Envio de e-mails do Gmail através do meu VPS (postfix, dovecot, postfixadmin)

2

Este problema está me incomodando há muito tempo e quero que isso seja corrigido. No meu VPS eu configurei o Postfix funcionando corretamente com postfixadmin e dovecot. (Eu posso enviar (pelo terminal) e receber correio) Como eu sou um grande fã dos produtos do Google, como o Gmail. Seria bom usar o Gmail como interface para enviar meus e-mails (através do meu vps). Bem, o Gmail tem essa função para adicionar um endereço de e-mail existente. E gostaria de adicionar meus endereços de e-mail à minha conta dessa maneira.

Mas toda vez que tento fazer login usando o método googles, ele diz que ele falha. Eu olhei em /var/log/mail.log para ver o que está acontecendo. Isso me dá esses 3 avisos enquanto eu tento conectar através do gmail ao meu servidor:

Apr 24 20:02:04 localhost postfix/master[7177]: daemon started -- version 2.11.3, configuration /etc/postfix
Apr 24 20:03:08 localhost postfix/smtpd[7189]: connect from mail-wm0-f41.google.com[74.125.82.41]
Apr 24 20:03:08 localhost postfix/smtpd[7189]: lost connection after CONNECT from mail-wm0-f41.google.com[74.125.82.41]
Apr 24 20:03:08 localhost postfix/smtpd[7189]: disconnect from mail-wm0-f41.google.com[74.125.82.41]

É assim que meu arquivo /etc/postfix/master.cf se parece:

# SMTP on port 25, unencrypted.
smtp      inet  n       -       -       -       -       smtpd
# SMTP with TLS on port 587.
submission inet n       -       -       -       -       smtpd
# SMTP over SSL on port 465.
smtps     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
pickup    unix  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -   n   n   -   2   pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

E é assim que meu arquivo /etc/postfix/main.cf se parece:

# The text that follows the 220 status code in the SMTP greeting banner.
smtpd_banner = $myhostname ESMTP
biff = no
append_dot_mydomain = no
readme_directory = no

# TLS parameters
# Using default dovecot certs
smtpd_tls_cert_file=/etc/letsencrypt/live/example.nl/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/example.nl/privkey.pem
# Use TLS if this is supported by the remote SMTP server, otherwise use plaintext.
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#
smtpd_tls_auth_only = yes

# Ensure we're not using no-longer-secure protocols.
smtpd_tls_mandatory_protocols=!SSLv2
smtpd_tls_ciphers = high
smtpd_tls_loglevel = 1
smtpd_tls_ask_ccert=yes

#Enabling SMTP for authenticated users, and hand off authentication to Dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions =
    permit_sasl_authenticated
    permit_mynetworks
    reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

# Outgoing encryption
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

myhostname = mail.example.nl

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $myhostname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8 192.168.0.0/24
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

# Disable the SMTP VRFY command. This stops some techniques used to harvest email addresses.
disable_vrfy_command = yes

#Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp

# This specifies where the virtual mailbox folders will be located.
virtual_mailbox_base = /var/mail
# This is for the mailbox location for each user.
virtual_mailbox_maps = mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
# and their user id
virtual_uid_maps = static:5000
# and group id
virtual_gid_maps = static:5000
# This is for aliases.
virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
# This is for domain lookups.
virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf

header_checks = regexp:/etc/postfix/header_checks
queue_directory = /var/spool/postfix

Existe alguma maneira para que eu possa enviar e-mails pelo Gmail usando a opção explicada acima e, neste artigo, no cabeçalho I'm a Gmail or Google Apps user sending from an external address. : link

Quando pesquiso no Google, estou obtendo resultados de instâncias de postfix usando o gmail como retransmissão, o que não é o que eu quero.

Estou usando Debian Jessie pelo caminho.

Em execução: openssl s_client -connect domain.nl:587 -starttls smtp Me dá a seguinte saída:

