SSL for imap server

Discussion in 'ISPConfig 3 Priority Support' started by Dextros, Nov 9, 2017.

  1. Dextros

    Dextros Member HowtoForge Supporter

    Hi Guys

    Thanks for all your help to date!

    I have a new one. Please see email received from the bank in the UK.
    Im guessing that I just need to make clients connect to the ssl/tls side of imap/smtp

    My question is, can I get lets encrypt to cover mail.domain.com as well as domain.com

    also I have an old self signed certificate before I changed the hostname on the server. Can i just re-run the upgrade to ISP and only create a new cert, which should give it the host name, or can LE do this also?

    KRs

    Lee

    Code:
    Dear Sirs,
    
    Thank you for your email request dated 07/11/2017 for our mutual clients BLANKED. We would like to advise that effective 31st January 2017 Barclays will be unable to respond to you with mutual client data if we identify that your email address is not Transport layer security (TLS) compliant.
    
    Barclays has identified an opportunistic Transport Layer Security (TLS) system (TLS is used to encrypt the e-mail in transit between Barclays and the recipient organisation). This means that all email traffic sent by Barclays will be sent via TLS. If the recipient is not TLS enabled, the mail will be sent insecurely and could lead to data integrity being compromised. Domain owners wishing to receive emails from us will need to purchase certifications from renowned companies and have them installed in their email servers.
    
    At present, our IT team is in the process of identifying if you have a valid certificate attributed to your domain and as such we will be unable to respond to you with mutual client data requested without this being established. This will mean that we will only be able to send you the data that you have requested in hard copy format via normal mail services and this may lead to delay in your receiving important information to service your client. If our IT department is able to determine that you possess a valid certificate, we could start sending out emails to your firm. However if it is identified that you do not have a valid certificate, then your own IT area will need to arrange certification of your domain if you wish to continue receiving emails from us.
    
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

  3. Dextros

    Dextros Member HowtoForge Supporter

    Thanks Till, that's awesome work.

    I take it that as I have changed the port to 8090 in apache, this will carry through, or I would likley have to go back into the .conf and change this manually?

    LE appeneds onto the file anyways?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    LE does not change the ispconfig vhost file.
     

Share This Page