ISPConfig 3 + Squeeze – SSL/TLS 465 SMTP Fail
Source: howtoforge.com
Hi there.
New install of ISPConfig 3 on Debian Squeeze [previously on Lenny]
Created using: http://www.ispconfig.org/news/tutorial-the-perfect-server-debian-squeeze-debian-6-0-with-bind-courier-ispconfig-3/
Previous server used:
Port: 465 Connection security: SSL/TLS Authentication method: normal password
If I try to use these setting on this fresh install [complete format with previous back up files stored on a seperate drive] I get the following error:
Sending of message failed.
The message could not be sent because connecting to SMTP server mail.myserver.com (changed from real name – error has correct name) failed. The server may be unavailable or is refusing SMTP connections. Please verify that your SMTP server settings are correct and try again, or contact the server administrator.
I can send using:
Port: 25 Connection security: STARTTLS Authentication method: normal password
No errors appear in mail.log or mail.err
I’ve compared the master.cf pre/post [original/current]
Differing section appears to be:
Original
smtp inet n - - - - smtpd submission inet n - - - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticate d,reject -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticate d,reject -o milter_macro_daemon_name=ORIGINATING
Current
smtp inet n - - - - smtpd #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticate d,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticate d,reject # -o milter_macro_daemon_name=ORIGINATING
main.cf has a couple of minor differences
Original
smtpd_tls_CAfile = /etc/postfix/cert.pem
*This line is missing in the current main.cf
Current
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth
*These lines do not appear in the original main.cf
No firewall rules are set to block ports.
hopefully I’ve provided enough detail.