doucang2831 2014-09-22 17:29
浏览 423
已采纳

Go smtp.SendMail的X509证书问题

When using Go's smtp.SendMail to send an email to support@groupsio.zendesk.com, I get the following error:

x509: certificate is valid for mx.zendesk.com, www.mx.zendesk.com, not mail.pod-4.int.zendesk.com

Before calling SendMail, I do an MX lookup on groupsio.zendesk.com, which returns mail.pod-4.int.zendesk.com. So, the address I pass into SendMail is mail.pod-4.int.zendesk.com:25.

This used to work, but something broke and I can't figure out what's wrong. If I send a message to support@groupsio.zendesk.com from Gmail, it works fine.

  • 写回答

1条回答 默认 最新

  • dongwen7187 2014-09-22 20:01
    关注

    Using http://www.checktls.com/, it's clear that the Zendesk TLS cert is incorrect in that it doesn't specify that mail.pod-4 host. But, you can still use the cert to encrypt the message; you just may be susceptible to man-in-the-middle attacks.

    The Go TLS library has a config flag, InsecureSkipVerify, that when set to true, will go ahead with this certificate/host combo. There's no way to specify that flag at the smtp.SendMail level. If you wish to go ahead and send the email anyways, you need to clone the smtp library, and within smtp.SendMail, on line 283, set the InsecureSkipVerify flag to true.

    It's unclear to me if Gmail is functionally doing this, or if I'm missing a detail somewhere.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 树莓派与pix飞控通信
  • ¥15 自动转发微信群信息到另外一个微信群
  • ¥15 outlook无法配置成功
  • ¥30 这是哪个作者做的宝宝起名网站
  • ¥60 版本过低apk如何修改可以兼容新的安卓系统
  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题