So, I can't connect to Postfix on port 465. It just won't do it. Here is my /etc/postfix/main.cf Code: 1 # See /usr/share/postfix/main.cf.dist for a commented, more complete version 2 3 4 # Debian specific: Specifying a file name will cause the first 5 # line of that file to be used as the name. The Debian default 6 # is /etc/mailname. 7 #myorigin = /etc/mailname 8 9 smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 10 biff = no 11 12 # appending .domain is the MUA's job. 13 append_dot_mydomain = no 14 15 # Uncomment the next line to generate "delayed mail" warnings 16 #delay_warning_time = 4h 17 18 readme_directory = /usr/share/doc/postfix 19 20 # TLS parameters 21 smtpd_tls_cert_file = /etc/postfix/smtpd.cert 22 smtpd_tls_key_file = /etc/postfix/smtpd.key 23 smtpd_tls_CAfile = /etc/postfix/smtpd.pem 24 smtpd_use_tls = yes 25 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 26 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 27 smtpd_tls_protocols = !SSLv2,SSLv3 28 smtpd_tls_ciphers = medium 29 smtpd_tls_exclude_ciphers = RC4, aNULL 30 smtpd_sasl_security_options = noplaintext 31 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 32 # information on enabling SSL in the smtp client. 33 34 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination 35 myhostname = ihost.bg 36 alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 37 alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 38 myorigin = /etc/mailname 39 mydestination = localhost, localhost.localdomain 40 relayhost = 41 mynetworks = 127.0.0.0/8 [::1]/128 42 mailbox_size_limit = 0 43 recipient_delimiter = + 44 inet_interfaces = all 45 inet_protocols = ipv4 46 html_directory = /usr/share/doc/postfix/html 47 virtual_alias_domains = 48 virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf 49 virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf 50 virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf 51 virtual_mailbox_base = /var/vmail 52 virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf 53 virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf 54 sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf 55 smtpd_sasl_auth_enable = yes 56 broken_sasl_auth_clients = yes 57 smtpd_sasl_authenticated_header = yes 58 smtpd_restriction_classes = greylisting 59 greylisting = check_policy_service inet:127.0.0.1:10023 60 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf 61 smtpd_tls_security_level = may 62 transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf 63 relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf 64 relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf 65 smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf 66 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_ maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps 67 smtpd_helo_required = yes 68 smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo 69 smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc /postfix/tag_as_foreign.re 70 smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf 71 smtpd_client_message_rate_limit = 100 72 maildrop_destination_concurrency_limit = 1 73 maildrop_destination_recipient_limit = 1 74 virtual_transport = maildrop 75 header_checks = regexp:/etc/postfix/header_checks 76 mime_header_checks = regexp:/etc/postfix/mime_header_checks 77 nested_header_checks = regexp:/etc/postfix/nested_header_checks 78 body_checks = regexp:/etc/postfix/body_checks 79 owner_request_special = no 80 smtp_tls_security_level = may 81 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 82 #smtpd_tls_protocols = !SSLv2,!SSLv3 83 smtp_tls_protocols = !SSLv2,!SSLv3 84 #smtpd_tls_exclude_ciphers = RC4, aNULL 85 smtp_tls_exclude_ciphers = RC4, aNULL 86 dovecot_destination_recipient_limit = 1 87 smtpd_sasl_type = dovecot 88 smtpd_sasl_path = private/auth 89 content_filter = amavis:[127.0.0.1]:10024 90 receive_override_options = no_address_mappings 91 message_size_limit = 0 92 #smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/SSL/EVTIN.HOSTING-SSL-BUNDLE.pem
