Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 13th June 2006, 18:39
cctex10 cctex10 is offline
Junior Member
 
Join Date: Jun 2006
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default Security Error: Domain Name Mismatch

I am getting this security error after accepting the cert...

I am using "Mozilla Thunderbird" when i get the error
_________________________________
Security Error: Domain Name Mismatch

You have attempted to establish a connection with "mail.newsporemedia.com". However, the security certificate presented belongs to "nEw Spore Media". It is possible, though unlikely, that someone may be trying to intercept your communication with this web site.

If You suspect the certificate shown does not belong to "mail.newsporemedia.com", please cancel the connection and notify the site administrator.
_________________________________


Here is My main.cf
Code:
# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
#virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_domains = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = mail.$mydomain
program_directory = /usr/lib/postfix
inet_interfaces = all
masquerade_domains =
#mydestination = $myhostname, localhost.$mydomain
defer_transports =
mynetworks_style = subnet
disable_dns_lookups = no
relayhost =
mailbox_command =
mailbox_transport =
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes
smtp_use_tls = yes
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
mydomain = newsporemedia.com
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names
mynetworks = 127.0.0.0/8
________________________________
Here is My local-host-names
Code:
###################################
#
# ISPConfig local-host-names Configuration File
#         Version 1.0
#
###################################
localhost
mail.newsporemedia.com
s1.newsporemedia.com
localhost.s1.newsporemedia.com
localhost.newsporemedia.com
www.newsporemedia.com
newsporemedia.com
webmail.newsporemedia.com
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####
Reply With Quote
Sponsored Links
  #2  
Old 13th June 2006, 18:42
cctex10 cctex10 is offline
Junior Member
 
Join Date: Jun 2006
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default THis is the Orginal

This is the orginal code that the "Perf SUSE 10.1 Setup told me to use"
But it does not work....

Code:
postconf -e 'mydomain = example.com'
postconf -e 'myhostname = server1.$mydomain'
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains'
postconf -e 'inet_interfaces = all'
postconf -e 'alias_maps = hash:/etc/aliases'
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
Reply With Quote
  #3  
Old 14th June 2006, 00:13
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

Simply recreate a new certificate (as described in the tutorial), and when it asks you for the common name, you must enter mail.newsporemedia.com, not nEw Spore Media.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 14th June 2006, 19:26
cctex10 cctex10 is offline
Junior Member
 
Join Date: Jun 2006
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default You Da Man!!!

Thanks You Da MAN!
Reply With Quote
  #5  
Old 25th July 2007, 14:16
mi5hu mi5hu is offline
Junior Member
 
Join Date: Jul 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i have a similar situation with virtual hosting

for first domain i recreate the certificate, but for the second i receive "domain name mismatch" (in my email client)

I have to make 2 certificates?
Reply With Quote
  #6  
Old 26th July 2007, 19:30
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

What's the hostname you use in your Postfix configuration? You can see it when you run
Code:
telnet localhost 25
Please create a certificate for that hostname.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security risk through Co-Domains hastlaug Installation/Configuration 5 24th April 2006 09:32
Are there any security bugs? MvincM General 3 21st April 2006 17:54
Anything Security Related sbovisjb1 Forum Suggestions 2 6th April 2006 16:55
Possible security problem bjmg General 2 15th March 2006 18:33
ProFTPD potential security hole domino Server Operation 3 19th August 2005 03:25


All times are GMT +2. The time now is 15:14.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.