“UbuntuHelp:GmailPostfixFetchmail”的版本间的差异

2007年11月30日 (五) 17:27的版本

文章出处:

https://help.ubuntu.com/community/GmailPostfixFetchmail

点击翻译:

English

请不要直接编辑翻译本页，本页将定期与来源同步。

Introduction

This page is for those who wish to use Postfix and Fetchmail to access a single Gmail account. The setup presented here is limited: it is intended for a machine with a single user who wishes to read and send e-mail using an old-fashioned client such as mutt or Emacs GNUS. The setup presented is intended to be as simple and as close to a standard Ubuntu configuration as possible. The Postfix setup does not verify the Gmail SMTP server certificate; the reason for this is discussed in the appendix. If you use Evolution or a similar modern e-mail client, you do not need to use this setup: your client can connect directly to the Gmail POP3 and SMTP services. For help with Evolution, see UsingGmailWithEvolution. For help with Thunderbird, see Google's help at http://mail.google.com/support/bin/answer.py?answer=38343

Assumed reader knowledge

You should be familiar with package installation, and be able to edit text configuration files. You should also be familiar with terms like POP3, SMTP and SSL.

References

Packages needed

You will need the postfix and fetchmail packages. See InstallingSoftware for more on installing packages.

Setting up your Gmail account

You will need to enable POP access for your Gmail account. See UsingGmailWithEvolution for more.

Example username

In all the examples below, I've assumed that the username on the Ubuntu system is jane, and that the Gmail username is [email protected], with password doeadeer. You obviously need to replace these with your local username, your Gmail username and Gmail password as appropriate.

Configuring Postfix

To setup Postfix, you will need to create 5 files:

/etc/postfix/main.cf
/etc/postfix/generic
/etc/postfix/generic.db
/etc/postfix/passwd
/etc/postfix/passwd.db

You will need root access to create and edit these files; see RootSudo for more on gaining root access.

Stop Postfix

It's not necessary to do so, but if you wish to stop Postfix while configuring, run (as root)

/etc/init.d/postfix stop

/etc/postfix/main.cf

When you install Postfix you will be prompted to make configuration choices. You can choose "No configuration"; in this case no configuration file will be created, and you can use the contents below. The configuration choices used to create it are listed in the Appendix. This is the Postfix configuration file /etc/postfix/main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localhost, localhost.localdomain
relayhost = 
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
inet_protocols = all
smtp_tls_loglevel=1
smtp_tls_security_level=encrypt
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd
smtp_sasl_security_options = noanonymous
smtp_generic_maps=hash:/etc/postfix/generic
relayhost=[smtp.gmail.com]:587

An explanation of each non-standard line (following the comment "non debconf entries start here") is given in the Appendix.

/etc/postfix/generic and /etc/postfix/generic.db

The generic file tells Postfix how to map local e-mail addresses to Internet addresses when mail is sent via SMTP. Postfix rewrites "From:" headers to make e-mail appear to come from [email protected] instead of jane@localhost. The /etc/postfix/generic is a plain text file, and should look as follows:

jane@localhost   [email protected]

/etc/postfix/generic.db is generated from this using the postmap command:

cd /etc/postfix
postmap generic

/etc/postfix/sasl/passwd and /etc/postfix/sasl/passwd.db

The passwd file contains your Gmail password. Like /etc/postfix/generic file discussed above, it is a plain text file; it should look as follows:

[smtp.gmail.com]:587    [email protected]:doeadeer

To create passwd.db, and set ownership and permissions appropriately, run the following commands:

cd /etc/postfix/sasl
postmap passwd
chown root.root passwd passwd.db
chmod 600 passwd passwd.db

Start or reload Postfix

If you previously stopped Postfix, restart it with

/etc/init.d/postfix start

If you didn't stop Postfix, force it to reload its configuration with

postfix reload

Testing

Postfix provides a means of testing its address rewriting rules using the sendmail command with the '-bv' option. If the mail would be sent externally (i.e., via smtp.gmail.com), the command will cause sendmail to connect and authenticate to smtp.gmail.com, which makes it a convenient way to test the Postfix setup. One possibly inconvenient feature of sendmail -bv is that the result is mailed to the user who ran the command; thus, if mail is utterly misconfigured, you will never receive the result. If you suspect this is the case, you can check /var/log/mail.log to see what went wrong. To check that basic delivery works, run the following command as a normal user (replacing "jane", as elsewhere, with your username):

sendmail -bv jane

You should receive a mail starting with:

