Hi, I can't get my mail out with thunderbird. It tells me I am using a self-signed certificate, but what can I do? Do I need create a cert or download ssl key pub from ispConfig configuration ? I think I have everything configured on the server side and ispConfig > ssl and Roundcube is ok! It sends and receives with Gmail without errors. I let Thunderbird self-configure and it gives me as information : Code: imap : mail.democrasite.com ; STARTTLS smtp : mail.democrasite.com ; STARTTLS I find it a pity that there is no HowTo for configuring at least one Opensource mail client like Thunderbird, in conjunction with the ispConfig Perfect Server tutorials.
What is local mail client? Me too, so I wrote it. https://www.howtoforge.com/how-to-i...-ispconfig-on-debian-10/#connect-email-client I have answered you multiple times previously, and each time the link to that tutorial has been in my signature.
I followed it, but still blocked on outgoing mails. Long negociations between ThunderBird and the server and… No ! So, I try to comme back to Perfect Server guide Buster/Apache, and see config steps and I see somme little differences between what is is the guide and what I have in my "/etc/postfix/master.cf" In the guide : Code: submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject in mine, I have ; submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_tls_auth_only=yes and second part of guide : Code: smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject in mine : Code: smtps inet n - y - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject so, I see this line doesn't exist in the guide : Code: # -o smtpd_tls_auth_only=yes" still commented in mine file… and I'm not sure about these lines too : submission inet n - - - - smtpd (guide), I have ; "submission inet n - n - - smtpd " and in the second part ; guide : "smtps inet n - - - - smtpd", I have "smtps inet n - y - - smtpd" Thanks
1) Show exact error message from Thunderbird 2) Show exact message in /var/log/mail.log at the same time (you can view this in ISPC in "monitor -> mail log"
Tunderbird for [email protected] : Code: Sending the message has failed. The message could not be sent because the connection to the outgoing server (SMTP) "mail.democrasite.com" was lost during the transaction. Please try again. Thunderbird conf (auto-detection) : Code: IMAP : Server Name : mail.democrasite.com #port : 143 UserName : [email protected] Security connexion : STARTTLS Auth : Password SMTP : Description : mail.democrasite.com ServerName : srv-b/democrasite.com Port : 587 UserName : [email protected] AuthMethod : Normal password Security : SSL/TLS IspMailLog : Code: Oct 1 17:50:02 srv-b postfix/smtpd[13910]: connect from localhost[::1] Oct 1 17:50:02 srv-b postfix/smtpd[13910]: lost connection after CONNECT from localhost[::1] Oct 1 17:50:02 srv-b postfix/smtpd[13910]: disconnect from localhost[::1] commands=0/0 Oct 1 17:50:02 srv-b dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<aAFIpZ+w5qYAAAAAAAAAAAAAAAAAAAAB> Oct 1 17:50:02 srv-b dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<nQdIpZ+wtJsAAAAAAAAAAAAAAAAAAAAB> Oct 1 17:50:59 srv-b dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=::1, lip=::1, mpid=14294, secured, session=<7H2vqJ+wupsAAAAAAAAAAAAAAAAAAAAB> Oct 1 17:50:59 srv-b dovecot: imap([email protected])<14294><7H2vqJ+wupsAAAAAAAAAAAAAAAAAAAAB>: Logged out in=92 out=1091 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 Oct 1 17:51:29 srv-b postfix/smtpd[13910]: connect from unknown[45.142.120.89] Oct 1 17:51:31 srv-b postfix/smtpd[14325]: connect from unknown[45.142.120.89] Oct 1 17:51:32 srv-b postfix/smtpd[14327]: connect from unknown[193.169.254.105] Oct 1 17:51:33 srv-b postfix/smtpd[14328]: connect from unknown[45.142.120.89] Oct 1 17:51:34 srv-b postfix/smtpd[14327]: warning: unknown[193.169.254.105]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 17:51:34 srv-b postfix/smtpd[14327]: lost connection after AUTH from unknown[193.169.254.105] Oct 1 17:51:34 srv-b postfix/smtpd[14327]: disconnect from unknown[193.169.254.105] ehlo=1 auth=0/1 commands=1/2
It may work, but usually port 587 is to be used unencrypted or with StartTLS and port 465 for use with TLS/SSL. Your thunderbird is using port 587 with TLS/SSL. I am wondering how that can be the autoconfig (?). Try setting either: Protocol to StartTLS and port to 587 or Protocol to TLS/SSL and port to 465. Then try again.
