我已按照说明设置 Chemicalkinetics.info 的 TXT 记录(通过 siteground 注册)。
等了几天,还是无法验证。我唯一的猜测与我在 whois 中看到的信息有关,即:
域状态:clientTransferProhibited https://icann.org/epp#clientTransferProhibited
域状态:clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
验证是否涉及“转移”?这是问题所在吗(如果是这种情况,我该如何纠正它——最好通过我的提供商 siteground)?
我在连接到我的 ssh 主机时遇到问题。我一直以详细模式收到此消息:
OpenSSH_7.2p2, LibreSSL 2.4.1
debug1: Reading configuration data /Users/me/.ssh/config
debug1: /Users/me/.ssh/config line 4: Applying options for *.ta.local
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: Connecting to <host_name> [<host_ip>] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/me/.ssh/id_ed25519 type 4
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u3
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to >host_ip>:22 as 'me'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:+Wl92PcQ6xQSAtNdxvAeBWExxDXl6NM0M4i6dUEvVA0
The authenticity of host '<host_name> (<host_ip>)' can't be established.
ECDSA key fingerprint is SHA256:+Wl92PcQ6xQSAtNdxvAeBWExxDXl6NM0M4i6dUEvVA0.
Are you sure you want to continue connecting (yes/no)?
Host key verification failed.
仅供参考:在粘贴的跟踪中,我替换了用户名、主机和 ip……以防万一有人感到困惑。
这是我的 ssh_config:
Host *
SendEnv LANG LC_*
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_ecdsa
# IdentityFile ~/.ssh/id_ed25519
# Port 22
# Protocol 2
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
我读了很多关于主机密钥自上次登录以来可能已更改的信息。因此,我已经尝试删除 known_hosts 文件中的条目,但无论使用什么 ssh 服务器,我仍然会收到该错误。
知道我在这里可能做错了什么吗?
更多信息:我最近将 mac os 更新为 sierra。也许它是相关的。
注意:电子邮件地址、域和 IP 地址已更改,以保护无辜者
当前错误:
Apr 28 23:47:32 vps01 postfix/smtp[8012]: 2A03D6285EF9: to=<[email protected]>, relay=mail.somedomain.com[162.144.93.233]:25, delay=42, delays=0.01/0.02/21/21, dsn=5.0.0, status=bounced (host mail.somedomain.com[162.144.93.233] said: 550-Verification failed for <[email protected]> 550-The mail server could not deliver mail to [email protected]. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries. 550 Sender verify failed (in reply to RCPT TO command))
我正在尝试让电子邮件在运行 Ubuntu Server 和 Apache2 的 vps 上为具有多个域的客户端工作。服务器安装了 IspConfig 3,如果它对任何人有任何影响。
我能够接收和发送电子邮件到我迄今为止尝试过的大多数域,特别是一个域除外。其他人可能失败了,我不知道。
我收到一个错误550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1),但据我所知,我已经能够通过创建 rDNS 记录并将后缀中的主机名更改为我的 FQDN 来解决这个问题。这已经发展到我目前的错误。
我已按照https://www.howtoforge.com/hardening-postfix-for-ispconfig-3上的指南强化我的后缀以防止垃圾邮件。
我已经查看了Postfix Sender Verification 550并检查了我的 MX 记录,但在我看来一切设置正确。
dig mydomain.org MX
; <<>> DiG 9.9.5-9ubuntu0.5-Ubuntu <<>> mydomain.org MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18363
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;mydomain.org. IN MX
;; ANSWER SECTION:
mydomain.org. 1199 IN MX 10 55.55.55.55. (ip address changed for security purposes)
;; Query time: 44 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Apr 28 23:54:59 CDT 2016
;; MSG SIZE rcvd: 75
我一直在使用http://mxtoolbox.com/SuperTool.aspx?action=smtp%3amydomain.org&run=toolpage#来检查一路上的问题,但它让我知道的唯一见解似乎是更长的连接和交易时间,我认为这是由于配置后屏幕。
错误期间的完整 mail.log
Apr 29 00:24:44 vps01 postfix/smtpd[9021]: connect from localhost.localdomain[127.0.0.1]
Apr 29 00:24:44 vps01 postfix/smtpd[9021]: DA4326285EF9: client=localhost.localdomain[127.0.0.1]
Apr 29 00:24:44 vps01 postfix/cleanup[9013]: DA4326285EF9: message-id=<[email protected]>
Apr 29 00:24:44 vps01 postfix/smtpd[9021]: disconnect from localhost.localdomain[127.0.0.1]
Apr 29 00:24:44 vps01 postfix/qmgr[7860]: DA4326285EF9: from=<[email protected]>, size=1671, nrcpt=1 (queue active)