This is the mail system at host localhost.
Enclosed is the mail delivery report that you requested.
The mail system
<jane@localhost> (expanded from <jane>): delivery via local: delivers to mailbox

If this didn't work, make sure that Postfix is running. To check that Postfix can successfully connect to gmail, run

sendmail -bv [email protected]

You should receive a mail starting with:

This is the mail system at host localhost.
Enclosed is the mail delivery report that you requested.
The mail system
<[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: 250 2.1.5 OK

Potential problems with this are discussed in the following section.

Potential Postfix problems

Cannot find password

If you get an error message like this:

<[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587:
host smtp.gmail.com[66.249.91.109] said: 530 5.5.1 Authentication Required
c24sm1773006ika (in reply to MAIL FROM command)

then Postfix cannot figure out what password to send gmail; make sure that the smtp_sasl_password_maps entry in /etc/postfix/main.cf is correct, that /etc/postfix/sasl/passwd is correct, and that you've created /etc/postfix/sasl/passwd.db.

No mechanism available

If you get an error message like this:

SASL authentication failed; cannot authenticate to server
smtp.gmail.com[66.249.91.109]: no mechanism available

you have probably forgotten the smtp_sasl_security_options line in /etc/postfix/main.cf.

Configuring Fetchmail

The setup presented here configures the system-wide fetchmail service, which is by default always running; for this use /etc/fetchmailrc is the configuration file. If you want to run fetchmail as your normal user you should use ~/.fetchmailrc; that case is not further discussed here. Unlike the Postfix setup above, the fetchmail configuration presented here will verify the Gmail POP3 server's certificate.

Stop the fetchmail service

To stop fetchmail while configuring it, run

/etc/init.d/fetchmail stop

/etc/fetchmail.rc

The file /etc/fetchmailrc should look as follows:

set syslog
set daemon 240
poll pop.gmail.com
with nodns,
with protocol POP3
user "[email protected]" there is jane here,
with password doeadeer,
with ssl, sslcertck;

A detailed explanation is given in the appendix, though fetchmail's configuration language hopefully makes it clear. Since this file contains your Gmail password, you may wish to give it restrictive read permission:

chmod 600 /etc/fetchmailrc

Testing

To test your configuration, run fetchmail as below; this should be run as root, since it reads /etc/fetchmailrc.

fetchmail -v -d0 -f /etc/fetchmailrc

Take a look at /var/log/mail.log (e.g., using less /var/log/mail.log) to see that the connection was successful.

Restart fetchmail

Once your configuration is working, you can restart fetchmail with

/etc/init.d/fetchmail start

Appendix

Debconf choices for main.cf above

For the record, the main.cf above was created with dpkg-reconfigure postfix with the following selections:

General type of configuration: Satellite system
Mail for root: <blank> (default)
Mail name: localhost (default)
SMTP relay host: <blank> (default is smtp.localdomain)
Other destinations to accept mail for: localhost, localhost.localdomain, localhost (default)
Synchronous updates: no (default)
Local networks: 127.0.0.0/8 (default)
Mailbox size limit: 0 (default)
Local address extension character: + (default)
Internet protocols to use: all (default)

Explanation of /etc/postfix/main.cf

Only the non-debconf lines are explained. For much more, run man 5 postconf or visit [1].

smtp_tls_loglevel=1

Basic logging of connections to smtp.gmail.com.

smtp_tls_security_level=encrypt

Require an encrypted TLS connection to smtp.gmail.com. It would be preferable to use the verify level, but this did not work.

smtp_sasl_auth_enable=yes

Enable SMTP authentication.

smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd

Where the SMTP authentication data is to be found.

smtp_sasl_security_options = noanonymous

This one is a bit obscure: by specifying noanonymous, one allows plaintext passwords to be sent (I think noplaintext is the next level "up" from noanonymous). Gmail's SMTP server apparently accepts plaintext authentication only.

smtp_generic_maps=hash:/etc/postfix/generic

Where the generic mapping data is to be found.

relayhost=[smtp.gmail.com]:587

Address and port number for SMTP connections. Putting the hostname in square brackets means it is interpreted as a hostname, rather than a mail name (as I understand it, Postfix uses "normal" DNS records rather than MX records when square brackets are used).

