Mail STARTTLS/SSL not working

Discussion in 'Installation/Configuration' started by Ripeed, Nov 20, 2012.

  1. Ripeed

    Ripeed Member

    Hi, I have installed ISPConfig 3.0.4.6 on debian squeeze by tutorial: How To Run Your Own DNS Servers (Primary And Secondary) With ISPConfig 3 (Debian Squeeze)

    I just move some mailboxes from old server by creating new and IMAPtools sync.

    But if some one have a setup email by STARTTLS or SSL on Thunderbird and etc. That dont work. By changing it to non secure connection I found that work. On old server works everything fine.

    What I can do? Thunderbird dont show any message, its like he wonts to connect but nothing. In logs I dont see that email box from I trying to connect.

    Thanks for help.
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Check the postfix master.cf file and ensure that the smtps and submission lines are not commented out.
     
  3. Ripeed

    Ripeed Member

    This is my master.cf and those lines. I have it same on old server where it works:
    Code:
    smtp      inet  n       -       -       -       -       smtpd
    #submission inet n       -       -       -       -       smtpd
    #  -o smtpd_tls_security_level=encrypt
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #smtps     inet  n       -       -       -       -       smtpd
    #  -o smtpd_tls_wrappermode=yes
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #628       inet  n       -       -       -       -       qmqpd
    
    You mean I must delete those # comments reload postfix and it will work?
     
  4. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Change it to:

    Code:
    smtp      inet  n       -       -       -       -       smtpd
    submission inet n       -       -       -       -       smtpd
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    smtps     inet  n       -       -       -       -       smtpd
      -o smtpd_tls_wrappermode=yes
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #628       inet  n       -       -       -       -       qmqpd
    and restart postfix.
     
  5. Ripeed

    Ripeed Member

    Nope, I do that... only one change was that say connected to server but still dont dowload messages.

    Meaby you mean some thing else. If I set mailbox in TB to.
    IMAP: mail.domain.tld
    Port: 143
    login with user and pass. Then it works.

    If I set:
    Port: 143 with STARTTLS than I cant connect to server.

    any other Idea?
     
  6. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    ah ok,you mean imap. I thought you mean smtp. Do you use dovecot or courier imap?
     
  7. Ripeed

    Ripeed Member

    Courier, thanks
     
  8. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Imaps (imap over ssl) is on port 993 and not port 143
     
  9. Ripeed

    Ripeed Member

    Till, know that. IMAP/SMTP on 143/25 works. IMAP/SMTP on 143/ with STARTTLS dont work, IMAP/SMTP on 993/465 dont work.

    I think, main problem is with STARTTLS settings.
     
  10. Ripeed

    Ripeed Member

    I fond in log this:
    Code:
    Nov 20 19:54:37 ns1 imapd-ssl: couriertls: /etc/courier/imapd.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
    This is that problem...
     
  11. Ripeed

    Ripeed Member

    Till, if I try make new certificate by the tutor make you own... Can I mess something with that?
     
  12. Ripeed

    Ripeed Member

    Ok, I found that. There was diferrent imapd.pem in etc/courier/ and usr/lib/courier/

    I copy that right and works now.

    Anyway thanks Till.
     

Share This Page