Here is my /etc/postfix/master.cf Code: 1 # 2 # Postfix master process configuration file. For details on the format 3 # of the file, see the master(5) manual page (command: "man 5 master" or 4 # on-line: http://www.postfix.org/master.5.html). 5 # 6 # Do not forget to execute "postfix reload" after editing this file. 7 # 8 # ========================================================================== 9 # service type private unpriv chroot wakeup maxproc command + args 10 # (yes) (yes) (no) (never) (100) 11 # ========================================================================== 12 smtp inet n - y - - smtpd 13 #smtp inet n - y - 1 postscreen 14 #smtpd pass - - y - - smtpd 15 #dnsblog unix - - y - 0 dnsblog 16 #tlsproxy unix - - y - 0 tlsproxy 17 submission inet n - y - - smtpd 18 -o syslog_name=postfix/submission 19 -o smtpd_tls_security_level=encrypt 20 -o smtpd_sasl_auth_enable=yes 21 -o smtpd_client_restrictions=permit_sasl_authenticated,reject 22 # -o smtpd_reject_unlisted_recipient=no 23 # -o smtpd_client_restrictions=$mua_client_restrictions 24 # -o smtpd_helo_restrictions=$mua_helo_restrictions 25 # -o smtpd_sender_restrictions=$mua_sender_restrictions 26 # -o smtpd_recipient_restrictions= 27 # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject 28 # -o milter_macro_daemon_name=ORIGINATING 29 smtps inet n - y - - smtpd 30 -o syslog_name=postfix/smtps 31 -o smtpd_tls_wrappermode=yes 32 -o smtpd_sasl_auth_enable=yes 33 -o smtpd_client_restrictions=permit_sasl_authenticated,reject 34 # -o smtpd_reject_unlisted_recipient=no 35 # -o smtpd_client_restrictions=$mua_client_restrictions 36 # -o smtpd_helo_restrictions=$mua_helo_restrictions 37 # -o smtpd_sender_restrictions=$mua_sender_restrictions 38 # -o smtpd_recipient_restrictions= 39 # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject 40 # -o milter_macro_daemon_name=ORIGINATING 41 #628 inet n - y - - qmqpd 42 pickup unix n - y 60 1 pickup 43 cleanup unix n - y - 0 cleanup 44 qmgr unix n - n 300 1 qmgr 45 #qmgr unix n - n 300 1 oqmgr 46 tlsmgr unix - - y 1000? 1 tlsmgr 47 rewrite unix - - y - - trivial-rewrite 48 bounce unix - - y - 0 bounce 49 defer unix - - y - 0 bounce 50 trace unix - - y - 0 bounce 51 verify unix - - y - 1 verify 52 flush unix n - y 1000? 0 flush 53 proxymap unix - - n - - proxymap 54 proxywrite unix - - n - 1 proxymap 55 smtp unix - - y - - smtp 56 relay unix - - y - - smtp 57 # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 58 showq unix n - y - - showq 59 error unix - - y - - error 60 retry unix - - y - - error 61 discard unix - - y - - discard 62 local unix - n n - - local 63 virtual unix - n n - - virtual 64 lmtp unix - - y - - lmtp 65 anvil unix - - y - 1 anvil 66 scache unix - - y - 1 scache 67 # 68 # ==================================================================== 69 # Interfaces to non-Postfix software. Be sure to examine the manual 70 # pages of the non-Postfix software to find out what options it wants. 71 # 72 # Many of the following services use the Postfix pipe(8) delivery 73 # agent. See the pipe(8) man page for information about ${recipient} 74 # and other message envelope options. 75 # ==================================================================== 76 # 77 # maildrop. See the Postfix MAILDROP_README file for details. 78 # Also specify in main.cf: maildrop_destination_recipient_limit=1 79 # 80 maildrop unix - n n - - pipe 81 flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} 82 # 83 # ==================================================================== 84 # 85 # Recent Cyrus versions can use the existing "lmtp" master.cf entry. 86 # 87 # Specify in cyrus.conf: 88 # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 89 # 90 # Specify in main.cf one or more of the following: 91 # mailbox_transport = lmtp:inet:localhost 92 # virtual_transport = lmtp:inet:localhost 93 # 94 # ==================================================================== 95 # 96 # Cyrus 2.1.5 (Amos Gouaux) 97 # Also specify in main.cf: cyrus_destination_recipient_limit=1 98 # 99 #cyrus unix - n n - - pipe 100 # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} 101 # 102 # ==================================================================== 103 # Old example of delivery via Cyrus. 