Using Mozilla Thunderbird I've tried all combinations of checking and un-checking "use secure connection (SSL)" and "use secure authentication", but nothing works. This should all be set up, correct? Is there a special port # I should be using? I can use "mail.clientdom.dom", I don't have to use "ispchost.ispcserver.dom", correct? Thanks!
No, you don't have to use a special port. Are POP3s and IMAPs running? What does Code: netstat -tap show? Which distribution do you use?
Code: root# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdo:32769 *:* LISTEN 6675/hpiod tcp 0 0 localhost.localdo:32770 *:* LISTEN 6688/python tcp 0 0 localhost.localdo:mysql *:* LISTEN 6896/mysqld tcp 0 0 *:81 *:* LISTEN 14108/ispconfig_htt tcp 0 0 *:ftp *:* LISTEN 15688/proftpd: (acc tcp 0 0 10.57.3.33:domain *:* LISTEN 14278/named tcp 0 0 localhost.locald:domain *:* LISTEN 14278/named tcp 0 0 localhost.localdoma:ipp *:* LISTEN 10899/cupsd tcp 0 0 *:smtp *:* LISTEN 25737/master tcp 0 0 localhost.localdoma:953 *:* LISTEN 14278/named tcp 0 0 localhost.localdo:50506 localhost.localdo:32769 ESTABLISHED6688/python tcp 0 0 localhost.localdo:32769 localhost.localdo:50506 ESTABLISHED6675/hpiod tcp6 0 0 *:imaps *:* LISTEN 6776/couriertcpd tcp6 0 0 *:pop3s *:* LISTEN 6817/couriertcpd tcp6 0 0 *:pop3 *:* LISTEN 6794/couriertcpd tcp6 0 0 *:imap2 *:* LISTEN 6753/couriertcpd tcp6 0 0 *:www *:* LISTEN 16391/apache2 tcp6 0 0 *:ssh *:* LISTEN 7157/sshd tcp6 0 0 ip6-localhost:953 *:* LISTEN 14278/named tcp6 0 0 *:https *:* LISTEN 16391/apache2 Ubuntu 5.10 - Breezy
This looks fine so far. Did you have problems with sending mail over an encrypted channel or receiving mail?
Well, I haven't even tested sending yet, just tryin to get POP3 working. I am feeling so down about this. Thanks for your help though, any more ideas? btw, you sure I don't have to use a special port? wasn't there a port in the 900's for SSL?
Yup, Thunderbird defaults to 995 for SSL. I still get a "connection timed out to <server>" error though.
Actually, I figured out the problem. I noticed under the "Client" for a site, SSL is not checked. I attempted to check it and got the following error message: Code: An SSL certificate does already exist for this IP. How do I fix this?
You can only have one SSL certificate for each IP address. This is an apache limit, not ISPConfig limit. Remove the SSL option from the other site with the same IP where you enabled SSL and you can enable it for this site.
Um, this implies that I can only have one site on my server that uses SSL. How can I have other clients that use SSL? I'm sure ppl will want this service. From experience I also know that Apache looks for the IP of the machine, so if I enter a public IP it won't work. Also, I only have one public IP assigned to me by my ISP. How can I fix this? Thanks.
OK, so I tried SSL port 995 for POP3 on the domain that has the certificate and no dice. Am I destined to always have my pw's be clear text?
Buy more IP addresses for your machine. Or buy a wildcard certificate for yourssldomain.com, but then your customers can only have subdomains of yourssldomain.com.
You're kidding. So if I have 254 or so customers who want SSL I have to lease an entire Class C range? That's nuts. Can't you do something like: Code: <VirtualHost *:443> ServerName www.blahblah.com:443 And just keep doing seperate "ServerName" entries for your diff domains? Or is that method cracked?
Hmmmm, ok. Yeah, I just verified it with our resident Linux guru and he concurred. Not to undermine you or anything, I just wanted a second opinion. Thanks for your guidance. Any ideas yet on my pop3s issue? Thanks!
Have you checked your firewall? The pop3s and imaps ports where closed by default in the ISPConfig firewall.
The fw is turned off for the entire server (management > services), and in the event that it was turned on, this is what's set in the fw rules: Code: Firewall Rule Name Port Type Active FTP 21 tcp yes SSH 22 tcp yes SMTP 25 tcp yes DNS 53 tcp yes DNS 53 udp yes WWW 80 tcp yes ISPConfig 81 tcp yes POP3 110 tcp yes SSL (www) 443 tcp yes Webmin 10000 tcp yes So I would need to add port 995 if I turned it on....but like I said, it's OFF for the whole server, so that should be fine, right? Thanks. EDIT: Also, when in /var/log, I run this command w/no results: Code: :/var/log# grep -R pop3s ./* I get tons of results when I do... Code: :/var/log# grep -R pop3 ./* So I'm assuming the connection isn't even getting to the server, but I know I have the port open on my router and the ISPC fw is not turned on. Argh!