Apr 29 00:24:44 vps01 amavis[8496]: (08496-10) Passed CLEAN {RelayedOpenRelay}, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: aJjfGa_rtNVH, Hits: -0.101, size: 1145, queued_as: DA4326285EF9, dkim_sd=dkim:mydomain.org, 399 ms
Apr 29 00:24:44 vps01 postfix/smtp[9018]: 669CD6285BEA: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.5, delays=0.08/0.02/0/0.4, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as DA4326285EF9)
Apr 29 00:24:44 vps01 postfix/qmgr[7860]: 669CD6285BEA: removed
Apr 29 00:25:01 vps01 postfix/postscreen[9069]: CONNECT from [::1]:44502 to [::1]:25
Apr 29 00:25:01 vps01 postfix/postscreen[9069]: WHITELISTED [::1]:44502
Apr 29 00:25:01 vps01 postfix/smtpd[9071]: connect from localhost[::1]
Apr 29 00:25:01 vps01 postfix/smtpd[9071]: lost connection after CONNECT from localhost[::1]
Apr 29 00:25:01 vps01 postfix/smtpd[9071]: disconnect from localhost[::1]
Apr 29 00:25:27 vps01 postfix/smtp[9022]: DA4326285EF9: to=<[email protected]>, relay=mail.somedomain.com[162.144.93.233]:25, delay=43, delays=0.01/0.01/22/21, dsn=5.0.0, status=bounced (host mail.somedomain.com[162.144.93.233] said: 550-Verification failed for <[email protected]> 550-The mail server could not deliver mail to [email protected]. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries. 550 Sender verify failed (in reply to RCPT TO command))
Apr 29 00:25:27 vps01 postfix/cleanup[9013]: D2C3E6285EFA: message-id=<[email protected]>
Apr 29 00:25:27 vps01 postfix/qmgr[7860]: D2C3E6285EFA: from=<>, size=4219, nrcpt=1 (queue active)
Apr 29 00:25:27 vps01 postfix/bounce[9112]: DA4326285EF9: sender non-delivery notification: D2C3E6285EFA
Apr 29 00:25:27 vps01 postfix/qmgr[7860]: DA4326285EF9: removed
Apr 29 00:25:27 vps01 dovecot: lda([email protected]): sieve: msgid=<[email protected]>: stored mail into mailbox 'INBOX'
Apr 29 00:25:27 vps01 postfix/pipe[9113]: D2C3E6285EFA: to=<[email protected]>, relay=dovecot, delay=0.06, delays=0.01/0.02/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)
Apr 29 00:25:27 vps01 postfix/qmgr[7860]: D2C3E6285EFA: removed
Apr 29 00:25:28 vps01 postfix/anvil[8945]: statistics: max connection rate 1/60s for (smtpd:64.20.227.137) at Apr 29 00:22:05
Apr 29 00:25:28 vps01 postfix/anvil[8945]: statistics: max connection count 1 for (smtpd:64.20.227.137) at Apr 29 00:22:05
Apr 29 00:25:28 vps01 postfix/anvil[8945]: statistics: max message rate 1/60s for (smtpd:64.20.227.137) at Apr 29 00:22:07
Apr 29 00:25:28 vps01 postfix/anvil[8945]: statistics: max cache size 1 at Apr 29 00:22:05
看来我没有收到RCPT TO验证用户的命令。我在网上研究过,试图解决这个问题是浪费时间,应该告诉接收域关闭验证用户,但这不是一个可用的选项。
更新
好的,我已经进行了 DNS 更改,并且新的 mx 记录主机 @ 指向 mail.mydomain.org。我已经为邮件创建了一条记录以指向我的 IP 地址。我将等待 dns 传播并重试。
我试图找到一个工具,与 Windows 上的“sfc”命令或 AIX 上的“sysck”命令不同,它可以验证文件内容、所有权和权限是否正确。“sfc”中的“替换损坏或丢失的文件”功能不是我要找的,它是“验证所有正确的部分都在正确的位置”的功能。
我正在尝试执行的任务是验证嵌入式 Linux 产品上特定软件版本的许多不同安装和升级路径是否达到相同的整体文件系统状态——所有必需的文件和目录都存在,具有正确的内容(如 md5sums 或类似内容所述),所有者、组和权限。
单个命令的集合——查找、统计、测试等——不是我要找的。我正在寻找一种工具,例如我上面提到的任何一种。
我搜索了高低,但很多搜索都出现了“fsck”,以至于任何积极的点击都被埋没了。
我们有超过一千个 Mac 客户端,并且偶尔会发布影响许多或全部客户端的更改(例如安装新软件、创建本地用户帐户或应用更新)。 我想知道您使用什么方法可以一目了然地知道您的客户端是最新的,因为我们发现当某些机器错过更新时,它对我们的反映相当差:)
发布更改:我指的是使用推出更改的系统,例如 Casper、Puppet、radmind、Apple 远程桌面,甚至是一起被黑客入侵的 ssh 授权expect脚本。
至于“一目了然”,有两个主要地方我会看一眼(特别是如果发布更改的系统中的信息不是很明显):
我想到一个简单的改变就是改变登录屏幕的背景,或者改变登录窗口上的文字。更强大的方法可能是采用标准桌面背景并制作带注释的副本(可能带有一些点或文本,以表示它所经历的更改)。[有谁知道如何做到这一点,还是我应该在此处或在 stackoverflow 上将其作为一个单独的问题提出?]
另一个简单的更改是设置四个 ARD 字段之一,如下所示:
defaults write /Library/Preferences/com.apple.RemoteDesktop Text4 "`date +%Y-%m-%d`"
那么,你如何知道你的客户是最新的(或者,如果你知道怎么做,你想做什么?)