104 # 105 #old-cyrus unix - n n - - pipe 106 # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} 107 # 108 # ==================================================================== 109 # 110 # See the Postfix UUCP_README file for configuration details. 111 # 112 uucp unix - n n - - pipe 113 flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) 114 # 115 # Other external delivery methods. 116 # 117 ifmail unix - n n - - pipe 118 flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) 119 bsmtp unix - n n - - pipe 120 flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient 121 scalemail-backend unix - n n - 2 pipe 122 flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} 123 mailman unix - n n - - pipe 124 flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py 125 ${nexthop} ${user} 126 127 dovecot unix - n n - - pipe 128 flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} 129 130 131 132 amavis unix - - y - 2 smtp 133 -o smtp_data_done_timeout=1200 134 -o smtp_send_xforward_command=yes 135 127.0.0.1:10025 inet n - n - - smtpd 136 -o content_filter= 137 -o local_recipient_maps= 138 -o relay_recipient_maps= 139 -o smtpd_restriction_classes= 140 -o smtpd_client_restrictions= 141 -o smtpd_helo_restrictions= 142 -o smtpd_sender_restrictions= 143 -o smtpd_recipient_restrictions=permit_mynetworks,reject 144 -o mynetworks=127.0.0.0/8 145 -o strict_rfc821_envelopes=yes 146 -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks 147 -o smtp_send_xforward_command=yes 148 -o disable_dns_lookups=yes 149 150 151 127.0.0.1:10027 inet n - n - - smtpd 152 -o content_filter= 153 -o local_recipient_maps= 154 -o relay_recipient_maps= 155 -o smtpd_restriction_classes= 156 -o smtpd_client_restrictions= 157 -o smtpd_helo_restrictions= 158 -o smtpd_sender_restrictions= 159 -o smtpd_recipient_restrictions=permit_mynetworks,reject 160 -o mynetworks=127.0.0.0/8 161 -o strict_rfc821_envelopes=yes 162 -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks 163 -o smtp_send_xforward_command=yes 164 -o milter_default_action=accept 165 -o milter_macro_daemon_name=ORIGINATING 166 -o disable_dns_lookups=yes
Here is my /etc/dovecot/dovecot.conf Code: 1 listen = *,[::] 2 protocols = imap pop3 3 ssl = required 4 verbose_ssl = no 5 disable_plaintext_auth = no 6 log_timestamp = "%Y-%m-%d %H:%M:%S " 7 mail_privileged_group = vmail 8 postmaster_address = [email protected] 9 ssl_cert = </etc/postfix/smtpd.cert 10 ssl_key = </etc/postfix/smtpd.key 11 ssl_ca = </etc/postfix/smtpd.pem 12 ssl_cipher_list = HIGH:+TLSv1:+SSLv3:!LOW:!SSLv2:!EXP:!aNULL 13 ssl_protocols = !SSLv2 14 mail_max_userip_connections = 100 15 passdb { 16 args = /etc/dovecot/dovecot-sql.conf 17 driver = sql 18 } 19 userdb { 20 driver = prefetch 21 } 22 userdb { 23 args = /etc/dovecot/dovecot-sql.conf 24 driver = sql 25 } 26 plugin { 27 quota = dict:user::file:/var/vmail/%d/%n/.quotausage 28 sieve=/var/vmail/%d/%n/.sieve 29 sieve_max_redirects = 25 30 } 31 service auth { 32 unix_listener /var/spool/postfix/private/auth { 33 group = postfix 34 mode = 0660 35 user = postfix 36 } 37 unix_listener auth-userdb { 38 group = vmail 39 mode = 0600 40 user = vmail 41 } 42 user = root 43 } 44 service lmtp { 45 unix_listener /var/spool/postfix/private/dovecot-lmtp { 46 group = postfix 47 mode = 0600 48 user = postfix 49 } 50 } 51 service imap-login { 52 client_limit = 1000 53 process_limit = 512 54 } 55 protocol imap { 56 mail_plugins = quota imap_quota 57 } 58 protocol pop3 { 59 pop3_uidl_format = %08Xu%08Xv 60 mail_plugins = quota 61 } 62 protocol lda { 63 postmaster_address = [email protected] 64 mail_plugins = sieve quota 65 } 66 protocol lmtp { 67 postmaster_address = [email protected] 68 mail_plugins = quota sieve 69 } 70 mail_plugins = $mail_plugins quota 71 # Space separated list of wanted authentication mechanisms: 72 73 # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi 74 75 auth_mechanisms = cram-md5 76 77 78 79 # passwd-like file with specified location 80 81 passdb { 82 83 driver = passwd-file 84 85 # Path for passwd-file. Also set the default password scheme. 86 87 args = scheme=cram-md5 /etc/cram-md5.pwd 88 89 } Dovecot works fine. I can login, but I can't connect to Postfix on port 465 and port 587 doesn't work either. The entire problem is that I am trying to get this stupid server PCI compliant...