CONNECTED(00000003)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0 s:/CN=stack.domain.nl
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAx6j+Nm5lNYiux1hkrZfdLOaMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA0MjExMTIxMDBaFw0x
NjA3MjAxMTIxMDBaMCAxHjAcBgNVBAMTFXN0YWNrLmFyamFuc3BpZWFyZC5ubDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfZTqHABdgGweSS+x/fSDTd
QcgD/ZN1tdI4a8133ENsxnuLlZUEaexJ3WLLD+kHGsYT4iy8XWJKMrs/Rn4bxvrI
8nd+qlK5qEBgQggk2/s6B+6TEzBfS8gh+pqHBlfFguU5W5Ls+/jchScv5MY8eHDQ
04oLPYb6ssZk5Cv3RmfWmYJ/DfzezI7tC5NHnfX90XcIKH/hPgKgLGfLkwSjH5q/
0GgNba+mp08TQ9zsgzIYK49/x/3x8bs5Wf9MrqmJm8wnaNQlJVFM/hu8VieSX4xA
VrsdmI/1jfrYVgYp7kcFgQQYhS2AROamRYrsFDEykMlMLbJM0MkZIkde9QFQDlUC
AwEAAaOCAvMwggLvMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURN1iPx/I2g4ODzxc
fTq3m4Fw4nowHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYB
BQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMubGV0c2Vu
Y3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNl
bmNyeXB0Lm9yZy8wgfwGA1UdEQSB9DCB8YITYXB0LmFyamFuc3BpZWFyZC5ubIIP
YXJqYW5zcGllYXJkLm5sghNkZXYuYXJqYW5zcGllYXJkLm5sghNmdHAuYXJqYW5z
cGllYXJkLm5sghZnaXRsYWIuYXJqYW5zcGllYXJkLm5sghdrYXJhb2tlLmFyamFu
c3BpZWFyZC5ubIIUbWFpbC5hcmphbnNwaWVhcmQubmyCF3JlZG1pbmUuYXJqYW5z
cGllYXJkLm5sghVzdGFjay5hcmphbnNwaWVhcmQubmyCE3RmMi5hcmphbnNwaWVh
cmQubmyCE3d3dy5hcmphbnNwaWVhcmQubmwwgf4GA1UdIASB9jCB8zAIBgZngQwB
AgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl
dHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRl
IG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQg
b25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBm
b3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkq
hkiG9w0BAQsFAAOCAQEAPIASRLDbLjWFA51Z1sKg/SwLOiuBfygdPNXMfOukcoBT
Okqs1xf7wAdOXzhR7yvkDPPeF39ztCY+z7yxUcvqXL6bIXid3rDuEcE9zSNBJgZY
l2cbMeIn2jRw9SRBMQJ210xjrQIG6z6QbtiguHct8r4DAJNgX4x5x3sG103CZvpo
RhdKusrZzFyznzEBgAzBO310CAOzsyz710AZ5PBPGHjyWP2cb/6kWmX726LvbMj8
Z5iqFuX1LYG+sux4NHpgQbqvv8uCqjRmvjXmqVHNsHL35MwGYrkzQTdugbwns6pP
Upu2dBb/TX7lg0coJoEF8VzXASONxgTqkcjmB4Ep5A==
-----END CERTIFICATE-----
subject=/CN=stack.arjanspieard.nl
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
---
SSL handshake has read 3592 bytes and written 462 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: C4B5891C670E3F0D69A4569C0AFBE23EDA863AC6AC41316E78273217DBB36A28
    Session-ID-ctx: 
    Master-Key: 172AAAB858D6770614EF191EAC1BEF98C715927989A6C406E2C3E85425EC0963199333F2E6D9A32F9C9160A6AF8177C8
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 83 5a ad 68 ac da 62 2f-c1 0d c8 7c d9 d1 4d 00   .Z.h..b/...|..M.
    0010 - 2f 98 4a 79 c6 a0 f5 fb-9a ea ad ae bc 74 63 54   /.Jy.........tcT
    0020 - 0c bf 4c b4 26 77 2a 3c-e4 37 d7 ab 1e 25 9e af   ..L.&w*<.7...%..
    0030 - 3d c0 03 d0 b0 6f a2 14-13 4d 89 3c de c7 3a 2e   =....o...M.<..:.
    0040 - 3a 4e 7b 46 42 92 28 89-f0 82 8c fa d1 c0 e7 eb   :N{FB.(.........
    0050 - 93 d2 57 f9 90 78 9f 45-8b e2 44 7a 28 1e 55 dc   ..W..x.E..Dz(.U.
    0060 - e0 70 98 1a a7 e3 da ea-a5 1d ee ab 92 df 5b fa   .p............[.
    0070 - 8b f4 9e f6 ed 5d 34 94-3f 19 52 35 5a a6 d1 5a   .....]4.?.R5Z..Z
    0080 - 2e 28 37 7a 96 13 14 24-22 ef ba 12 d8 07 22 87   .(7z...$".....".
    0090 - 3d a1 e8 3e 25 b0 f6 d2-d3 4e 1d fd c0 fb 6d 07   =..>%....N....m.

    Start Time: 1461525221
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---
250 DSN

Eu suponho que tem que haver alguma configuração em postfix/master.cf , mas eu não sei o que ..

    
por Baklap4 24.04.2016 / 20:15

1 resposta

0

Eu encontrei o erro. Eu não configurei o Dovecot corretamente. Este é o tutorial que eu usei: link

    
por 29.04.2016 / 14:22