I can send and receive messages via the web, but it doesn't work through the...

Hi,

I continue with the tests, server with AL9:
1. After a user is created, a domain is automatically attached to it, I create a SSL certificate, including a subdomain mail, but no mail account works with SSL ports 465 and 995???
2. I attached a second domain to the same user, created an SSL for it, and then created an email account, but no mail account works with SSL ports 465 and 995???
3. Are SSL certificates and email accounts created in the user panel or..., I tested many options?

BR
Venty

SSL mail???

I'm sorry, but have you considered hiring a sysadmin to help you set up your server?

I'm sorry, but have you considered hiring a sysadmin to help you set up your server?

NO, AND I DON'T THINK…

here I saw that there are many topics about a similar problem...

1. Did you check if the secure mail ports are listed by mail services (postfix, dovecot) ?

2. Check the mail logs on your server to investigate the problem:

/var/log/maillog
/var/log/dovecot.log

1. Did you check if the secure mail ports are listed by mail services (postfix, dovecot) ?

2. Check the mail logs on your server to investigate the problem:

/var/log/maillog
/var/log/dovecot.log

Hi,

Thank you very much...

1.As I noted in a previous answer, after executing the telnet command for the ports:
telnet your.domain.com 25
telnet your.domain.com 465
telnet your.domain.com 587


 I got the following results: all ports connect with telnet, but only on 25 and 587 does Postfix return ESMTP, on 465 it returns nothing..., but 465 is open...



/var/log/maillog- the file is very large and I can't open or download it... - 5.5 GB;
/var/log/dovecot.log - in this POP3 file the error is often noticed, please see the following picture:

 https://prnt.sc/uJ82kvYrptH9

Thanks in advance!

BR
Venty

As for the error:

Take a look at the provided error and then read this file:

Code: [Select]

/etc/dovecot/conf.d/10-ssl.confDon't be afraid to ask google when CWP community is silent or you can't resolve the problem yourself.

As for the big text files:

Use command prompt/shell. To open/review big file you can use "less", "vi", "ee", "cat", "grep", etc instead of single option provided by GUI. Сommand prompt must be your best friend if you consider yourself as the system administrator not as the experienced linux user.

FYI.  You are not going to get a response from postfix on 465 using telnet.  465 requires SSL authentication.  To test it, you must use openssl.

Code: [Select]

openssl s_client -connect localhost:465
If you receive an appropriate response, then everything should be working, we need to look externally.  If you do not get a response from posix, please check /etc/postfix/master.cf and make sure port 465 is indeed enabled.

FYI.  You are not going to get a response from postfix on 465 using telnet.  465 requires SSL authentication.  To test it, you must use openssl.

Code: [Select]

openssl s_client -connect localhost:465
If you receive an appropriate response, then everything should be working, we need to look externally.  If you do not get a response from posix, please check /etc/postfix/master.cf and make sure port 465 is indeed enabled.

Hi,

thank you very much, it worked

Please take a look at the following restrictions in Postfix:
# rules restrictions
smtpd_client_restrictions = reject_unknown_client
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain
# uncomment for realtime black list checks
# ,reject_rbl_client zen.spamhaus.org
# ,reject_rbl_client bl.spamcop.net
# ,reject_rbl_client dnsbl.sorbs.net
smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining

are they adequate?

BR
Venty

I would suggest you look here:
https://www.awsmonster.com/how-to-secure-postfixdovecot-on-cwp