HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   SSL with SMTP (http://www.howtoforge.com/forums/showthread.php?t=1161)

phantomk 7th November 2005 10:11

SSL with SMTP
 
I am trying to figure out why SSL is not working for my setup when I try to send email via a 3rd party application, such as Thunderbird. TLS and regular smtp through port 25 work perfectly, but whenever I try to use SSL on port 465, the port is open, I get a smtp server connection error.

I have used the Perfect Debian Sarge howto found in the howto directory, great howto by the way ;) Any help is apprecieated in this puzzleing problem :S

Confused as can be,
PK

till 7th November 2005 10:51

Plaese have a look at the mail log. (/var/log/mail.log) if you get any errors there when you connect on port 465.

phantomk 7th November 2005 19:48

Nothing appears inside any of the mail logs when I try to connect :S Odd, you think something might appear...

I checked:
/var/log/mail.err
/var/log/mail.info
/var/log/mail.log
/var/log/mail.warn

On a side note, how would I regenerate the SSL certificates to change the owner from "localhost" to "mail.my_domain.com" ?

falko 8th November 2005 10:45

Quote:

Originally Posted by phantomk
Nothing appears inside any of the mail logs when I try to connect :S Odd, you think something might appear...

I checked:
/var/log/mail.err
/var/log/mail.info
/var/log/mail.log
/var/log/mail.warn

Is it maybe your firewall that blocks accesses to port 465?

phantomk 8th November 2005 15:00

I made sure that the port is open, it was blocked the first time I tried it, but it turned out not to be the issue :S

Here is the result of "netstat -tap"
Quote:

Originally Posted by netstat -tap
debian:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:imaps *:* LISTEN 5942/couriertcpd
tcp 0 0 *:pop3s *:* LISTEN 5857/couriertcpd
tcp 0 0 localhost.localdo:10024 *:* LISTEN 4210/amavisd (maste
tcp 0 0 localhost.localdo:10025 *:* LISTEN 4320/master
tcp 0 0 localhost.localdo:mysql *:* LISTEN 2609/mysqld
tcp 0 0 *:pop3 *:* LISTEN 5800/couriertcpd
tcp 0 0 *:imap2 *:* LISTEN 5893/couriertcpd
tcp 0 0 *:www *:* LISTEN 6263/apache2
tcp 0 0 *:8181 *:* LISTEN 6263/apache2
tcp 0 0 mail.*******.com:domain *:* LISTEN 4873/named
tcp 0 0 debian.*******.c:domain *:* LISTEN 4873/named
tcp 0 0 localhost.locald:domain *:* LISTEN 4873/named
tcp 0 0 *:ssh *:* LISTEN 707/sshd
tcp 0 0 *:smtp *:* LISTEN 4320/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 4873/named
tcp 0 0 *:https *:* LISTEN 6263/apache2
tcp 0 300 debian.*******.com:ssh ***.***>**.**:4584 ESTABLISHED 24974/sshd
tcp 0 0 debian.*******.com:ssh ***.***>**.**:4585 ESTABLISHED 24978/sshd


falko 8th November 2005 16:23

There's nothing running on port 465...

phantomk 8th November 2005 18:13

I thought The Perfect Setup - Debian Sarge (3.1) guide also setup a ssl smtp connection ?

How would I go about setting up a SSL connection for smtp ? Also how would I go about changeing the certificate owner, currently it reads:
Quote:

You have attempted to establish a connection with "mail.*****.com". However, the security certificate presented belonts to "localhost". etc ....
When I retrieve my e-mail through a pop3 or imap SSL connection.

falko 8th November 2005 20:06

Quote:

Originally Posted by phantomk
I thought The Perfect Setup - Debian Sarge (3.1) guide also setup a ssl smtp connection ?

No, it's a TLS connection that uses port 25.

Quote:

Originally Posted by phantomk
How would I go about setting up a SSL connection for smtp ?

You can use TLS by telling your email client to use a secure connection.

Quote:

Originally Posted by phantomk
Also how would I go about changeing the certificate owner, currently it reads:

When I retrieve my e-mail through a pop3 or imap SSL connection.

To create other TLS certificates, simply re-run the steps from the tutorial.
To create new POP3/IMAP certificates, have a look here: http://www.howtoforge.com/forums/showthread.php?t=1168

phantomk 8th November 2005 22:52

Thanks :) The post you pointed me too solved the certificate problem :)

I thought TLS was less secure :S That's why I was asking about the SSL connection.

falko 8th November 2005 23:18

Quote:

Originally Posted by phantomk
I thought TLS was less secure :S That's why I was asking about the SSL connection.

No, TLS is secure. :)


All times are GMT +2. The time now is 14:07.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.