH0j2oV4m6N8WnwwEgYDVR0T AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNgYDVR0fBC8wLTAroCmgJ4Yl aHR0cDovL2cxLnN5bWNiLmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAvBggrBgEFBQcB AQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nMi5zeW1jYi5jb20wTAYDVR0gBEUw QzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1 c3QuY29tL3Jlc291cmNlcy9jcHMwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVN5 bWFudGVjUEtJLTEtNTM5MA0GCSqGSIb3DQEBCwUAA4IBAQCg1Pcs+3QLf2TxzUNq n2JTHAJ8mJCi7k9o1CAacxI+d7NQ63K87oi+fxfqd4+DYZVPhKHLMk9sIb7SaZZ9 Y73cK6gf0BOEcP72NZWJ+aZ3sEbIu7cT9clgadZM/tKO79NgwYCA4ef7i28heUrg 3Kkbwbf7w0lZXLV3B0TUl/xJAIlvBk4BcBmsLxHA4uYPL4ZLjXvDuacu9PGsFj45 SVGeF0tPEDpbpaiSb/361gsDTUdWVxnzy2v189bPsPX1oxHSIFMTNDcFLENaY9+N QNaFHlHpURceA1bJ8TCt55sRornQMYGbaLHZ6PPmlH7HrhMvh+3QJbBo+d4IWvMp zNSS -----END CERTIFICATE----- --- Server certificate subject=/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Tencent Computer Systems Company Limited/OU=R&D/CN=pop.qq.com issuer=/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3 --- No client certificate CA names sent --- SSL handshake has read 3114 bytes and written 605 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : AES256-SHA256 Session-ID: C5D491F61D5A9CCFB6D0994D4B98A70619ADDD7076202155F404DB903F575E03 Session-ID-ctx: Master-Key: 1E2ACE2B58E07911983F27223130B2D473ABCDAD749AC29796544912A57868656FB7E1BFAB33A9F54795C1FAF6E9BF88 Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None TLS session ticket lifetime hint: 600 (seconds) TLS session ticket: 0000 - 5e 3f 95 a3 57 86 66 bf-34 7e 95 43 7f 24 0a f8 ^?..W.f.4~.C.$.. 0010 - 79 6b fe 42 1b 26 d1 cb-b7 fb 8b 6c 27 7f 5e ab yk.B.&.....l'.^. 0020 - b6 0b f5 6b 6b b1 1e 7a-2e 65 68 84 3d d1 9a d0 ...kk..z.eh.=... 0030 - 98 b0 56 fb dd 15 d4 f8-7 9e 07 0e 33 86 22 06 ..V.....}...3.". 0040 - 2f d3 ce 38 ae d4 2c 75-00 58 63 fa 9e 07 64 4b /..8..,u.Xc...dK 0050 - bc 0d ce a4 b0 71 d3 f3-ad 5f fa 15 60 5d 5a a6 .....q..._..`]Z. 0060 - 0a 1b f5 72 cb 48 b1 f5-a9 e9 90 71 f4 d8 fc f9 ...r.H.....q.... 0070 - 8f 6e 9b 74 3f 9e 26 d8-e8 f6 eb c6 a6 09 db 0d .n.t?.&......... 0080 - 0a 06 63 14 84 eb 2e d5-d9 99 ac 53 5c 36 94 38 ..c........S\6.8 0090 - 3c 38 1a ff 8b 53 c7 54-c4 70 3d 04 62 0d e8 a8 <8...S.T.p=.b... Start Time: 1462159866 Timeout : 300 (sec) Verify return code: 0 (ok) --- 220 smtp.qq.com Esmtp QQ Mail Server ^C 587 端口
openssl s_client -showcerts -connect smtp.qq.com:587 CONNECTED(00000003) 139994642556832:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:769: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 247 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- 我按照这两个文章
http://www.gabrielemerli.com/?p=2476
第二篇中的这个命令无法运行
certutil -A -n "Google Internet Authority" -t "TC,," -d certs -i google certutil: unable to open "google" for reading (-5950, 2). 最后竟然装了这个证书
certutil -L -d certs Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI Google Internet Authority CT,, 在寻找证书的过程中, GeoTrust SSL CA - G3 这个证书找不到下载地址。
请问正确的设置应该是怎样的? 现在这里谢谢大家了
第 1 条附言 2016-05-02 16:28:42 +08:00
参考
http://whatizee.blogspot.jp/2013/12/installing-and-config-heirloom-mailx.html
~/.certs下有cert8.db key3.db secmod.db这三个文件,
echo -n | openssl s_client -connect smtp.qq.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/qq.crt depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1 depth=1 C = US, O = GeoTrust Inc., CN = GeoTrust SSL CA - G3 verify return:1 depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = Shenzhen Tencent Computer Systems Company Limited, OU = R&D, CN = pop.qq.com verify return:1 DONE 我用cd /.certs,然后
certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt 报错
certutil -L -d .certs certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format. echo "内容" | mail -A Gmail -v -s " 标题" [email protected]
或者
```echo "内容" | mail -A QQ -v -s " 标题" [email protected]````
错误都是这个
Error initializing NSS: Unknown error -8015. "/root/dead.letter" 11/321 . . . message not sent.  | 1 ashoka 2016-05-02 13:52:42 +08:00 via Android 在 django 里 qq 好像要打开 ssl 才行 |
 | 2 TheOtherBruce OP @ashoka 您好 能说的详细些吗? 这个 django 在哪? |
| 3 TheOtherBruce OP 有同志能帮忙吗? |
| 4 TheOtherBruce OP 我到现在还没解决 :( |
Select Language