Thank you very much for your help. Rally appreciated that
On Thu, Jul 12, 2018 at 1:17 AM, Larry Rosenman <larry...@gmail.com> wrote: > Read the docs.... > > Or, as I said earlier, get a (free) letsencrypt certificate. > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 E-Mail: larry...@gmail.com > US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 > > On 7/11/18, 6:16 PM, "Teno Deuter" <gvg...@googlemail.com> wrote: > > this is the result: > > 250-8BITMIME > 250-ENHANCEDSTATUSCODES > 250-SIZE 209715200 > 250-DSN > 250-STARTTLS > 250 HELP > > can I tell smtpd to to accept AUTH without encryption? > > > On Thu, Jul 12, 2018 at 1:07 AM, Larry Rosenman <larry...@gmail.com> > wrote: > > If you telnet to port 25, do an EHLO host, does the response include > AUTH? If not, opensmtpd is not offering AUTH over unencrypted port 25 > connections. > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 214-642-9640 E-Mail: larry...@gmail.com > > US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 > > > > On 7/11/18, 6:05 PM, "Teno Deuter" <gvg...@googlemail.com> wrote: > > > > now in roundcube config I have the following: > > > > $config['default_host'] = 'my static IP'; > > $config['smtp_server'] = 'my static IP'; > > $config['smtp_port'] = 25; > > > > but I get the following: > > > > SMTP server does not support authentication () > > SMTP Error: Authentication failure: SMTP server does not support > > authentication (Code: ) > > > > > > > > On Thu, Jul 12, 2018 at 1:02 AM, Larry Rosenman > <larry...@gmail.com> wrote: > > > Yes. > > > > > > -- > > > Larry Rosenman http://www.lerctr.org/~ler > > > Phone: +1 214-642-9640 E-Mail: larry...@gmail.com > > > US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 > > > > > > On 7/11/18, 6:02 PM, "Teno Deuter" <gvg...@googlemail.com> wrote: > > > > > > you mean to turn off TLS in roundcube config file? > > > > > > On Thu, Jul 12, 2018 at 12:51 AM, Larry Rosenman > <larry...@gmail.com> wrote: > > > > Turn off TLS for webmail. It's not leaving the machine. > > > > > > > > Or get a letsencrypt.org cert. (they are free) see acme.sh > (https://github.com/Neilpang/acme.sh) > > > > > > > > > > > > -- > > > > Larry Rosenman > http://www.lerctr.org/~ler > > > > Phone: +1 214-642-9640 E-Mail: > larry...@gmail.com > > > > US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 > > > > > > > > On 7/11/18, 5:48 PM, "Teno Deuter" <gvg...@googlemail.com> > wrote: > > > > > > > > which means I can't use a self-signed cert at all? Or > can I define > > > > this somewhere? > > > > > > > > On Thu, Jul 12, 2018 at 12:46 AM, Larry Rosenman > <larry...@gmail.com> wrote: > > > > > yep > > > > > > > > > > -- > > > > > Larry Rosenman > http://www.lerctr.org/~ler > > > > > Phone: +1 214-642-9640 E-Mail: > larry...@gmail.com > > > > > US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 > > > > > > > > > > On 7/11/18, 5:46 PM, "Teno Deuter" > <gvg...@googlemail.com> wrote: > > > > > > > > > > the maillog shows: > > > > > > > > > > reason="io-error: error:14037418:SSL > routines:ACCEPT_SR_KEY_EXCH:tlsv1 > > > > > alert unknown ca" > > > > > > > > > > please note that I'm using a self-signed cert. Is > that the reason? > > > > > > > > > > On Thu, Jul 12, 2018 at 12:42 AM, Larry Rosenman > <larry...@gmail.com> wrote: > > > > > > Then you need to look at the opensmtpd logs to > figure out why the starttls is failing. > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > Larry Rosenman > http://www.lerctr.org/~ler > > > > > > Phone: +1 214-642-9640 E-Mail: > larry...@gmail.com > > > > > > US Mail: 5708 Sabbia Drive, Round Rock, TX > 78665-2106 > > > > > > > > > > > > On 7/11/18, 5:42 PM, "Teno Deuter" > <gvg...@googlemail.com> wrote: > > > > > > > > > > > > actually I did define the staic IP address > already and now I get the > > > > > > following in the roundcube error log: > > > > > > > > > > > > STARTTLS failed () > > > > > > Invalid response code received from server > (-1) > > > > > > Failed to write to socket: unknown error () > > > > > > SMTP Error: Authentication failure: > STARTTLS failed (Code: ) > > > > > > > > > > > > > > > > > > > > > > > > On Thu, Jul 12, 2018 at 12:40 AM, Larry > Rosenman <larry...@gmail.com> wrote: > > > > > > > Yes, or, add another block of lines with > lo (or lo0) depending on what your kernel uses for loopback in place of the > $egress_int parameter to get it to listen on 127.0.0.1 as well. > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > Larry Rosenman > http://www.lerctr.org/~ler > > > > > > > Phone: +1 214-642-9640 > E-Mail: larry...