I just went and using my google domains account created an A record for mail.simplysyncedllc.com and pointed it to my box. I then went ahead and tried to configure the email in my outlook. When I go to connect I get The server you are connected to is using a security certificate that cannot be verified. The target principal name is incorrect. I can view the cert and its showing that its issued to webhost.simplysyncedllc.com and valid from 4/3/2017 to 4/1/2027. The certification path tab has This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store. I then tried changing my incoming and outgoing mail to webhost.simplysyncedllc.com thinking this was the issue. It was not, I still receive the same message. Now I know I could just install the certificate but this leads me to believe that the certificate might not be correct and I wanted to make sure.
Which domain name are you using? Is it webhost.simplysyncedllc.com or mail.simplysyncedllc.com? Because I think it should be the first one i.e. your server.
Even when trying to use webhost.simplysyncedllc.com as both incoming and outgoing servers I still get the message.
Tried this, he stated to remove the first part of the name which I tried, tried simplysyncedllc.com , webhost.simplysyncedllc.com which has the ssl cert correct and mail.simplysyncedllc.com all of which bring up the same. Used those same ports listed there and it did not do anything different. I'm looking through the guides for email now but I've done everything that I see.
Followed what I found in this thread. https://www.howtoforge.com/communit...-smtpd-ssl_accept-error-from-localhost.61657/ and the spot about removing the # in front of the smtps and submission lines were what I needed. This was not in the tutorial but once done no more errors and emails are sending.
sorry it was in the tutorial but I must of missed it because when my /etc/postfix/master.cf file was installed the smtps inet n line was right after the line above it. Not sure why but that where it was. Once I relooked at it I found the error.
So actually that did not work, today when i rebooted my laptop and then loaded up outlook I got the same error message in outlook about the certificate.
I think outlook does not accept your self-signed cert. You can install a ssl-cert from let's encrypt (serach the forum, there are several posts)
The cert was generated by clicking the SSL and Lets Encrypt checkboxes under the site page in ISPConfig3. welp just noticed I never finished https://www.howtoforge.com/community/threads/securing-your-server-with-lets-encrypt.75554/ where it says to move the stuff for the mail portion. Good to go, great product and great support!!
One of my clients had same issue with Outlook 2016 (Internet Security Warning) - The target principal name is incorrect, we fixed this way: Under: Email Accounts > Change > More Settings > Advanced Tab Under IMAP/POP/SMTP Use the following type of encrypted connection change from SSl/TLS to None
Your suggestion is not a fix, and defeats the purpose. "None" is no encryption. You will now receive warnings that your data is view-able by third parties.
You need to secure it: https://www.howtoforge.com/communit...l-port-8080-with-lets-encrypt-free-ssl.75554/
Your link was extensive, and very informative, wish howtoforge had a search option to stay within a conversation. My lets-encrypt was already up and running, but the cert does not include mail.mydomain.net. Perhaps we need to look at why outlook does not automatically store lets-encrypt certs. Is it the lack of mail.mydomain.net, or something else.
Step 7 (a) to (c) is normally relevant to mail services in a single server setup. However, if you are using ISPConfig mutiserver setup for mail.mydomain.net, do refer to post #203 of that guide for a possible solution to resolve it.
If I was to secure it, would all the end users need to change any of the settings in their email client (outlook, iphone mail, android mail, etc.)? Would it break their email client setup?
I do not know their settings, thus I am not sure whether they need to change any, and I also do not think that it will break their email client setup.
