ISPConfig Buster

Discussion in 'Installation/Configuration' started by Chrys, Sep 10, 2019.

Page 2 of 2
  1. till

    till Super Moderator Staff Member ISPConfig Developer

    Then you did not follow the perfect server tutorial closely as it's described there how to enable port 587 in the postfix install chapter. IMAPS is always enabled too. Please post the /etc/postfix/master.cf file so we can see which parts of the install instructions you left out.

    And regarding LE certs for ISPConfig, follow this guide which configures the cert trough ISPConfig for all services incl. mail: https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/
     
    till, Sep 26, 2019
    #21
    ahrasis likes this.
  2. Chrys

    Chrys Member

    # ==========================================================================
    # service type private unpriv chroot wakeup maxproc command + args
    # (yes) (yes) (no) (never) (100)
    # ==========================================================================
    smtp inet n - y - - smtpd
    #smtp inet n - y - 1 postscreen
    #smtpd pass - - y - - smtpd
    #dnsblog unix - - y - 0 dnsblog
    #tlsproxy unix - - y - 0 tlsproxy
    #submission inet n - y - - smtpd
    -o syslog_name=postfix/submission
    -o smtpd_tls_security_level=encrypt
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject# -o smtpd_tls_auth_only=yes
    # -o smtpd_reject_unlisted_recipient=no
    # -o smtpd_client_restrictions=$mua_client_restrictions
    # -o smtpd_helo_restrictions=$mua_helo_restrictions
    # -o smtpd_sender_restrictions=$mua_sender_restrictions
    # -o smtpd_recipient_restrictions=
    # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    smtps inet n - y - - smtpd
    -o syslog_name=postfix/smtps
    -o smtpd_tls_wrappermode=yes
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    # -o smtpd_reject_unlisted_recipient=no
    # -o smtpd_client_restrictions=$mua_client_restrictions
    # -o smtpd_helo_restrictions=$mua_helo_restrictions
    # -o smtpd_sender_restrictions=$mua_sender_restrictions
    # -o smtpd_recipient_restrictions=
    # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    #628 inet n - y - - qmqpd
    pickup unix n - y 60 1 pickup
     
    Chrys, Sep 26, 2019
    #22
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    You missed removing the # in front of the submission line.

    submission inet n - y - - smtpd

    Then you added a # in this line:

    -o smtpd_client_restrictions=permit_sasl_authenticated,reject# -o smtpd_tls_auth_only=yes

    which should not be there, remove the # from within that line.

    Then restart postfix.
     
    till, Sep 26, 2019
    #23
    ahrasis likes this.
  4. Chrys

    Chrys Member

    thanks for spotting my errors. I now get access through ports 993 and 587. Will try my lack with certbot but how does one make public my "hostname -f" to allow certbot to acknowledge it?
     
    Chrys, Sep 26, 2019
    #24
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    hostname -f command must return your full server name, this name must exist in DNS and it must be accessible from outside (the internet). If your czurrent hostname i not correct, then correct it in /etc/hosts, /etc/hostname, /etc/mailname and reboot the server before you proceed with requesting an LE cert.
     
    till, Sep 26, 2019
    #25
  6. Chrys

    Chrys Member

    thanks, I will try this out ! great help
     
    Chrys, Sep 26, 2019
    #26
Page 2 of 2

Share This Page