@gmail.com > > > > > > > US Mail: 5708 Sabbia Drive, Round Rock, > TX 78665-2106 > > > > > > > > > > > > > > On 7/11/18, 5:38 PM, "Teno Deuter" > <gvg...@googlemail.com> wrote: > > > > > > > > > > > > > > shows the static IP address of the > box. You mean to put that address > > > > > > > in the config file? > > > > > > > > > > > > > > On Thu, Jul 12, 2018 at 12:36 AM, > Larry Rosenman <larry...@gmail.com> wrote: > > > > > > > > What does ifconfig nfe0 show for > inet? > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > Larry Rosenman > http://www.lerctr.org/~ler > > > > > > > > Phone: +1 214-642-9640 > E-Mail: larry...@gmail.com > > > > > > > > US Mail: 5708 Sabbia Drive, Round > Rock, TX 78665-2106 > > > > > > > > > > > > > > > > On 7/11/18, 5:35 PM, "Teno Deuter" > <gvg...@googlemail.com> wrote: > > > > > > > > > > > > > > > > but: > > > > > > > > > > > > > > > > egress_int="nfe0" > > > > > > > > > > > > > > > > you mean to put this value? > > > > > > > > > > > > > > > > On Thu, Jul 12, 2018 at 12:30 > AM, Larry Rosenman <larry...@gmail.com> wrote: > > > > > > > > > $egress_int is NOT 127.0.0.1. > > > > > > > > > > > > > > > > > > Change roundcube to use the > same address. > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > Larry Rosenman > http://www.lerctr.org/~ler > > > > > > > > > Phone: +1 214-642-9640 > E-Mail: larry...@gmail.com > > > > > > > > > US Mail: 5708 Sabbia Drive, > Round Rock, TX 78665-2106 > > > > > > > > > > > > > > > > > > On 7/11/18, 5:26 PM, "Teno > Deuter" <gvg...@googlemail.com> wrote: > > > > > > > > > > > > > > > > > > this is what I have now > in my smptd conf file: > > > > > > > > > > > > > > > > > > listen on $egress_int pki > server.pki tls-require hostname [domain] > > > > > > > > > listen on $egress_int pki > server.pki port 587 tls-require auth hostname [domain] > > > > > > > > > listen on $egress_int pki > server.pki smtps auth hostname [domain] > > > > > > > > > > > > > > > > > > but the problem is still > there :( > > > > > > > > > > > > > > > > > > On Thu, Jul 12, 2018 at > 12:04 AM, Larry Rosenman <larry...@gmail.com> wrote: > > > > > > > > > > --- > > > > > > > > > > /etc/smtpd/smtpd.conf > > > > > > > > > > pki mx.domain.tld > certificate "/etc/smtpd/tls/smtpd.crt" > > > > > > > > > > pki mx.domain.tld key > "/etc/smtpd/tls/smtpd.key" > > > > > > > > > > > > > > > > > > > > table creds > "/etc/smtpd/creds" > > > > > > > > > > table vdoms > "/etc/smtpd/vdoms" > > > > > > > > > > table vusers > "/etc/smtpd/vusers" > > > > > > > > > > > > > > > > > > > > listen on eth0 tls pki > mx.domain.tld > > > > > > > > > > listen on eth0 port 587 > tls-require pki mx.domain.tld auth <creds> > > > > > > > > > > > > > > > > > > > > accept from any for > domain <vdoms> virtual <vusers> deliver to mbox > > > > > > > > > > accept for any relay > > > > > > > > > > ---- > > > > > > > > > > Add a: > > > > > > > > > > listen on lo port 587 > tls-require pki mx.domain.tld auth <creds> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > Larry Rosenman > http://www.lerctr.org/~ler > > > > > > > > > > Phone: +1 214-642-9640 > E-Mail: larry...@gmail.com > > > > > > > > > > US Mail: 5708 Sabbia > Drive, Round Rock, TX 78665-2106 > > > > > > > > > > > > > > > > > > > > On 7/11/18, 5:00 PM, > "dovecot on behalf of Teno Deuter" <dovecot-boun...@dovecot.org on behalf of > gvg...@googlemail.com> wrote: > > > > > > > > > > > > > > > > > > > > produces an empty > result! > > > > > > > > > > > > > > > > > > > > On Wed, Jul 11, > 2018 at 11:57 PM, Richard > > > > > > > > > > > <inbound-dove...@listmail.innovate.net> wrote: > > > > > > > > > > > what does the > output of: > > > > > > > > > > > > > > > > > > > > > > netstat -n | > grep :587 > > > > > > > > > > > > > > > > > > > > > > run as root, show > you? the -p will give the program and pid. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Date: Wednesday, > July 11, 2018 21:51:09 +0000 > > > > > > > > > > >> From: Larry > Rosenman <larry...@gmail.com> > > > > > > > > > > >> > > > > > > > > > > >> Yep, you > (probably) need to configure openSMTPD to listen on 587 > > > > > > > > > > >> > > > > > > > > > > >> (I run exim, so > I can't help with that). > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >