连接smtp发邮件会验证域名?
本帖最后由 wawos 于 2024-10-21 13:39 编辑不是指邮件地址的域名, 这个肯定要验证的我知道,
比如smtp服务器地址是: smtp.qq.com
直接连域名+账号密码, 可以成功登录
但是改成连: smtp.qq.com的IP: 183.47.101.192 + 账号密码, 却不成功
是什么原因呢 另外这种愚蠢问题为什么不去问 ChatGPT,总有一个是对的
https://s2.loli.net/2024/10/21/iUZshgmaoCXYjAD.png
smtp不是像远程桌面、SSH一样, 不具备域名验证功能的吗?
难道他也和web服务的http一样, 具有域名验证功能? 你实名认证过吗,使用设备专用密码发邮件的吗 ehlo 了解一下,,,
wawos 发表于 2024-10-21 13:38
smtp不是像远程桌面、SSH一样, 不具备域名验证功能的吗?
难道他也和web服务的http一样, 具有域名验证功能? ..."谁告诉你的?先问是不是再问为什么,,
iks 发表于 2024-10-21 13:39
ehlo 了解一下,,,
ehlo后面必须要要smtp的域名吗
iks 发表于 2024-10-21 13:39
ehlo 了解一下,,,
胡说, 不对,看了教程, EHLO是表明自己的身份,后面填的是自己网站的域名
根本就不是填smtp.qq.com 本帖最后由 iks 于 2024-10-21 16:14 编辑
wawos 发表于 2024-10-21 14:33
胡说, 不对,看了教程, EHLO是表明自己的身份,后面填的是自己网站的域名
根本就不是填smtp.qq.com ...
看走眼了抱歉,EHLO 确实是表明自己的身份
SMTP 只能用完全限定域名 (FQDN) 的原因是使用 SSL, TLS 或 StartTLS 的 SMTP 需要验证服务器名称
例如,尝试获得 email-smtp.us-west-1.amazonaws.com:587 的证书,执行:
# openssl s_client -connect email-smtp.us-west-1.amazonaws.com:587 -starttls smtp
可以得到:
[*]# openssl s_client -connect email-smtp.us-west-1.amazonaws.com:587 -starttls smtp
[*]CONNECTED(00000003)
[*]depth=2 C = US, O = Amazon, CN = Amazon Root CA 1
[*]verify return:1
[*]depth=1 C = US, O = Amazon, CN = Amazon RSA 2048 M01
[*]verify return:1
[*]depth=0 CN = email-smtp.us-west-1.amazonaws.com
[*]verify return:1
[*]---
[*]Certificate chain
[*] 0 s:CN = email-smtp.us-west-1.amazonaws.com
[*] i:C = US, O = Amazon, CN = Amazon RSA 2048 M01
[*] 1 s:C = US, O = Amazon, CN = Amazon RSA 2048 M01
[*] i:C = US, O = Amazon, CN = Amazon Root CA 1
[*] 2 s:C = US, O = Amazon, CN = Amazon Root CA 1
[*] i:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2
[*] 3 s:C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2
[*] i:C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority
[*]---
[*]Server certificate
[*]-----BEGIN CERTIFICATE-----
[*]MIIGQjCCBSqgAwIBAgIQCaHt/BVsLHNtiqrkyyDR5zANBgkqhkiG9w0BAQsFADA8
[*]MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
[*]UlNBIDIwNDggTTAxMB4XDTI0MDkwNDAwMDAwMFoXDTI1MDkwMzIzNTk1OVowLTEr
[*]MCkGA1UEAxMiZW1haWwtc210cC51cy13ZXN0LTEuYW1hem9uYXdzLmNvbTCCASIw
[*]DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKmaJ9aVXCPy8BuK8GcaWI2+uwiI
[*]Lfp1kFCtf9oTjNU6yevf3fp/vkpalix2kyBH4hAugpyCf+unTCZyLOuWatVToRr4
[*]CBu8yzDcQvwLfO00sRbe9hzf5NBuiNVLgP2x0oKFkL3RxljmutPnp00JFKLbe8ct
[*]qLNw3v8hgN0Bh4mymNky2rsQPLXhpgkiTA0ibDhQblQcWdyoZecXxAy2hTnqfqas
[*]SHqWS1xNPUpB+5CHJ7NsUz7JwnzNAYYR8i2E/x+ZP6vapcshLwDM3/Eh6FsAecZ9
[*]mnovwgsZkEPKwJqFLxFi8TLIJxg+VgZ8B1GjmJbElBwg2Wu8bixTvvQYZYMCAwEA
[*]AaOCA00wggNJMB8GA1UdIwQYMBaAFIG4DmOKiRIY5fo7O1CVn+blkBOFMB0GA1Ud
[*]DgQWBBQY257IFQMtex9fYm/npUcgwAVovzCBgQYDVR0RBHoweIInZW1haWwtc210
[*]cC1maXBzLnVzLXdlc3QtMS5hbWF6b25hd3MuY29tgikqLmVtYWlsLXNtdHAudXMt
[*]d2VzdC0xLnZwY2UuYW1hem9uYXdzLmNvbYIiZW1haWwtc210cC51cy13ZXN0LTEu
[*]YW1hem9uYXdzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMC
[*]BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAu
