由于阿里云已将25端口封了(改用465端口),所以在ECS上往外发邮件时要作相应的配置才行。
使用的是163的企业邮箱,笔记简洁可用。
在阿里云的“安全组”开放645端口通行。
1.安装相应软件包:
systemctl stop sendmail
systemctl stop postfix
systemctl disable sendmail
systemctl disable postfix
yum -y install mailx
2.下载证书:
#创建目录,用来存放证书
mkdir -p /root/.certs/
#向163请求证书
echo -n|openssl s_client -connect smtp.qiye.163.com:465|sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/163.crt
#添加一个证书到证书数据库中
certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt
certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/163.crt
#使证书得到认可,避免发邮件后报错:Error in certificate: Peer's certificate issuer is not recognized
cd /root/.certs (一定要进入到证书所在目录才行)
certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ./ -i ./163.crt
#列出目录下证书
certutil -L -d /root/.certs
3.追加配置:
vim /etc/mail.rc
set from="zabbix@xxxxx.com"
set smtp="smtps://smtp.qiye.163.com:465"
set smtp-auth-user=mail@xxxxx.com
set smtp-auth-password=123456789
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/root/.certs
4.测试效果:
echo 'hello'|mail -v -s "test mail" human.hu@xxxxx.com