
一番寻找之后发现了大家口碑不错的搜狐SendCloud服务,看了看文档,价格实惠用起来也方便,于是准备使用它做邮件发送服务器。按照文档的配置一步步走下来发现在发送邮件的时候竟然出错了,错误提示是“unencrypted connection”,奇怪了。

由于用的是smtp包的PLAIN认证方式,所以打开源代码看了看(SublimeText3+GoSublime里ctrl+. ctrl+a输入包名和结构名直接查看源代码,谁用谁喜欢),发现这里要求使用加密连接,否则就会出上述错误。恩,也能理解,毕竟这里明文发送密码了。关键代码如下。

auth := smtp.PlainAuth("", Config.Username, Config.Password, Config.Host)
smtp.SendMail(addr, auth, from, to, []byte(self.String()))


// Auth is implemented by an SMTP authentication mechanism.
type Auth interface {
    // Start begins an authentication with a server.
    // It returns the name of the authentication protocol
    // and optionally data to include in the initial AUTH message
    // sent to the server. It can return proto == "" to indicate
    // that the authentication should be skipped.
    // If it returns a non-nil error, the SMTP client aborts
    // the authentication attempt and closes the connection.
    Start(server *ServerInfo) (proto string, toServer []byte, err error)

    // Next continues the authentication. The server has just sent
    // the fromServer data. If more is true, the server expects a
    // response, which Next should return as toServer; otherwise
    // Next should return toServer == nil.
    // If Next returns a non-nil error, the SMTP client aborts
    // the authentication attempt and closes the connection.
    Next(fromServer []byte, more bool) (toServer []byte, err error)


// SendMail connects to the server at addr, switches to TLS if
// possible, authenticates with the optional mechanism a if possible,
// and then sends an email from address from, to addresses to, with
// message msg.
func SendMail(addr string, a Auth, from string, to []string, msg []byte) error



type plainAuth struct {
    identity, username, password string
    host                         string

func UnEncryptedPlainAuth(identity, username, password, host string) Auth {
    return &plainAuth{identity, username, password, host}

func (a *plainAuth) Start(server *ServerInfo) (string, []byte, error) {
    if !server.TLS {
        advertised := false
        for _, mechanism := range server.Auth {
            if mechanism == "PLAIN" {
                advertised = true
        if !advertised {
            return "", nil, errors.New("unencrypted connection")
    if server.Name != a.host {
        return "", nil, errors.New("wrong host name")
    resp := []byte(a.identity + "\x00" + a.username + "\x00" + a.password)
    return "PLAIN", resp, nil

func (a *plainAuth) Next(fromServer []byte, more bool) ([]byte, error) {
    return nil, nil


auth := UnEncryptedPlainAuth("", Config.Username, Config.Password, Config.Host)
smtp.SendMail(addr, auth, from, to, []byte(self.String()))

恩,还是出错,这次的错误变成“unrecognized command”,看来是SendCloud的服务器并不支持这种验证方式。于是我打开它的文档,发现smtp使用介绍的页面有几种语言的范例代码,看了看Python的代码后发现SendCloud应该用的是Login认证。好吧,之前是犯了经验主义错误了。


C:auth login ------------------------------------------------- 进行用户身份认证
S:334 VXNlcm5hbWU6 ----------------------------------- BASE64编码“Username:”
C:Y29zdGFAYW1heGl0Lm5ldA== ----------------------------------- 用户名,使用BASE64编码
S:334 UGFzc3dvcmQ6 -------------------------------------BASE64编码"Password:"
C:MTk4MjIxNA== ----------------------------------------------- 密码,使用BASE64编码
S:235 auth successfully -------------------------------------- 身份认证成功


type loginAuth struct {
  username, password string

func LoginAuth(username, password string) smtp.Auth {
  return &loginAuth{username, password}

func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
  return "LOGIN", []byte{}, nil

func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) {
  if more {
    switch string(fromServer) {
    case "Username:":
      return []byte(a.username), nil
    case "Password:":
      return []byte(a.password), nil
  return nil, nil


auth := LoginAuth(Config.Username, Config.Password)
smtp.SendMail(addr, auth, from, to, []byte(self.String()))

运行,还报错,这次错误信息是 Authentication Failed,认证失败。这说明Login认证的方式是对的,但登录失败了。再三确定账号和密码的正确之后我决定用WireShark抓包看看过程。

注意看,AUTH LOGIN之后来了两条334 Password,咦?这里不应该是先来Username接着来Password的吗?为什么是来了两次Password。难道是LOGIN协议改了?

为了确认登陆过程,我用SendCloud文档中Python的代码跑了一遍,终于发现了不同。原来,在发送AUTH LOGIN之后需要带上Username。修改LoginAuth的Start函数。

func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
  return "LOGIN", []byte{}, nil
  return "LOGIN", []byte(a.username), nil