I reinstalled the server in the meantime but still no luck logging into the mail system. I mean, a fresh install works, but I need to get the mail server PCI complian, which in my case means. -Disable plaintext -Force SSL on the mailing system. Code: tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 12774/master tcp 0 0 127.0.0.1:10027 0.0.0.0:* LISTEN 12774/master tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 12774/master tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 12774/master tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 12774/master tcp6 0 0 :::587 :::* LISTEN 12774/master tcp6 0 0 :::465 :::* LISTEN 12774/master tcp6 0 0 :::25 :::* LISTEN 12774/master
So, here are the new config files: main.cf: Code: 1 # See /usr/share/postfix/main.cf.dist for a commented, more complete version 2 3 4 # Debian specific: Specifying a file name will cause the first 5 # line of that file to be used as the name. The Debian default 6 # is /etc/mailname. 7 #myorigin = /etc/mailname 8 9 smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 10 biff = no 11 12 # appending .domain is the MUA's job. 13 append_dot_mydomain = no 14 15 # Uncomment the next line to generate "delayed mail" warnings 16 #delay_warning_time = 4h 17 18 readme_directory = /usr/share/doc/postfix 19 20 # TLS parameters 21 smtpd_tls_cert_file = /etc/postfix/smtpd.cert 22 smtpd_tls_key_file = /etc/postfix/smtpd.key 23 smtpd_use_tls = yes 24 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 25 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 26 27 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 28 # information on enabling SSL in the smtp client. 29 30 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination 31 myhostname = ihost.bg 32 alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 33 alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 34 myorigin = /etc/mailname 35 mydestination = localhost, localhost.localdomain 36 relayhost = 37 mynetworks = 127.0.0.0/8 [::1]/128 38 mailbox_size_limit = 0 39 recipient_delimiter = + 40 inet_interfaces = all 41 inet_protocols = all 42 html_directory = /usr/share/doc/postfix/html 43 virtual_alias_domains = 44 virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email 2email.cf 45 virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf 46 virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf 47 virtual_mailbox_base = /var/vmail 48 virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf 49 virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf 50 sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf 51 smtpd_sasl_auth_enable = yes 52 broken_sasl_auth_clients = yes 53 smtpd_sasl_authenticated_header = yes 54 smtpd_restriction_classes = greylisting 55 greylisting = check_policy_service inet:127.0.0.1:10023 56 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access m ysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf 57 smtpd_tls_security_level = may 58 transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf 59 relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf 60 relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf 61 smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf 62 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $r elay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_ maps 63 smtpd_helo_required = yes 64 smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_ hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo 65 smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql: /etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re 66 smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf 67 smtpd_client_message_rate_limit = 100 68 maildrop_destination_concurrency_limit = 1 69 maildrop_destination_recipient_limit = 1 70 virtual_transport = dovecot 71 header_checks = regexp:/etc/postfix/header_checks 72 mime_header_checks = regexp:/etc/postfix/mime_header_checks 73 nested_header_checks = regexp:/etc/postfix/nested_header_checks 74 body_checks = regexp:/etc/postfix/body_checks 75 owner_request_special = no 76 smtp_tls_security_level = may 77 smtpd_tls_mandatory_protocols = !SSLv3, TLSv1 78 