ISPConfig 3.2.1 mail send problems

I have screwed up my installation (again).

I know I'm a clown. I do some changes and I don't know enough about what I'm doing. But I am learning a lot and I keep finding new challenges.

I love ISPC because it is fantastic, so I have bought some ISPC manuals, just to support the continous development.

I mostly use outlook and for the time being it is 2013 on some machines, and 365 on others.

But I am trying to harden the email with tls1.2 and tls1.3. But in my eager to do so I have done something that has disabled my ability to send mail.
My server is a ubuntu 18.04 LTS, I use Let's Encrypt for my domain bnjpro.dk. I'm using a free DNS service because I nly have 2 servers at different locations, and I think that is to few servers to run a solid DNS service. And the secondary server is on a dynamic ip address, so I won't change that.

But I have had it running pretty good for some time now with DMARC with a score of 84% on https://internet.nl
What can I look for to rectify my mistake? I'm still not a shark at linux or where files, configs and logs are located, but I get around ok mostly. But If any suggestions, I would appreciate the whole path mentioned.

Best regards
Bent Neumann Jensen

 

Yes but I don't know how to interpret them, and how do I grap more than just a single screen dump?

Here is ar screen dump i took from nano:

Jan 11 20:45:05 odin postfix/smtpd[27028]: warning: cannot get RSA certificate from file "</etc/letsencrypt/live/bnjpro.dk/fullchain.pem": disabling TLS support
Jan 11 20:45:05 odin postfix/smtpd[27028]: warning: TLS library problem: error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:290:fopen('</etc/letsencrypt$
Jan 11 20:45:05 odin postfix/smtpd[27028]: warning: TLS library problem: error:20074002:BIO routines:file_ctrl:system lib:../crypto/bio/bss_file.c:292:
Jan 11 20:45:05 odin postfix/smtpd[27028]: warning: TLS library problem: error:140DC002:SSL routines:use_certificate_chain_file:system lib:../ssl/ssl_rsa.c:615:
Jan 11 20:45:05 odin postfix/smtpd[27028]: connect from localhost[127.0.0.1]
Jan 11 20:45:05 odin postfix/smtpd[27028]: lost connection after CONNECT from localhost[127.0.0.1]
Jan 11 20:45:05 odin postfix/smtpd[27028]: disconnect from localhost[127.0.0.1] commands=0/0
Jan 11 20:45:18 odin postfix/postscreen[27025]: CONNECT from [209.85.208.176]:47093 to [192.168.0.201]:25
Jan 11 20:45:24 odin postfix/postscreen[27025]: PASS NEW [209.85.208.176]:47093
Jan 11 20:45:24 odin postfix/smtpd[27028]: connect from mail-lj1-f176.google.com[209.85.208.176]
Jan 11 20:45:24 odin postfix/smtpd[27028]: lost connection after STARTTLS from mail-lj1-f176.google.com[209.85.208.176]
Jan 11 20:45:24 odin postfix/cleanup[27037]: warning: /etc/postfix/main.cf, line 100: overriding earlier entry: smtp_tls_security_level=may
Jan 11 20:45:24 odin postfix/trivial-rewrite[27038]: warning: /etc/postfix/main.cf, line 100: overriding earlier entry: smtp_tls_security_level=may
Jan 11 20:45:24 odin postfix/cleanup[27037]: B6327532988A: message-id=<[email protected]>
Jan 11 20:45:24 odin postfix/smtpd[27028]: disconnect from mail-lj1-f176.google.com[209.85.208.176] ehlo=1 starttls=0/1 commands=1/2
Jan 11 20:45:24 odin postfix/qmgr[19587]: B6327532988A: from=<[email protected]>, size=906, nrcpt=1 (queue active)
Jan 11 20:45:24 odin postfix/smtp[27039]: warning: /etc/postfix/main.cf, line 100: overriding earlier entry: smtp_tls_security_level=may
Jan 11 20:45:24 odin postfix/postscreen[27025]: CONNECT from [192.168.0.1]:38360 to [192.168.0.201]:25
Jan 11 20:45:24 odin postfix/postscreen[27025]: PASS OLD [192.168.0.1]:38360
Jan 11 20:45:24 odin postfix/smtpd[27028]: connect from _gateway[192.168.0.1]
Jan 11 20:45:24 odin postfix/smtp[27039]: warning: host mail.bnjpro.dk[87.72.207.140]:25 greeted me with my own hostname bnjpro.dk
Jan 11 20:45:24 odin postfix/smtp[27039]: warning: host mail.bnjpro.dk[87.72.207.140]:25 replied to HELO/EHLO with my own hostname bnjpro.dk
Jan 11 20:45:24 odin postfix/bounce[27040]: warning: /etc/postfix/main.cf, line 100: overriding earlier entry: smtp_tls_security_level=may
Jan 11 20:45:24 odin postfix/smtp[27039]: B6327532988A: to=<[email protected]>, orig_to=<postmaster>, relay=mail.bnjpro.dk[87.72.207.140]:25, delay=0.14, delays=0.05/0.02/0.07/0, d$
Jan 11 20:45:24 odin postfix/bounce[27040]: warning: B6327532988A: undeliverable postmaster notification discarded
Jan 11 20:45:24 odin postfix/smtpd[27028]: disconnect from _gateway[192.168.0.1] ehlo=1 quit=1 commands=2
Jan 11 20:45:24 odin postfix/qmgr[19587]: B6327532988A: removed
Jan 11 20:46:12 odin postfix/postscreen[27025]: CONNECT from [193.3.69.4]:30549 to [192.168.0.201]:25
Jan 11 20:46:12 odin postfix/postscreen[27025]: PASS OLD [193.3.69.4]:30549
Jan 11 20:46:12 odin postfix/smtpd[27028]: connect from mailgw1.post.dk[193.3.69.4]
Jan 11 20:46:12 odin postfix/smtpd[27028]: NOQUEUE: reject: RCPT from mailgw1.post.dk[193.3.69.4]: 450 4.7.1 <EXEDGA521.postdk.net>: Helo command rejected: Host not found; from=<noreply@po$
Jan 11 20:46:12 odin postfix/cleanup[27037]: C1AC2532988A: message-id=<[email protected]>
Jan 11 20:46:12 odin postfix/smtpd[27028]: disconnect from mailgw1.post.dk[193.3.69.4] ehlo=1 starttls=0/1 mail=1 rcpt=0/1 quit=1 commands=3/5
Jan 11 20:46:12 odin postfix/qmgr[19587]: C1AC2532988A: from=<[email protected]>, size=1084, nrcpt=1 (queue active)
Jan 11 20:46:12 odin postfix/postscreen[27025]: CONNECT from [192.168.0.1]:38364 to [192.168.0.201]:25
Jan 11 20:46:12 odin postfix/postscreen[27025]: PASS OLD [192.168.0.1]:38364
Jan 11 20:46:13 odin postfix/smtpd[27028]: connect from _gateway[192.168.0.1]
Jan 11 20:46:13 odin postfix/smtp[27039]: warning: host mail.bnjpro.dk[87.72.207.140]:25 greeted me with my own hostname bnjpro.dk
Jan 11 20:46:13 odin postfix/smtp[27039]: warning: host mail.bnjpro.dk[87.72.207.140]:25 replied to HELO/EHLO with my own hostname bnjpro.dk
Jan 11 20:46:13 odin postfix/smtp[27039]: C1AC2532988A: to=<[email protected]>, orig_to=<postmaster>, relay=mail.bnjpro.dk[87.72.207.140]:25, delay=1, delays=0.04/0/0.99/0, dsn=5.4$
Jan 11 20:46:13 odin postfix/smtpd[27028]: disconnect from _gateway[192.168.0.1] ehlo=1 quit=1 commands=2
Jan 11 20:46:13 odin postfix/bounce[27040]: warning: C1AC2532988A: undeliverable postmaster notification discarded
Jan 11 20:46:13 odin postfix/qmgr[19587]: C1AC2532988A: removed