No need to redo everything, just go to settings and change the port ,.. If it does not work, see if the logs show a different error
nope. After recreate thunderbird account, and change smtp port to 465, Thunderbird message : Code: Sending the message has failed. The certificate is not secure because it is self-signed. The configuration linked to mail.democrasite.com needs to be corrected. ThunderBird Auto detection : I change to 465 but not working. ScreenCaptures : https://i.postimg.cc/65xXGRDp/Capture-d-e-cran-2020-10-01-a-20-59-05.png https://i.postimg.cc/nhjht79K/Capture-d-e-cran-2020-10-01-a-21-10-54.png https://i.postimg.cc/L5Q2c6H0/Capture-d-e-cran-2020-10-01-a-21-11-11.png Logs : Code: Oct 1 19:02:25 srv-b postfix/anvil[1882]: statistics: max message rate 1/60s for (smtp:52.55.244.91) at Oct 1 18:56:49 Oct 1 19:02:25 srv-b postfix/anvil[1882]: statistics: max cache size 6 at Oct 1 18:57:42 Oct 1 19:02:55 srv-b postfix/smtps/smtpd[2996]: connect from lneuilly-657-1-64-178.w80-11.abo.wanadoo.fr[80.11.30.178] Oct 1 19:02:55 srv-b postfix/smtps/smtpd[2996]: SSL_accept error from lneuilly-657-1-64-178.w80-11.abo.wanadoo.fr[80.11.30.178]: -1 Oct 1 19:02:55 srv-b postfix/smtps/smtpd[2996]: warning: TLS library problem: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:../ssl/record/rec_layer_s3.c:1544:SSL alert number 42: Oct 1 19:02:55 srv-b postfix/smtps/smtpd[2996]: lost connection after CONNECT from lneuilly-657-1-64-178.w80-11.abo.wanadoo.fr[80.11.30.178] Oct 1 19:02:55 srv-b postfix/smtps/smtpd[2996]: disconnect from lneuilly-657-1-64-178.w80-11.abo.wanadoo.fr[80.11.30.178] commands=0/0 Oct 1 19:03:00 srv-b dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=::1, lip=::1, mpid=2999, secured, session=<+KkxqqCwsLUAAAAAAAAAAAAAAAAAAAAB> Oct 1 19:03:00 srv-b dovecot: imap([email protected])<2999><+KkxqqCwsLUAAAAAAAAAAAAAAAAAAAAB>: Logged out in=92 out=1083 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 Oct 1 19:03:06 srv-b postfix/smtpd[2131]: connect from unknown[141.98.10.136] Oct 1 19:03:08 srv-b postfix/smtpd[2131]: warning: unknown[141.98.10.136]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 19:03:08 srv-b postfix/smtpd[2131]: disconnect from unknown[141.98.10.136] ehlo=1 auth=0/1 quit=1 commands=2/3 Oct 1 19:03:22 srv-b postfix/smtpd[2131]: connect from unknown[45.142.120.89] Oct 1 19:03:25 srv-b postfix/smtpd[3027]: connect from unknown[45.142.120.89] Oct 1 19:03:27 srv-b postfix/smtpd[3032]: connect from unknown[45.142.120.89] Oct 1 19:03:29 srv-b postfix/smtpd[2131]: warning: unknown[45.142.120.89]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 19:03:29 srv-b postfix/smtpd[2131]: disconnect from unknown[45.142.120.89] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 1 19:03:29 srv-b postfix/smtpd[2131]: connect from unknown[45.142.120.89] Oct 1 19:03:31 srv-b postfix/smtpd[3039]: connect from unknown[45.142.120.89] Oct 1 19:03:33 srv-b postfix/smtpd[3027]: warning: unknown[45.142.120.89]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 19:03:33 srv-b postfix/smtpd[3027]: disconnect from unknown[45.142.120.89] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 1 19:03:33 srv-b postfix/smtpd[3027]: connect from unknown[45.142.120.89] Oct 1 19:03:35 srv-b postfix/smtpd[3040]: connect from unknown[45.142.120.89] Oct 1 19:03:37 srv-b postfix/smtpd[3032]: warning: unknown[45.142.120.89]: SASL LOGIN authentication failed: UGF
Well, that is something different. You should replace the self-signed certificate with a letsencrypt (or whatever) cert. For ISPC 3.1 you can use https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ Or you wait until ISPC 3.2 which can do that. Other method is to set thunderbird to trust your cert: https://manuals.gfi.com/en/kerio/co...-certificates-in-mozilla-thunderbird-950.html But there seems to be a bug currently: https://bugzilla.mozilla.org/show_bug.cgi?id=1665577
Ok; thanks, I will try that. In ispConfig I've create letsEncrypt for domain first and also check ssl in > System > Main Config > Mail > Use SSL/TLS encrypted connection for SMTP > SSL Not enough ?
Code: https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ I read it, but I think it's yet done : Code: lrwxrwxrwx 1 root root 48 Sep 29 01:32 smtpd.cert -> /usr/local/ispconfig/interface/ssl/ispserver.crt -rw-r--r-- 1 root root 2.2K Sep 16 14:01 smtpd.cert-200929013217.bak lrwxrwxrwx 1 root root 48 Sep 29 01:32 smtpd.key -> /usr/local/ispconfig/interface/ssl/ispserver.key -rw------- 1 root root 3.2K Sep 16 14:00 smtpd.key-200929013227.bak
résolu ! Je n'ai pas tout compris, mais après avoir recréer chaque mbox dans thunderbird par domain et en acceptant l'exception de sécurité à la première connexion par domain, ça fonctionne. J'ai également modifier le fichier host du serveur, je le trouvais bizarre, je ne sais pas si ça a aidé… Code: # 127.0.1.1 srv-b.democrasite.com.democrasite.com.democrasite.com # 127.0.0.1 localhost 127.0.0.1 srv-b.democrasite.com.democrasite.com srv-b.democrasite.com # 127.0.1.1 srv-b.democrasite.com.democrasite.com.democrasite.com srv-b.democrasite.com.democrasite.com ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters Thanks for your help.