Explanation of /etc/fetchmailrc

Run man fetchmail for details. Fetchmail's configuration language has the interesting property of ignoring some words (like "with") and punctuation (like the comma and semicolon).

set syslog

Log messages to syslog; fetchmail messages will appear in /var/log/mail.log.

set daemon 240

Check for mail every 240 seconds.

poll pop.gmail.com

Each account entry starts with keyword "poll", followed by the server hostname.

with nodns,

This is probably unnecessary.

with protocol POP3

Connect to pop.gmail.com mail using the POP3 protocol.

user "[email protected]" there is jane here,

Login to the POP3 server with username "[email protected]"; deliver mail to local user "jane".

with password doeadeer,

The POP3 password is "doeadeer".

with ssl, sslcertck;

Use SSL in communicating to the POP3 server, and verify that the certificate is valid. fetchmail uses the certificates provided by the ca-certificates packages for this.

Verifying the Gmail SMTP server certificate

The configuration above does not verify the certificate of the Gmail SMTP server. This would be very easy to do but for Bug 118963 If you need this verification, you can either read reference 2 above, which shows you how to download and install the certificate yourself, or you can do something like this:

mkdir /var/spool/postfix/certs
cp /etc/ssl/certs/* /var/spool/postfix/certs

Then, in main.cf, change the smtp_tls_security_level line and add an smtp_tls_CApath line as follows:

smtp_tls_security_level=verify
smtp_tls_CApath=/certs

This might need to be redone if you upgrade postfix (e.g., when upgrading Ubuntu).

If Nothing Is Working

If possible, check that you can access the Gmail SMTP and POP3 services with a client like Thunderbird; Google provide complete instructions for setting up Thunderbird here. You can try port 465 instead of 587 for SMTP. You can do a check that SMTP connections can be made using stunnel, as follows:

stunnel -v 2 -c -n smtp -f -r smtp.gmail.com:587

You should see something like this:

2007.10.15 22:10:13 LOG5[9230:3083238176]: Using 'smtp.gmail.com.587' as tcpwrap
per service name
2007.10.15 22:10:13 LOG5[9230:3083238176]: stunnel 3.26 on i486-pc-linux-gnu PTH
READ+LIBWRAP with OpenSSL 0.9.8c 05 Sep 2006
220 mx.google.com ESMTP b30sm3913237ika
2007.10.15 22:10:15 LOG5[9230:3083238176]: VERIFY OK: depth=1, /C=ZA/ST=Western 
Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Th
awte Premium Server CA/[email protected]
2007.10.15 22:10:15 LOG5[9230:3083238176]: VERIFY OK: depth=0, /C=US/ST=Californ
ia/L=Mountain View/O=Google Inc/CN=smtp.gmail.com

Terminate this connection with Ctrl-C. You can also try testing the POP3 connection, though I had no success with this:

stunnel -v 2 -c -n pop3 -f -r pop.gmail.com:995

Note that you cannot use openssl's s_client to test the SMTP connection; Gmail's SMTP server requires the client to begin communications with HELO (or EHLO), while s_client jumps straight to STARTTLS.

