접미사 오류: 호스팅 테넌트에 구성된 수신자 도메인에 대해 TLS, 빈 인증서 및 인증되지 않은 메시지가 수신되지 않았습니다.

이전에는 Postfix에서 오류가 발생하여 오류가 발생했습니다.[No TLS]

Jul 14 10:37:38 q03pmds postfix/smtp[81151]: A02F3FF9F4: host pel-com-au.mail.protection.outlook.com[104.47.71.202] said: 451 4.4.62 Mail sent to the wrong Office 365 region. ATTR35. For more information please go to https://go.microsoft.com/fwlink/?linkid=865268 [No TLS] [ME3AUS01FT018.eop-AUS01.prod.protection.outlook.com 2023-07-14T00:37:38.115Z 08DB8303CE4A917A] (in reply to end of DATA command)

서명 인증서를 생성하고 다음과 같이 Postfix 구성 파일에 추가했습니다.

smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_security_level = may
smtp_tls_security_level = may

그러나 나는 지금[ValidationStatus of '' is EmptyCertificate]

(host epl-com-au.mail.protection.outlook.com[104.47.71.202] said: 451 4.4.62 Mail sent to the wrong Office 365 region. ATTR35. For more information please go to https://go.microsoft.com/fwlink/?linkid=865268 [ValidationStatus of '' is EmptyCertificate] [ME3AUS01FT009.eop-AUS01.prod.protection.outlook.com 2023-07-17T00:39:37.165Z 08DB85E60F9C36B4] (in reply to end of DATA command))

(host epl-com-au.mail.protection.outlook.com[104.47.71.138] said: 451 4.4.62 Mail sent to the wrong Office 365 region. ATTR35. For more information please go to https://go.microsoft.com/fwlink/?linkid=865268 [ValidationStatus of '' is EmptyCertificate] [SY4AUS01FT012.eop-AUS01.prod.protection.outlook.com 2023-07-17T00:39:37.165Z 08DB858C5B8F4556] (in reply to end of DATA command))

(host epl-com-au.mail.protection.outlook.com[104.47.71.138] said: 451 4.4.62 Mail sent to the wrong Office 365 region. ATTR35. For more information please go to https://go.microsoft.com/fwlink/?linkid=865268 [ValidationStatus of '' is EmptyCertificate] [SY4AUS01FT011.eop-AUS01.prod.protection.outlook.com 2023-07-17T00:39:37.375Z 08DB864D666BFE0D] (in reply to end of DATA command))

(host epl-com-au.mail.protection.outlook.com[104.47.71.202] said: 451 4.4.4 Mail received as unauthenticated, incoming to a recipient domain configured in a hosted tenant which has no mail-enabled subscriptions. ATTR5 [ME3AUS01FT004.eop-AUS01.prod.protection.outlook.com 2023-07-17T00:39:37.237Z 08DB85FB7229EDD0] (in reply to end of DATA command))

(host epl-com-au.mail.protection.outlook.com[104.47.71.138] said: 451 4.4.4 Mail received as unauthenticated, incoming to a recipient domain configured in a hosted tenant which has no mail-enabled subscriptions. ATTR5 [SY4AUS01FT024.eop-AUS01.prod.protection.outlook.com 2023-07-17T00:39:37.320Z 08DB85FB7C2C75CE] (in reply to end of DATA command))

(host epl-com-au.mail.protection.outlook.com[104.47.71.202] said: 451 4.4.62 Mail sent to the wrong Office 365 region. ATTR35. For more information please go to https://go.microsoft.com/fwlink/?linkid=865268 [ValidationStatus of '' is EmptyCertificate] [ME3AUS01FT013.eop-AUS01.prod.protection.outlook.com 2023-07-17T00:39:37.711Z 08DB860FE83B4875] (in reply to end of DATA command))

(host epl-com-au.mail.protection.outlook.com[104.47.71.138] said: 451 4.4.4 Mail received as unauthenticated, incoming to a recipient domain configured in a hosted tenant which has no mail-enabled subscriptions. ATTR5 [SY4AUS01FT010.eop-AUS01.prod.protection.outlook.com 2023-07-17T00:39:37.463Z 08DB85D292FA106C] (in reply to end of DATA command))

나도 그들 을 잔뜩 받았다 Mail received as unauthenticated, incoming to a recipient domain configured in a hosted tenant which has no mail-enabled subscriptions. ATTR5.

Postfix 서버, SPF 레코드의 이메일을 수락하도록 Office 365 커넥터를 구성하고 Postfix 서버 호스트 이름에 대한 A 레코드를 추가했습니다.

실행할 때 인증서를 얻지 못합니다.openssl s_client

 openssl s_client -connect localhost:25
CONNECTED(00000003)
140466906908560:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 289 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1689557445
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

다음을 추가하여 인증서 경고를 수정했습니다.

smtp_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtp_tls_key_file = /etc/pki/tls/private/postfix.key