我的服务器在Ubuntu 16.04上运行,并且安装了Postfix.我的服务器发送的所有电子邮件都被Gmail标记为垃圾邮件,我认为从Let的加密设置TLS / SSL证书可能有所帮助.生成证书(通过命令:sudo letsencrypt certonly –agree-tos –email myemail@my-domain.com -d mail.my-domain.com)并添加了基本的Postfix配置,我收到带有消息的日志(同时发送电子邮件):
postfix/smtp[337]: Untrusted TLS connection established to gmail-smtp-in.l.google.com[64.233.163.26]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
我把它添加到/etc/postfix/master.cf:
submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_tls_wrappermode=no -o smtpd_sasl_auth_enable=yes -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth
并且/etc/postfix/main.cf:
# TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/mail.my-domain.com/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/mail.my-domain.com/privkey.pem
smtpd_use_tls=yes
smtp_tls_security_level = may
smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtpd_tls_protocols = !SSLv2,!SSLv3
是否有一种简单的方法来获得可信赖的TLS连接而不是不受信任,我是否需要购买某些东西或这个免费证书应该有效?它是否真的会影响我的电子邮件的可传递性?我在这个论坛上真的读了很多关于“垃圾话题”的内容,但没有任何帮助.
Is there an easy way to gain a Trusted TLS connection instead of untrusted,do I need to buy something or this free certificate should work?
这与您的证书无关,因此您无需购买任何东西.它是关于:您的Postfix如何验证Gmail的证书?
尝试添加:
smtp_tls_CApath = /etc/ssl/certs smtpd_tls_CApath = /etc/ssl/certs
到/etc/postfix/main.cf.
And does it actually affect deliverability of my emails?
并不是的.检查您的设置是否有DNS记录(还记得PTR),DKIM,SPF等.
