On Mon, Nov 14, 2016 at 7:22 PM, Sebastian Nielsen <sebast...@sebbe.eu> wrote:
> You need to be more clear here. > > When you say Gmail account on port 587 I don’t entirely understand what > you are doing. Are you using Gmail as upstream smarthost? > 1. Open Gmail 2. Press gear icon and select "Settings" 3. Select "Accounts and import" 4. Hit "Add another address you own" 5. Uncheck "Treat as an alias" and continue through setting up an account inside Gmail that will allow you to authenticate and send mail through any SMTP server for which you are authorized. > This does not then have any bearing on what clients see or react to, as > your server acts as a proxy to Gmail. > I was stating this only to say that for web clients such as Gmail, it's quite happy sending mail through an SMTP server with an LE cert. > If the iOS mail client complains about certificate being untrusted, its > because the Let’s encrypt root is not imported or trusted, or that the > entire chain excluding the root certificate, is not sent. > As Viktor pointed out, I think the latter is what I should focus on. > Note that Let’s encrypt is a pretty new actor so if your iOS device is > old, it will always untrust. Try visiting a site that has Let’s encrypt > deployed. If you get cert errors, this is the case. > It's an iPhone 6. I hope that's not considered too old, yet. ;)