 

@Jesse Norell
To the story belongs an explanation. To me it looks like something is pointing to a bss_file.c, which I have never touched or changed circumstances about. The only things I have tampered with is trying to disable SSL completely and tls1.0 and tls 1.1 and furthermore tryed to delete some ciphers that has been deemed unsecure. I am simply just trying to make my email-server harder to misuse, and add prober encryption.

 

Did you make notes when you did the changes, so you could undo them now? Do you use version control for the configuration files to see what has changed and get old version back?

 

@Taleman. No offcause not. As I started to write, I'm a clown.
There is to long between each time I play with the settings that I do not remember to do the common sense things. I should offcause have made a bavkup of the main.cf before I played with it, and the dovecot.conf as well.
I have another server, but without an active mailserver, but it is installed, only without clients. So it is as virgin as can be. I have looked into that and made my main.cf back to the same as that one, but it hasn't helped.
But if I do a tail -1000 /usr/mail/neumann (my account is [email protected]), it seems that if I send from another mailaddress (my work mail) the mail is received in that file, but I can't connect properly with outlook to the server (allthough it says it is connected to the imap server, the mail is not showing up in outlook, and the sending part in outlook, says that the encryption I'm using is not supported on the server).
So can it be problems with partly wrong encryption that outlook is not supporting, and partly some internal transfer between postfix and dovecot?

 

My signature has link to e-mail tutorial, that has some info on troubleshooting e-mail server. Those may help.

 

@Taleman
Well I didn't really get something from that.

But I wondered, it is only 1 or 2 weeks ago I upgraded from ispconfig 3.2.0 to 3.2.1, and in that regard I allways say yes to making a backup. So shouldn't it be possible to roll back and downgrade to 3.2.0, see if it works as it did before, and the try again, but remembering to make notes on every little change I do?

And after that do an upgrade again (this time to ispc 3.2.2).

 

Update...

-Recovered the old setup of postfix, but that did not do it - at first.
-Most of the errors disappeared though, so I knew I was on the right track. And I could receive normally in roundcube.
-Recovered Dovecot (because I knew I had also played around with that).
-I got it working with Thunderbird, except sending still had som issues.
But along the road I found out that my pointer to the certificate and the key from Let'sEncrypt was not right.
Changed them both in postfix and dovecot. And now I'm back to where I started.

So for now I'm happy, but will try stuff again later on.

Thanks all