I've been running ISPConfig for several years with only some minor issues. My server was getting pretty old (Ubuntu 10.04LTS), so I decided to go through a full clean install (following the latest Debian Perfect Server guide at https://www.howtoforge.com/tutorial/perfect-server-debian-8-jessie-apache-bind-dovecot-ispconfig-3/) on a new server, followed by a manual migration of sites/mail. Everything has gone mostly fine, but I'm having some issues with email. First, I have problems logging into email accounts using Outlook. When I specify the following config on the account within Outlook, the connection simply times out: * Incoming Server (IMAP): 993 (using TLS) * Outgoing Server (SMTP): 465 (using TLS) If I use the outlook defaults (IMAP: 143, SMTP: 25), even when setting the encryption type to TLS, it seems to connect okay - but I'm unsure whether the connection is actually encrypted or not if I'm using these ports. How can I debug this further? Secondly, trying to connect using ANY settings/ports via Outlook for Android results in a long "Attempting to log in..." process, followed by an error telling me to check my email and password, and try again. I had no issues connecting Outlook for Android to the old server, so am a bit stumped here. Again, how can I debug this and get Outlook for Android connecting properly? Finally, I'm seeing a lot of spam being delivered to inboxes that was successfully filtered off by the previous server. How long should I expect this to continue for? Thanks for the help, Ben
The config looks fine as far as I can see. Is it possible that your ISP runs a firewall in front of the server which blocks port 993 and 465? Please check the mail.log to see which error is listed there for the faled login attempts. and check that outlook really uses the full email address as username and not just the part in front of the @ It may take some time until the bayes filter is fully trained again. What you should do is lower the spam tag 2 level in the spamfilter policy to e.g. 3.5 or even to 3. Then add some realtime blacklists under System > Server config > mail.
I have tried connecting from multiple locations/ISPs with no luck. The server is a Linode, so there would be no firewall blocking ports on that end. How could I check this? This is what I see in mail.log when connecting from Outlook (testing account settings) using the default ports (143/25), and having selected TLS encryption: When I try and force connecting on 993/465, nothing appears until I cancel the attempt within Outlook after which the following is shown: Surely this shows there's no firewall in place blocking those ports? This is what I see in the mail.log when connecting from Outlook for Android: Looks like the username isn't being passed at all?!
I'm not great at reading these logs - does the "method=PLAIN" in the first snippet above mean I'm sending login details in plaintext, even though it says TLS later in the same line?
No, plain is an authentication method mechanism which is then wrapped by TLS, so the connection is encrypted.
So, in summary, the answers to the three questions in my initial thread are: * Don't worry about the specific ports being used, the connections are still encrypted * It's Outlook for Android's fault in that it's not sending any authentication details through * Spam will take a while to start being filtered off again I am unsure of the process of adding real time blacklists to the system, I assume they take the form of URLs which are pasted into the field you specify. Do you have any that you recommend? Thanks for your help, 'tis much appreciated
