このページの翻訳:
- 日本語 (ja)
- English (en)
最近の更新
- 02 Apache2で自己認証ssl [中間証明書の整合性確認]
最近の更新
下記のようにtelnetでSMTPの送信確認ができる。
$ telnet fl8.jp 25 Trying 182.48.51.190... Connected to fl8.jp (182.48.51.190). Escape character is '^]'. 220 mail.flateight.com ESMTP unknown helo localhost 250 mail.flateight.com MAIL FROM:sample@example.com ← 送信元アドレスを指定。(偽装可能) 250 2.1.0 Ok RCPT TO:sample@gmail.com ← 宛先アドレスを指定。 250 2.1.5 Ok DATA ← メールデータの転送開始。 354 End data with <CR><LF>.<CR><LF> SUBJECT this is test ← 件名を指定。 test mail ← 本文を入力。 . ← 本文の入力の最後は「.」のみを入力しEnter 250 2.0.0 Ok: queued as 8D47633010A ← キューへの格納確認。 QUIT ← 接続切断。 221 2.0.0 Bye Connection closed by foreign host.
下記の3種類の認証方式があります。
SMTP-AUTH後は、通常のメール送信の通りに送ります。
AUTH PALIN AUTH LOGIN AUTH CRAM-MD5
このユーザ名/パスワードを例とする。
username: username
password: password
$ printf '\000username\000password' | base64 AHVzZXJuYW1lAHBhc3N3b3Jk ・ちゃんとデコードできるようならOK $ printf 'AHVzZXJuYW1lAHBhc3N3b3Jk' | base64 -d usernamepassword
「Authentication successful」と出れば、認証OK
# telnet fl8.jp 587 Trying 182.48.51.190... Connected to fl8.jp (182.48.51.190). Escape character is '^]'. 220 mail.flateight.com ESMTP unknown helo localhost 250 mail.flateight.com auth plain AHVzZXJuYW1lAHBhc3N3b3Jk 235 2.0.0 Authentication successful quit
$ printf 'username' | base64 dXNlcm5hbWU= $ printf 'password' | base64 cGFzc3dvcmQ=
ユーザ名(334 VXNlcm5hbWU6)パスワード(334 UGFzc3dvcmQ6)の順にエンコードされたユーザ名・パスワードを入力する。
「Authentication successful」が出れば認証OK
# telnet fl8.jp 587 Trying 182.48.51.190... Connected to fl8.jp (182.48.51.190). Escape character is '^]'. 220 mail.flateight.com ESMTP unknown helo localhost 250 mail.flateight.com auth login 334 VXNlcm5hbWU6 dXNlcm5hbWU= 334 UGFzc3dvcmQ6 cGFzc3dvcmQ= 235 2.0.0 Authentication successful quit
SMTPS(465)の場合は、opensslで接続する。
接続後は、通常のSMTPと同じようにメールコマンドで送信する。
# openssl s_client -connect fl8.jp:465 CONNECTED(00000003) depth=0 /C=JA/ST=Itoh/L=Nagano/O=ITOH/OU=Solution/CN=cloud.flateight.com/emailAddress=matsui@ma21.ath.cx verify error:num=18:self signed certificate verify return:1 depth=0 /C=JA/ST=Itoh/L=Nagano/O=ITOH/OU=Solution/CN=cloud.flateight.com/emailAddress=matsui@ma21.ath.cx verify error:num=10:certificate has expired notAfter=Dec 3 07:46:40 2010 GMT verify return:1 depth=0 /C=JA/ST=Itoh/L=Nagano/O=ITOH/OU=Solution/CN=cloud.flateight.com/emailAddress=matsui@ma21.ath.cx notAfter=Dec 3 07:46:40 2010 GMT verify return:1 --- Certificate chain 0 s:/C=JA/ST=Itoh/L=Nagano/O=ITOH/OU=Solution/CN=cloud.flateight.com/emailAddress=matsui@ma21.ath.cx i:/C=JA/ST=Itoh/L=Nagano/O=ITOH/OU=Solution/CN=cloud.flateight.com/emailAddress=matsui@ma21.ath.cx --- Server certificate -----BEGIN CERTIFICATE----- MIIDiTCCAvKgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCSkEx DTALBgNVBAgTBEl0b2gxDzANBgNVBAcTBk5hZ2FubzENMAsGA1UEChMESVRPSDER MA8GA1UECxMIU29sdXRpb24xHDAaBgNVBAMTE2Nsb3VkLmZsYXRlaWdodC5jb20x ITAfBgkqhkiG9w0BCQEWEm1hdHN1aUBtYTIxLmF0aC5jeDAeFw0wOTEyMDMwNzQ2 NDBaFw0xMDEyMDMwNzQ2NDBaMIGQMQswCQYDVQQGEwJKQTENMAsGA1UECBMESXRv aDEPMA0GA1UEBxMGTmFnYW5vMQ0wCwYDVQQKEwRJVE9IMREwDwYDVQQLEwhTb2x1 dGlvbjEcMBoGA1UEAxMTY2xvdWQuZmxhdGVpZ2h0LmNvbTEhMB8GCSqGSIb3DQEJ ARYSbWF0c3VpQG1hMjEuYXRoLmN4MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQC9d/inADAS1sDdYC98XMVgeMV4Ro+32PWGJCc0pW7JuNWMdmTcz7P8eBTSDBSM IRZJVoCjWDlnIR9wvkgMdlwiF9PmnzqoG4gxiZGKx5tltFeCtet0UxcsozNchYGg ZVaAwy3xUclyf1O8V3mlDAsydltdP1Q80qKJ+tA/MOhyHwIDAQABo4HwMIHtMB0G A1UdDgQWBBSnpShA4V5buTcbuFLu+K2N2hYaNjCBvQYDVR0jBIG1MIGygBSnpShA 