Hello, I have ispc3.2 with ubuntu 20.04. I set up perfect server tuto and add roundcube following ubuntu 18.04 tuto and ispc plugin tuto My mail works well with thunderbird. I receive well. I send message through port 465 (SSL) w/o problem. But I face difficulty with roundcube. I receive messages but it refuses send message on 465, only 25 works. in /etc/roundcube/config.inc.php Only "$config['smtp_port'] = 25;" works... I try : netstat -ntap | grep 465 it gives " tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 164933/master tcp6 0 0 :::465 :::* LISTEN 164933/master Fyi : Full /etc/roundcube/config.inc.php $config = array(); include_once("/etc/roundcube/debian-db-roundcube.php"); $config['default_host'] = 'localhost'; $config['smtp_server'] = 'localhost'; $config['smtp_port'] = 465; $config['smtp_user'] = '%u'; $config['smtp_pass'] = '%p'; $config['support_url'] = ''; $config['product_name'] = 'Roundcube Webmail'; $config['des_key'] = 'xxxxxx-removedxxxxx'; $config['plugins'] = array( ); $config['skin'] = 'elastic'; $rcmail_config['plugins'] = array("jqueryui", "ispconfig3_account", "ispconfig3_autoreply", "ispconfig3_autoselect", "ispconfig3_pass", "ispcon> " (ispc plugins in roundcube work well
I tried with $config['smtp_port'] = 465; and w/o No success ! Now I am back to port 25 and it doesn't work : "smtp error 451 : temporary look up" I tested my MX. there are ok. I am trying to set up a ptr DNS and looking at what should I put in name and canonical name. May be this is this that bring problem ?
I review mail logs. It seems to be mailman. I had a concern when setting it, I removed. apt remove --purge mailman rm -fr /var/lib/mailman/ but now it is asking me /var/lib/mailman/data/aliases which is missing It seems I have mail somewhere in a queue but don't know how to repair !
I am back with a fresh reinstall to avoid any other configuration concerns. I try $config['smtp_server'] = 'ssl://localhost/'; $config['smtp_port'] = 465; when sending in roundcube, answers 'SMTP -1 : connection to server error' idem with $config['smtp_server'] = 'STARTTLS://localhost/'; ## STARTTLS from an original idea of mine ;-) ! $config['smtp_port'] = 587; only $config['smtp_server'] = 'localhost'; $config['smtp_port'] = 25; works...
i don't think you can use 'localhost' on ports 465 or 587. put the actual server FQDN ( or whatever FQDN you used for the cert ) there. it's trying to match the requested address to the name on the certificate, localhost is never going to be included in the certificate.
Is this a multiserver setup? Does it make sense to try to use certificate on a localhost connection? I have set up Roundcube on ISPConfig following the Perfect Server guide and it just works.
Yess men !! Giant, it works with $config['smtp_server'] = 'ssl://ns1.domain.tld/'; $config['smtp_port'] = 465; as I have multiversers, it make all sense like that ! Thanks so much
If roundcube is on the same servers as the mailserver, use localhost, without ssl:// in front of it, and port 25. If it is a external server, I would use tls:// with port 587.
Just some comments that might clarify for others finding this thread, any time you're using port 465 you need use ssl (ie. prefix your smtp_server setting with ssl://), and any time you use 587, you need to use tls. When you use ssl/tls, if you have a certificate name mismatch (like connecting to 'localhost' which is not a name in the server's certificate), you will have to either change hostnames or configure roundcube to ignore the mismatch, which is done via the smtp_conn_options config setting: Code: // SMTP socket context options // See http://php.net/manual/en/context.ssl.php // The example below enables server certificate validation, and // requires 'smtp_timeout' to be non zero. // $config['smtp_conn_options'] = array( // 'ssl' => array( // 'verify_peer' => true, // 'verify_depth' => 3, // 'cafile' => '/etc/openssl/certs/ca.crt', // ), // ); // Note: These can be also specified as an array of options indexed by hostname $config['smtp_conn_options'] = null; Sending on localhost port 25 is efficient in that it doesn't require any cpu for ssl, but generally is preferred to use the submission ports 465/587, which allows different configuration for port 25 (eg. more spam controls, although there isn't very much different currently in a default setup) and better filtering of networks.