个人工具

“UbuntuHelp:GmailPostfixFetchmail”的版本间的差异 - Ubuntu中文

搜索

导航

编辑

工具

“UbuntuHelp:GmailPostfixFetchmail”的版本间的差异

来自Ubuntu中文

2007年11月30日 (五) 17:27的版本

目录

Introduction

Assumed reader knowledge

References

Packages needed

Setting up your Gmail account

Example username

Configuring Postfix

Stop Postfix

/etc/postfix/main.cf

/etc/postfix/generic and /etc/postfix/generic.db

/etc/postfix/sasl/passwd and /etc/postfix/sasl/passwd.db

Start or reload Postfix

Testing

Potential Postfix problems

Cannot find password

No mechanism available

Configuring Fetchmail

Stop the fetchmail service

/etc/fetchmail.rc

Testing

Restart fetchmail

Appendix

Debconf choices for main.cf above

Explanation of /etc/postfix/main.cf

Explanation of /etc/fetchmailrc

Verifying the Gmail SMTP server certificate

If Nothing Is Working

@@ 第1行： / 第1行： @@
 {{From|https://help.ubuntu.com/community/GmailPostfixFetchmail}}
 {{Languages|UbuntuHelp:GmailPostfixFetchmail}}
 == Introduction ==
 This page is for those who wish to use Postfix and Fetchmail to access
 a single Gmail account.
 The setup presented here is limited: it is intended for a machine with
 a single user who wishes to read and send e-mail using an
 old-fashioned client such as mutt or Emacs GNUS.
 The setup presented is intended to be as simple and as close to a
 standard Ubuntu configuration as possible.
 The Postfix setup does ''not'' verify the Gmail SMTP server
 certificate; the reason for this is discussed in the appendix.
 If you use Evolution or a similar modern e-mail client, you do not
 need to use this setup: your client can connect directly to the Gmail
@@ 第23行： / 第16行： @@
 UsingGmailWithEvolution.  For help with Thunderbird, see Google's help
 at http://mail.google.com/support/bin/answer.py?answer=38343
 === Assumed reader knowledge ===
 You should be familiar with package installation, and be able to edit
 text configuration files.
 You should also be familiar with terms like POP3, SMTP and SSL.
 === References ===
 * http://prantran.blogspot.com/2007/01/getting-postfix-to-work-on-ubuntu-with.html
 * http://souptonuts.sourceforge.net/postfix_tutorial.html
@@ 第38行： / 第26行： @@
 * http://www.postfix.com/SASL_README.html
 * http://www.postfix.com/ADDRESS_REWRITING_README.html
 == Packages needed ==
 You will need the postfix and fetchmail packages.  See
 InstallingSoftware for more on installing packages.
 == Setting up your Gmail account ==
 You will need to enable POP access for your Gmail account.  See
 UsingGmailWithEvolution for more.
 == Example username ==
 In all the examples below, I've assumed that the username on the
 Ubuntu system is <code><nowiki>jane</nowiki></code>, and that the Gmail username is
@@ 第56行： / 第38行： @@
 replace these with your local username, your Gmail username and Gmail
 password as appropriate.
 == Configuring Postfix ==
 To setup Postfix, you will need to create 5 files:
 * /etc/postfix/main.cf
@@ 第67行： / 第47行： @@
 You will need root access to create and edit these files; see RootSudo
 for more on gaining root access.
 === Stop Postfix ===
 It's not necessary to do so, but if you wish to stop Postfix while
 configuring, run (as root)
@@ 第75行： / 第53行： @@
 /etc/init.d/postfix stop
 </nowiki></pre>
 === /etc/postfix/main.cf ===
 When you install Postfix you will be prompted to make configuration
 choices.  You can choose "No configuration"; in this case no
@@ 第83行： / 第59行： @@
 below.  The configuration choices used to create it are listed in the
 Appendix.
 This is the Postfix configuration file /etc/postfix/main.cf:
 <pre><nowiki>
 # See /usr/share/postfix/main.cf.dist for a commented, more complete version
 # Debian specific:  Specifying a file name will cause the first
 # line of that file to be used as the name.  The Debian default
 # is /etc/mailname.
 #myorigin = /etc/mailname
 smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
 biff = no
 # appending .domain is the MUA's job.
 append_dot_mydomain = no
 # Uncomment the next line to generate "delayed mail" warnings
 #delay_warning_time = 4h
 # TLS parameters
 smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
@@ 第110行： / 第78行： @@
 smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
 smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
 # information on enabling SSL in the smtp client.
 myhostname = localhost
 alias_maps = hash:/etc/aliases
@@ 第124行： / 第90行： @@
 inet_interfaces = loopback-only
 inet_protocols = all
 smtp_tls_loglevel=1
 smtp_tls_security_level=encrypt
@@ 第131行： / 第95行： @@
 smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd
 smtp_sasl_security_options = noanonymous
 smtp_generic_maps=hash:/etc/postfix/generic
 relayhost=[smtp.gmail.com]:587
 </nowiki></pre>
 An explanation of each non-standard line (following the comment "non
 debconf entries start here") is given in the Appendix.
 === /etc/postfix/generic and /etc/postfix/generic.db ===
 The generic file tells Postfix how to map local e-mail addresses to
 Internet addresses when mail is sent via SMTP.  Postfix rewrites
 "From:" headers to make e-mail appear to come from
 <code><nowiki>[email protected]</nowiki></code> instead of <code><nowiki>jane@localhost</nowiki></code>.
 The /etc/postfix/generic is a plain text file, and should look as
 follows:
@@ 第152行： / 第110行： @@
 jane@localhost  [email protected]
 </nowiki></pre>
 /etc/postfix/generic.db is generated from this using the postmap command:
 <pre><nowiki>
@@ 第158行： / 第115行： @@
 postmap generic
 </nowiki></pre>
 === /etc/postfix/sasl/passwd and /etc/postfix/sasl/passwd.db ===
 The passwd file contains your Gmail password.  Like
 /etc/postfix/generic file discussed above, it is a plain text file;
@@ 第167行： / 第122行： @@
 [smtp.gmail.com]:587    [email protected]:doeadeer
 </nowiki></pre>
 To create passwd.db, and set ownership and permissions appropriately,
 run the following commands:
@@ 第176行： / 第130行： @@
 chmod 600 passwd passwd.db
 </nowiki></pre>
 === Start or reload Postfix ===
 If you previously stopped Postfix, restart it with
 <pre><nowiki>
 /etc/init.d/postfix start
 </nowiki></pre>
 If you didn't stop Postfix, force it to reload its configuration with
 <pre><nowiki>
 postfix reload
 </nowiki></pre>
 === Testing ===
 Postfix provides a means of testing its address rewriting rules using
 the sendmail command with the '-bv' option.  If the mail would be sent
@@ 第196行： / 第145行： @@
 to connect and authenticate to smtp.gmail.com, which makes it a
 convenient way to test the Postfix setup.
 One possibly inconvenient feature of sendmail -bv is that the result
 is mailed to the user who ran the command; thus, if mail is utterly
 misconfigured, you will never receive the result.  If you suspect this
 is the case, you can check /var/log/mail.log to see what went wrong.
 To check that basic delivery works, run the following command as a
 normal user (replacing "jane", as elsewhere, with your username):
@@ 第210行： / 第157行： @@
 <pre><nowiki>
 This is the mail system at host localhost.
 Enclosed is the mail delivery report that you requested.
 The mail system
 <jane@localhost> (expanded from <jane>): delivery via local: delivers to mailbox
 </nowiki></pre>
 If this didn't work, make sure that Postfix is running.
 To check that Postfix can successfully connect to gmail, run
 <pre><nowiki>
@@ 第226行： / 第169行： @@
 <pre><nowiki>
 This is the mail system at host localhost.
 Enclosed is the mail delivery report that you requested.
 The mail system
 <[email protected]>: delivery via smtp.gmail.com[66.249.91.109]:587: 250 2.1.5 OK
 </nowiki></pre>
