Navigation

phantomk · #1 7th November 2005, 09:11

I am trying to figure out why SSL is not working for my setup when I try to send email via a 3rd party application, such as Thunderbird. TLS and regular smtp through port 25 work perfectly, but whenever I try to use SSL on port 465, the port is open, I get a smtp server connection error.

I have used the Perfect Debian Sarge howto found in the howto directory, great howto by the way

Any help is apprecieated in this puzzleing problem :S

Confused as can be,
PK

till · #2 7th November 2005, 09:51

Plaese have a look at the mail log. (/var/log/mail.log) if you get any errors there when you connect on port 465.

phantomk · #3 7th November 2005, 18:48

Nothing appears inside any of the mail logs when I try to connect :S Odd, you think something might appear...

I checked:
/var/log/mail.err
/var/log/mail.info
/var/log/mail.log
/var/log/mail.warn

On a side note, how would I regenerate the SSL certificates to change the owner from "localhost" to "mail.my_domain.com" ?

falko · #4 8th November 2005, 09:45

Quote:

Originally Posted by phantomk

Nothing appears inside any of the mail logs when I try to connect :S Odd, you think something might appear...

I checked:
/var/log/mail.err
/var/log/mail.info
/var/log/mail.log
/var/log/mail.warn

Is it maybe your firewall that blocks accesses to port 465?

phantomk · #5 8th November 2005, 14:00

I made sure that the port is open, it was blocked the first time I tried it, but it turned out not to be the issue :S

Here is the result of "netstat -tap"

Quote:

Originally Posted by netstat -tap

debian:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:imaps *:* LISTEN 5942/couriertcpd
tcp 0 0 *:pop3s *:* LISTEN 5857/couriertcpd
tcp 0 0 localhost.localdo:10024 *:* LISTEN 4210/amavisd (maste
tcp 0 0 localhost.localdo:10025 *:* LISTEN 4320/master
tcp 0 0 localhost.localdo:mysql *:* LISTEN 2609/mysqld
tcp 0 0 *:pop3 *:* LISTEN 5800/couriertcpd
tcp 0 0 *:imap2 *:* LISTEN 5893/couriertcpd
tcp 0 0 *:www *:* LISTEN 6263/apache2
tcp 0 0 *:8181 *:* LISTEN 6263/apache2
tcp 0 0 mail.*******.com:domain *:* LISTEN 4873/named
tcp 0 0 debian.*******.c:domain *:* LISTEN 4873/named
tcp 0 0 localhost.locald:domain *:* LISTEN 4873/named
tcp 0 0 *:ssh *:* LISTEN 707/sshd
tcp 0 0 *:smtp *:* LISTEN 4320/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 4873/named
tcp 0 0 *:https *:* LISTEN 6263/apache2
tcp 0 300 debian.*******.com:ssh ***.***>**.**:4584 ESTABLISHED 24974/sshd
tcp 0 0 debian.*******.com:ssh ***.***>**.**:4585 ESTABLISHED 24978/sshd

falko · #6 8th November 2005, 15:23

There's nothing running on port 465...

phantomk · #7 8th November 2005, 17:13

I thought The Perfect Setup - Debian Sarge (3.1) guide also setup a ssl smtp connection ?

How would I go about setting up a SSL connection for smtp ? Also how would I go about changeing the certificate owner, currently it reads:

Quote:

You have attempted to establish a connection with "mail.*****.com". However, the security certificate presented belonts to "localhost". etc ....

When I retrieve my e-mail through a pop3 or imap SSL connection.

falko · #8 8th November 2005, 19:06

Quote:

Originally Posted by phantomk

I thought The Perfect Setup - Debian Sarge (3.1) guide also setup a ssl smtp connection ?

No, it's a TLS connection that uses port 25.

Quote:

Originally Posted by phantomk

How would I go about setting up a SSL connection for smtp ?

You can use TLS by telling your email client to use a secure connection.

Quote:

Originally Posted by phantomk

Also how would I go about changeing the certificate owner, currently it reads:

When I retrieve my e-mail through a pop3 or imap SSL connection.

To create other TLS certificates, simply re-run the steps from the tutorial.
To create new POP3/IMAP certificates, have a look here: http://www.howtoforge.com/forums/showthread.php?t=1168