[*]oCyGKmh0dHA6Ly9jcmwucjJtMDEuYW1hem9udHJ1c3QuY29tL3IybTAxLmNybDB1
[*]BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAxLmFt
[*]YXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMS5hbWF6
[*]b250cnVzdC5jb20vcjJtMDEuY2VyMAwGA1UdEwEB/wQCMAAwggF7BgorBgEEAdZ5
[*]AgQCBIIBawSCAWcBZQB1AN3cyjSV1+EWBeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gq
[*]AAABkbq8Y0AAAAQDAEYwRAIgIJ3ah+QSfrN7ogIh3TF6cThNrlbHRhL8YTc9EoZN
[*]VQkCIENbP4vqCx81C7Kaf4LlvNXbAjhxQ99V5o1pRlqJDqPKAHUAfVkeEuF4Knsc
[*]YWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGRurxjAQAABAMARjBEAiBS8/o0JW7s
[*]rCqN6K3VjckdzBMSlQ/pxKPTw9QAJhGGyQIgfka8+F+qxfLK8C5YS7nXw4mpRtn5
[*]I6wiZdcN9pYwnYQAdQDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAA
[*]AZG6vGMbAAAEAwBGMEQCIC0/v3uCz8djCDtMMpz6I/H7mVYfSVGjoXX4SPLcTnsr
[*]AiA+DlEej6rPxGvucXdhzFC66nIQoNA4AeIuq6cffB296jANBgkqhkiG9w0BAQsF
[*]AAOCAQEAFtteDD34Btc4wTsfOQdfiSAFyxNVP6eMdvDFJwlh3n8wP80wo8761IIG
[*]de+MNhguNNJXDDxSQBSE4ZgyLU6AvjaDqC0qsAPLaz8rOsEpVWad1th4kgAuRU/S
[*]l6qbALUSD8v2nxT0mi8/RBXtsi/R36sr+XkJgbh19tRX/3HR22oe+QqXLtAatkJL
[*]0HzWg9KXDpMPU/Dtn+**5wBw6AtwTFwcGL+eiS8Uodn0y+PvHI5i/Ax77o2aU6h
[*]OuHBeXE/yVnO/0JaTNCB/06vhQ77q08EiIR/UzS+BmDWFdRcFST5f7F+8XezOo1c
[*]DrF1GkcJAMvyJ7KKdeK43eu2ATFdSg==
[*]-----END CERTIFICATE-----
[*]subject=CN = email-smtp.us-west-1.amazonaws.com
[*]
[*]issuer=C = US, O = Amazon, CN = Amazon RSA 2048 M01
[*]
[*]---
[*]No client certificate CA names sent
[*]Peer signing digest: SHA256
[*]Peer signature type: RSA-PSS
[*]Server Temp Key: ECDH, P-256, 256 bits
[*]---
[*]SSL handshake has read 6135 bytes and written 903 bytes
[*]Verification: OK
[*]---
[*]New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
[*]Server public key is 2048 bit
[*]Secure Renegotiation IS NOT supported
[*]Compression: NONE
[*]Expansion: NONE
[*]No ALPN negotiated
[*]Early data was not sent
[*]Verify return code: 0 (ok)
[*]---
[*]250 Ok
[*]---
[*]Post-Handshake New Session Ticket arrived:
[*]SSL-Session:
[*] Protocol: TLSv1.3
[*] Cipher : TLS_AES_256_GCM_SHA384
[*] Session-ID: F13F18778F6405D1D2864FC3078014639FC3AA9186FA64D6F725CB3198E2050D
[*] Session-ID-ctx:
[*] Resumption PSK: EE4CB763252AD64874D1A8B75650A16F3E08FC252517F96875052DED3B7115B35EDA13C8B958674B8235647A968C98FE
[*] PSK identity: None
[*] PSK identity hint: None
[*] SRP username: None
[*] TLS session ticket lifetime hint: 86400 (seconds)
[*] TLS session ticket:
[*] 0000 - 3a 1c b5 42 b9 44 7e 3b-4c 73 37 5c 92 dd 1e a3 :..B.D~;Ls7\....
[*] 0010 - 44 68 bf 65 0d c9 81 6f-6d 6c 36 b8 e3 a5 aa 08 Dh.e...oml6.....
[*]
[*] Start Time: 1729498245
[*] Timeout : 7200 (sec)
[*] Verify return code: 0 (ok)
[*] Extended master secret: no
[*] Max Early Data: 0
[*]---
[*]read R BLOCK
[*]451 4.4.2 Timeout waiting for data from client.
[*]closed复制代码
该证书的 commonName 为 email-smtp.us-west-1.amazonaws.com
如果你将 SMTP 服务器标记为 50.18.243.214 则会发生不匹配,客户端拒绝送信
测试了,可以登陆成功啊。多半是证书不匹配的问题。可以尝试手动制定servername,或者手动在hosts里面给域名指定IP地址即可。
页:
[1]