 Potential problems with this are discussed in the following section.
 === Potential Postfix problems ===
 ==== Cannot find password ====
 If you get an error message like this:
 <pre><nowiki>
@@ 第245行： / 第182行： @@
 c24sm1773006ika (in reply to MAIL FROM command)
 </nowiki></pre>
 then Postfix cannot figure out what password to send gmail; make sure
 that the smtp_sasl_password_maps entry in /etc/postfix/main.cf is
 correct, that /etc/postfix/sasl/passwd is correct, and that you've
 created /etc/postfix/sasl/passwd.db.
 ==== No mechanism available ====
 If you get an error message like this:
 <pre><nowiki>
@@ 第260行： / 第194行： @@
 you have probably forgotten the smtp_sasl_security_options line in
 /etc/postfix/main.cf.
 == Configuring Fetchmail ==
 The setup presented here configures the system-wide fetchmail service,
 which is by default always running; for this use /etc/fetchmailrc is
@@ 第268行： / 第200行： @@
 user you should use ~/.fetchmailrc; that case is not further discussed
 here.
 Unlike the Postfix setup above, the fetchmail configuration presented here ''will''
 verify the Gmail POP3 server's certificate.
 === Stop the fetchmail service ===
 To stop fetchmail while configuring it, run
 <pre><nowiki>
 /etc/init.d/fetchmail stop
 </nowiki></pre>
 === /etc/fetchmail.rc ===
 The file /etc/fetchmailrc should look as follows:
 <pre><nowiki>
 set syslog
 set daemon 240
 poll pop.gmail.com
 with nodns,
@@ 第294行： / 第219行： @@
 with ssl, sslcertck;
 </nowiki></pre>
 A detailed explanation is given in the appendix, though fetchmail's
 configuration language hopefully makes it clear.
 Since this file contains your Gmail password, you may wish to give it
 restrictive read permission:
@@ 第303行： / 第226行： @@
 chmod 600 /etc/fetchmailrc
 </nowiki></pre>
 === Testing ===
 To test your configuration, run fetchmail as below; this should be run
 as root, since it reads /etc/fetchmailrc.
@@ 第311行： / 第232行： @@
 fetchmail -v -d0 -f /etc/fetchmailrc
 </nowiki></pre>
 Take a look at /var/log/mail.log (e.g., using <code><nowiki>less /var/log/mail.log</nowiki></code>)
 to see that the connection was successful.
 === Restart fetchmail ===
 Once your configuration is working, you can restart fetchmail with
 <pre><nowiki>
 /etc/init.d/fetchmail start
 </nowiki></pre>
 == Appendix ==
 === Debconf choices for main.cf above ===
 For the record, the main.cf above was created with
 dpkg-reconfigure postfix
 with the following selections:
 <pre><nowiki>
 General type of configuration: Satellite system
@@ 第344行： / 第256行： @@
 Internet protocols to use: all (default)
 </nowiki></pre>
 === Explanation of /etc/postfix/main.cf  ===
 Only the non-debconf lines are explained.  For much more, run
 <code><nowiki>man 5 postconf</nowiki></code> or visit [http://www.postfix.com/documentation.html].
 <pre><nowiki>
 smtp_tls_loglevel=1
 </nowiki></pre>
 Basic logging of connections to smtp.gmail.com.
 <pre><nowiki>
 smtp_tls_security_level=encrypt
 </nowiki></pre>
 Require an encrypted TLS connection to smtp.gmail.com.  It would be
 preferable to use the verify level, but this did not work.
 <pre><nowiki>
 smtp_sasl_auth_enable=yes
 </nowiki></pre>
 Enable SMTP authentication.
 <pre><nowiki>
 smtp_sasl_password_maps=hash:/etc/postfix/sasl/passwd
 </nowiki></pre>
 Where the SMTP authentication data is to be found.
 <pre><nowiki>
 smtp_sasl_security_options = noanonymous
 </nowiki></pre>
 This one is a bit obscure: by specifying noanonymous, one allows
 plaintext passwords to be sent (I think noplaintext is the next level
 "up" from noanonymous).  Gmail's SMTP server apparently accepts
 plaintext authentication only.
 <pre><nowiki>
 smtp_generic_maps=hash:/etc/postfix/generic
 </nowiki></pre>
 Where the generic mapping data is to be found.
 <pre><nowiki>