4V5buTcbuFLu+K2N2hYaNqGBlqSBkzCBkDELMAkGA1UEBhMCSkExDTALBgNVBAgT BEl0b2gxDzANBgNVBAcTBk5hZ2FubzENMAsGA1UEChMESVRPSDERMA8GA1UECxMI U29sdXRpb24xHDAaBgNVBAMTE2Nsb3VkLmZsYXRlaWdodC5jb20xITAfBgkqhkiG 9w0BCQEWEm1hdHN1aUBtYTIxLmF0aC5jeIIBADAMBgNVHRMEBTADAQH/MA0GCSqG SIb3DQEBBQUAA4GBADBgtI6Yao0uVgnRS7nv8Oi2qbxWXgFMO7dC2p+q/C/TNNog PxiVYdFoat997JjNKIRSmtoj9lIyymPEjfod+hsiSzMPvUnGz6JrbclqhP3jpunA i8E36ow21Kx2dArLREZhdTmTgP4WX7bqK5JvmGacI5NEN/QrdiiQoVxOEdp6 -----END CERTIFICATE----- subject=/C=JA/ST=Itoh/L=Nagano/O=ITOH/OU=Solution/CN=cloud.flateight.com/emailAddress=matsui@ma21.ath.cx issuer=/C=JA/ST=Itoh/L=Nagano/O=ITOH/OU=Solution/CN=cloud.flateight.com/emailAddress=matsui@ma21.ath.cx --- No client certificate CA names sent --- SSL handshake has read 1480 bytes and written 319 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 2FC2097C6912A922C64BC7152A05F5E082BA559EE2205886595073C41E4A5733 Session-ID-ctx: Master-Key: 869F65CB8012CF12D8A1ED2DFB2432660B540C668A2455CBFCAFCCB391340C3639F648403B09A400445C8802B8F5F698 Key-Arg : None Krb5 Principal: None Start Time: 1470296089 Timeout : 300 (sec) Verify return code: 10 (certificate has expired) --- 220 mail.flateight.com ESMTP unknown helo localhost 250 mail.flateight.com auth plain AHVzZXJuYW1lAHBhc3N3b3Jk 235 2.0.0 Authentication successful
# (echo "EHLO mail.fl8.jp"; sleep 1 echo "MAIL FROM: <matsui@fl8.jp>"; sleep 1 echo "RCPT TO: <hoge@gmail.com>"; sleep 1 echo "DATA"; sleep 1 echo "Date: `date -R`"; sleep 1 echo "Subject: TEST Mail"; sleep 1 echo "From: matsui@fl8.jp"; sleep 1 echo "To: hoge@gmail.com"; sleep 1 echo "" echo "Content" echo "" echo "."; sleep 1 echo "" echo "quit") | telnet gmail-smtp-in.l.google.com 25 Trying 108.177.97.27... Connected to gmail-smtp-in.l.google.com. Escape character is '^]'. 220 mx.google.com ESMTP z143si3893498pfc.64 - gsmtp 250-mx.google.com at your service, [XXX.XXX.XXX.XX] 250-SIZE 157286400 250-8BITMIME 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-CHUNKING 250 SMTPUTF8 250 2.1.0 OK cn16si3626205plb.174 - gsmtp 250 2.1.5 OK cn16si3626205plb.174 - gsmtp 354 Go ahead cn16si3626205plb.174 - gsmtp 250 2.0.0 OK 1555630403 z143si3893498pfc.64 - gsmtp Connection closed by foreign host.
# (echo "EHLO mail.fl8.jp"; sleep 1 echo "MAIL FROM: <matsui@fl8.jp>"; sleep 1 echo "RCPT TO: <hoge@gmail.com>"; sleep 1 echo "DATA"; sleep 1 echo "Date: `date -R`"; sleep 1 echo "Subject: TEST Mail"; sleep 1 echo "From: matsui@fl8.jp"; sleep 1 echo "To: hoge@gmail.com"; sleep 1 echo "" echo "Content" echo "" echo "."; sleep 1 echo "" echo "quit") | telnet gmail-smtp-in.l.google.com 25 Trying 108.177.97.27... Connected to gmail-smtp-in.l.google.com. Escape character is '^]'. 220 mx.google.com ESMTP z143si3893498pfc.64 - gsmtp 250-mx.google.com at your service, [XXX.XXX.XXX.XX] 250-SIZE 157286400 250-8BITMIME 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-CHUNKING 250 SMTPUTF8 250 2.1.0 OK z143si3893498pfc.64 - gsmtp 250 2.1.5 OK z143si3893498pfc.64 - gsmtp 354 Go ahead z143si3893498pfc.64 - gsmtp 550-5.7.1 [153.122.116.49 18] Our system has detected that this message is 550-5.7.1 likely suspicious due to the very low reputation of the sending IP 550-5.7.1 address. To best protect our users from spam, the message has been 550-5.7.1 blocked. Please visit 550 5.7.1 https://support.google.com/mail/answer/188131 for more information. z143si3893498pfc.64 - gsmtp Connection closed by foreign host.