История изменений
Исправление Pinkbyte, (текущая версия) :
Ты стучишься на smtp.gmail.com, а почтовики будут стучаться на адрес, указанный в MX записи gmail.com.
А они, ВНЕЗАПНО, разные!
pinkbyte@oas1 ~ $ dig MX gmail.com
; <<>> DiG 9.16.15 <<>> MX gmail.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57719
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;gmail.com. IN MX
;; ANSWER SECTION:
gmail.com. 3599 IN MX 5 gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 40 alt4.gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 30 alt3.gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 20 alt2.gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 10 alt1.gmail-smtp-in.l.google.com.
;; Query time: 42 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Чт авг 19 14:44:13 MSK 2021
;; MSG SIZE rcvd: 161
pinkbyte@oas1 ~ $ openssl s_client -host gmail-smtp-in.l.google.com. -port 25 -starttls smtp
CONNECTED(00000003)
<skipped cert data>
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 5177 bytes and written 406 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
250 SMTPUTF8
EHLO test.pinkbyte.ru
---
<skipped ticket data>
read R BLOCK
250-mx.google.com at your service, [my_ip]
250-SIZE 157286400
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8
MAIL FROM:<test@test.pinkbyte.ru>
250 2.1.0 OK u15si3835122lfs.475 - gsmtp
test.pinkbyte.ru даже в DNS-е нет, так что как видишь - на этом этапе никакие проверки еще не сработали(скорее всего они стреляют после получения DATA)
Исходная версия Pinkbyte, :
Ты стучишься на smtp.gmail.com, а почтовики будут стучаться на адрес, указанный в MX записи gmail.com.
А они, ВНЕЗАПНО, разные!
pinkbyte@oas1 ~ $ dig MX gmail.com
; <<>> DiG 9.16.15 <<>> MX gmail.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57719
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;gmail.com. IN MX
;; ANSWER SECTION:
gmail.com. 3599 IN MX 5 gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 40 alt4.gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 30 alt3.gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 20 alt2.gmail-smtp-in.l.google.com.
gmail.com. 3599 IN MX 10 alt1.gmail-smtp-in.l.google.com.
;; Query time: 42 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Чт авг 19 14:44:13 MSK 2021
;; MSG SIZE rcvd: 161
pinkbyte@oas1 ~ $ openssl s_client -host gmail-smtp-in.l.google.com. -port 25 -starttls smtp
CONNECTED(00000003)
<skipped cert data>
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 5177 bytes and written 406 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
250 SMTPUTF8
EHLO test.pinkbyte.ru
---
<skipped ticket data>
read R BLOCK
250-mx.google.com at your service, [my_ip]
250-SIZE 157286400
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8