smtpd_tls_protocols = !SSLv3, TLSv1 79 smtp_tls_protocols = !SSLv3, TLSv1 80 smtpd_tls_mandatory_ciphers = medium, high 81 tls_medium_cipherlist = EECDH+AESGCM+AES128:EECDH+AESGCM+AES256:EDH+AESGCM+AES128:EDH+AESGCM+AES256:EECDH+SHA256+AES128:EECDH+SHA384+AES256:EDH+SHA256+AES128:EDH+SH A256+AES256:EECDH+SHA1+AES128:EECDH+SHA1+AES256:EDH+SHA1+AES128:EDH+SHA1+AES256:EECDH+HIGH:EDH+HIGH:AESGCM+AES128:AESGCM+AES256:SHA256+AES128:SHA256+AES256:SHA1+AES 128:SHA1+AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!KRB5:!aECDH:!EDH+3DES 82 smtpd_tls_exclude_ciphers = RC4, aNULL 83 smtp_tls_exclude_ciphers = RC4, aNULL 84 dovecot_destination_recipient_limit = 1 85 smtpd_sasl_type = dovecot 86 smtpd_sasl_path = private/auth 87 content_filter = amavis:[127.0.0.1]:10024 88 smtp_sasl_security_options = noanonymous, noplaintext 89 smtp_sasl_tls_security_options = noanonymous 90 smtpd_sasl_security_options = noanonymous, noplaintext 91 smtpd_sasl_tls_security_options = noanonymous 92 receive_override_options = no_address_mappings
dovecot.conf Code: 1 listen = *,[::] 2 ssl = required 3 verbose_ssl = no 4 protocols = imap pop3 5 ssl_cipher_list = HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 6 auth_mechanisms = plain login 7 disable_plaintext_auth = yes 8 log_timestamp = "%Y-%m-%d %H:%M:%S " 9 mail_privileged_group = vmail 10 postmaster_address = [email protected] 11 ssl_cert = </etc/postfix/smtpd.cert 12 ssl_key = </etc/postfix/smtpd.key 13 ssl_ca = </etc/postfix/bundle.pem 14 ssl_protocols = SSLv3 15 mail_max_userip_connections = 100 16 passdb { 17 args = /etc/dovecot/dovecot-sql.conf 18 driver = sql 19 } 20 userdb { 21 driver = prefetch 22 } 23 userdb { 24 args = /etc/dovecot/dovecot-sql.conf 25 driver = sql 26 } 27 plugin { 28 quota = dict:user::file:/var/vmail/%d/%n/.quotausage 29 sieve=/var/vmail/%d/%n/.sieve 30 sieve_max_redirects = 25 31 } 32 service auth { 33 unix_listener /var/spool/postfix/private/auth { 34 group = postfix 35 mode = 0660 36 user = postfix 37 } 38 unix_listener auth-userdb { 39 group = vmail 40 mode = 0600 41 user = vmail 42 } 43 user = root 44 } 45 service lmtp { 46 unix_listener /var/spool/postfix/private/dovecot-lmtp { 47 group = postfix 48 mode = 0600 49 user = postfix 50 } 51 } 52 service imap-login { 53 client_limit = 1000 54 process_limit = 512 55 } 56 protocol imap { 57 mail_plugins = quota imap_quota 58 } 59 protocol pop3 { 60 pop3_uidl_format = %08Xu%08Xv 61 mail_plugins = quota 62 } 63 protocol lda { 64 postmaster_address = [email protected] 65 mail_plugins = sieve quota 66 } 67 protocol lmtp { 68 postmaster_address = [email protected] 69 mail_plugins = quota sieve 70 } 71 mail_plugins = $mail_plugins quota
And here is the config file for Roundcube, which simply isn't connecting anymore https://ihost.bg/defaults.inc.php.txt This is Roundcube's error log: Code: [19-Oct-2017 13:51:02 +0300]: <dhtkj22p> IMAP Error: Login failed for admin from 84.40.78.192. Empty startup greeting (localhost:993) in /usr/share/nginx/roundcubemail/program/lib/Roundcube/rcube_imap.php on line 196 (POST /webmail/?_task=login&_action=login) [19-Oct-2017 13:53:52 +0300]: <dhtkj22p> IMAP Error: Login failed for admin from 84.40.78.192. Empty startup greeting (localhost:993) in /usr/share/nginx/roundcubemail/program/lib/Roundcube/rcube_imap.php on line 196 (POST /webmail/?_task=login&_action=login) [19-Oct-2017 14:03:02 +0300]: <dhtkj22p> IMAP Error: Login failed for admin from 84.40.78.192. Empty startup greeting (localhost:993) in /usr/share/nginx/roundcubemail/program/lib/Roundcube/rcube_imap.php on line 196 (POST /webmail/?_task=login&_action=login) OK SO I got Dovecot working! My Android phone with BlueMail can login fine! But the very second I touch the Postfix config, Postfix stops accepting logins! Roundcube still can't login to the server. Dovecot and Postfix are listening on their respective ports Code: root@ihost:/usr/share/nginx/roundcubemail/logs# netstat -tlpn | egrep "465|993" tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 26702/master tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 24674/dovecot tcp6 0 0 :::465 :::* LISTEN 26702/master tcp6 0 0 :::993 :::* LISTEN 24674/dovecot