 relayhost=[smtp.gmail.com]:587
 </nowiki></pre>
 Address and port number for SMTP connections.  Putting the hostname in
 square brackets means it is interpreted as a hostname, rather than a
 mail name (as I understand it, Postfix uses "normal" DNS records
 rather than MX records when square brackets are used).
 === Explanation of /etc/fetchmailrc ===
 Run <code><nowiki>man fetchmail</nowiki></code> for details.  Fetchmail's configuration
 language has the interesting property of ignoring some words (like
 "with") and punctuation (like the comma and semicolon).
 <pre><nowiki>
 set syslog
 </nowiki></pre>
 Log messages to syslog; fetchmail messages will appear in
 /var/log/mail.log.
 <pre><nowiki>
 set daemon 240
 </nowiki></pre>
 Check for mail every 240 seconds.
 <pre><nowiki>
 poll pop.gmail.com
@@ 第423行： / 第312行： @@
 Each account entry starts with keyword "poll", followed by the server
 hostname.
 <pre><nowiki>
 with nodns,
 </nowiki></pre>
 This is probably unnecessary.
 <pre><nowiki>
 with protocol POP3
 </nowiki></pre>
 Connect to pop.gmail.com mail using the POP3 protocol.
 <pre><nowiki>
 user "[email protected]" there is jane here,
@@ 第439行： / 第325行： @@
 Login to the POP3 server with username "[email protected]"; deliver
 mail to local user "jane".
 <pre><nowiki>
 with password doeadeer,
 </nowiki></pre>
 The POP3 password is "doeadeer".
 <pre><nowiki>
 with ssl, sslcertck;
 </nowiki></pre>
 Use SSL in communicating to the POP3 server, and verify that the
 certificate is valid.  fetchmail uses the certificates provided by the
 ca-certificates packages for this.
 === Verifying the Gmail SMTP server certificate ===
 The configuration above does ''not'' verify the certificate of the
 Gmail SMTP server.  This would be very easy to do but for
 [https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/118963 Bug 118963]
 If you need this verification, you can either read
 [http://souptonuts.sourceforge.net/postfix_tutorial.html reference 2]
 above, which shows you how to download and install the certificate
 yourself, or you can do something like this:
 <pre><nowiki>
 mkdir /var/spool/postfix/certs
 cp /etc/ssl/certs/* /var/spool/postfix/certs
 </nowiki></pre>
 Then, in main.cf, change the smtp_tls_security_level line and add an
 smtp_tls_CApath line as follows:
@@ 第475行： / 第353行： @@
 smtp_tls_CApath=/certs
 </nowiki></pre>
 This might need to be redone if you upgrade postfix (e.g., when
 upgrading Ubuntu).
 === If Nothing Is Working ===
 If possible, check that you can access the Gmail SMTP and POP3
 services with a client like Thunderbird; Google provide complete
 instructions for setting up Thunderbird
 [http://mail.google.com/support/bin/answer.py?answer=38343 here].
 You can try port 465 instead of 587 for SMTP.
 You can do a check that SMTP connections can be made using stunnel, as
 follows:
@@ 第493行： / 第366行： @@
 stunnel -v 2 -c -n smtp -f -r smtp.gmail.com:587
 </nowiki></pre>
 You should see something like this:
 <pre><nowiki>
@@ 第507行： / 第379行： @@
 ia/L=Mountain View/O=Google Inc/CN=smtp.gmail.com
 </nowiki></pre>
 Terminate this connection with Ctrl-C.
 You can also try testing the POP3 connection, though I had no success
 with this:
@@ 第515行： / 第385行： @@
 stunnel -v 2 -c -n pop3 -f -r pop.gmail.com:995
 </nowiki></pre>
 Note that you ''cannot'' use openssl's s_client to test the SMTP
 connection; Gmail's SMTP server requires the client to begin
 communications with HELO (or EHLO), while s_client jumps straight to
 STARTTLS.
 ----
 [[category:CategoryDocumentation]] [[category:CategoryCleanup]]
 [[category:UbuntuHelp]]

	隐私政策关于Ubuntu中文免责声明
	Mozilla Cavendish Theme based on Cavendish style by Gabriel Wicke modified by DaSch for the Web Community Wiki github Projectpage – Report Bug – Skin-Version: 2.3.4