Cool! I remember I did it like Eric described but the bottom line is it works either way. I do not offer 465 any longer :)
dal mio iPhone X > Il giorno 13 ago 2018, alle ore 20:25, Andrew Swartz <awswa...@acsalaska.net> > ha scritto: > > I eventually figured this out, and accomplished the same result though I > went about it slightly differently. It is now fully functional. Below > is the script which I created and accomplishes this in very few lines. > It copies the supervise/smtp directory to supervise/smtps and it then > edits a few values in two files files (plus editing the cipher list in > tcp.smtp). > > > qmailctl stop > cp -r /var/qmail/supervise/submission /var/qmail/supervise/smtps > chown -R qmaill:qmail /var/qmail/supervise/smtps > sed -i 's/REQUIRE_AUTH=1/REQUIRE_AUTH=1\nexport SMTPS=1/' > /var/qmail/supervise/smtps/run > sed -i 's/587/465/' /var/qmail/supervise/smtps/run > sed -i 's/submission/smtps/' /var/qmail/supervise/smtps/log/run > sed -i 's/DH:!LOW:!MEDIUM/ECDHE:DHE:ECDH:DH:AES:!SSLv2/' > /etc/tcprules.d/tcp.smtp > qmailctl cdb > qmailctl start > > > Thanks for confirming that I did it right, > Andy > > >> On 8/13/2018 7:06 PM, Eric Broch wrote: >> Stock CentOS 7 does not have SMTPS standard. You must create the >> supervise scripts. >> >> You could stop qmail >> >> # qmailctl stop >> >> and copy smtp supervise scripts to smtps (make sure qmail is stopped or >> else you'll have a mess): >> >> # cp -Rp /var/qmail/supervise/smtp /var/qmail/supervise/smtps >> >> Then change two files: >> >> /var/qmail/supervise/smtps/run >> >> <run> >> >> #!/bin/sh >> QMAILDUID=`id -u vpopmail` >> NOFILESGID=`id -g vpopmail` >> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` >> SMTPD="/var/qmail/bin/qmail-smtpd" >> TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" >> HOSTNAME=`hostname` >> VCHKPW="/home/vpopmail/bin/vchkpw" >> export SMTPS=1 >> >> exec /usr/bin/softlimit -m 128000000 \ >> /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ >> -u "$QMAILDUID" -g "$NOFILESGID" 0 465 \ >> $SMTPD $VCHKPW /bin/true 2>&1 >> >> </run> >> >> & >> >> /var/qmail/supervise/smtps/log/run >> >> <run> >> >> #!/bin/sh >> LOGSIZE=`cat /var/qmail/control/logsize` >> LOGCOUNT=`cat /var/qmail/control/logcount` >> exec /usr/bin/setuidgid qmaill /usr/bin/multilog \ >> t s$LOGSIZE n$LOGCOUNT /var/log/qmail/smtps 2>&1 >> >> </run> >> >> Start qmail (# qmailctl start) >> >> >>> On 8/11/2018 6:36 PM, Andrew Swartz wrote: >>> I just installed qmailtoaster onto CentOS-7. The qt_install script >>> opened port 465 on the firewall. However, s_client cannot connect to >>> port 465 and netstat shows that nothing is listening on port 465. >>> >>> Can anyone point me at appropriate instructions for setting up listening >>> on port 465 which are specific (or applicable) to qmailtoaster? I >>> searched wiki.qmailtoaster.com and found nothing. I did some general >>> googling and found several somewhat conflicting descriptions but I'm >>> unsure which apply to the configuration used in qmailtoaster. >>> >>> My interest is because 465 has been reinstated (in Jan 2018) as the >>> preferred submission port due to security problems with STARTTLS >>> (https://tools.ietf.org/html/rfc8314). >>> >>> Thanks, >>> -Andy >>> >>> >> > > -- > Andrew W. Swartz, MD > Departments of Emergency Medicine, Family Medicine, and Surgery > Yukon-Kuskokwim Delta Regional Hospital > Bethel, Alaska >
