Postfix StartTLS验证=失败

Question

我今天早上在邮件日志中开始注意到这些错误。我不确定这是一个多长时间的问题，但我希望有人可以帮我修复它。

无论何时从我的服务器发送邮件，都会显示：

Jan  3 00:02:27 localhost sendmail[35620]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Jan  3 01:07:13 localhost sendmail[37987]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Jan  3 01:30:04 localhost sendmail[39139]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256

以下是一个完整的例子：

Jan  3 11:08:20 localhost sendmail[60377]: u03J3a3G060377: from=ken, size=656, class=0, nrcpts=1, msgid=<201601031903.u03J3a3G060377@localhost.my.domain>, relay=ken@localhost
Jan  3 11:08:20 localhost postfix/smtpd[60546]: connect from localhost[127.0.0.1]
Jan  3 11:08:20 localhost sendmail[60377]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Jan  3 11:08:20 localhost postfix/smtpd[60546]: 3A204449893: client=localhost[127.0.0.1]
Jan  3 11:08:20 localhost postfix/cleanup[60549]: 3A204449893: message-id=<201601031903.u03J3a3G060377@localhost.my.domain>
Jan  3 11:08:20 localhost sendmail[60377]: u03J3a3G060377: to=ken@****.com, ctladdr=ken (1001/1001), delay=00:04:44, xdelay=00:00:00, mailer=relay, pri=30656, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as 3A204449893)
Jan  3 11:08:20 localhost postfix/qmgr[27479]: 3A204449893: from=<ken@localhost.my.domain>, size=1293, nrcpt=1 (queue active)
Jan  3 11:08:20 localhost postfix/smtpd[60546]: disconnect from localhost[127.0.0.1]
Jan  3 11:08:20 localhost postfix/smtp[60550]: 3A204449893: to=<ken****@gmail.com>, orig_to=<ken@****.com>, relay=gmail-smtp-in.l.google.com[173.194.199.26]:25, delay=0.43, delays=0.11/0.01/0.11/0.19, dsn=2.0.0, status=sent (250 2.0.0 OK 1451848101 t1si22729840oem.51 - gsmtp)
Jan  3 11:08:20 localhost postfix/qmgr[27479]: 3A204449893: removed

我的SSL证书未经过自签名＆＃39;并且是从namecheap.com购买的 - 这个证书也在我的网络服务器上使用，没有问题。

我在FreeBSD 10.2上使用Postfix v2.11。还有那些＆＃34; sendmail＆＃34;排成Postfix的一部分？我已使用本指南禁用了sendmail：https://www.freebsd.org/doc/handbook/mail-changingmta.html

任何可能导致问题的想法？

Answer 1

我安装的东西似乎将/etc/mail/mailer.conf文件恢复为默认值（使用sendmail）。

如果您使用postfix，该文件应仅包含以下行：

# Execute the Postfix sendmail program, named /usr/local/sbin/sendmail
sendmail        /usr/local/sbin/sendmail
send-mail       /usr/local/sbin/sendmail
mailq           /usr/local/sbin/sendmail
newaliases      /usr/local/sbin/sendmail

要确保不再发生这种情况，请编辑/etc/make.conf文件并添加：

NO_SENDMAIL=true

要禁用sendmail特定任务，请编辑/etc/periodic.conf文件并添加：

daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"

要防止sendmail在启动时启动，请编辑/etc/rc.conf文件并添加：

sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"