Re: [qmailtoaster] ssl/tls for iphones and mac
I tested this and you cannot send w/o authenticating. Works perfectly. No need to put REQUIRE_AUTH Eric On 4/11/2017 11:41 AM, Rajesh M wrote: hi we recently purchased wildcard ssl for our mailserver and updated our servercert.pem file with rsa key and the certificates (domain certs and the chain) *.myhostname.com problem installing the ssl, iphones and macbooks are giving message that : certificate cannot be verified. found out that iphones and mac use ssl/tls only and not starttls. i configured slsl/tls using the following steps http://wiki.qmailtoaster.com/index.php/SSL 1) Stop qmail: # service qmail stop 2) Create the supervise directories for smtps # mkdir -p /var/qmail/supervise/smtp-ssl/supervise /var/qmail/supervise/smtp-ssl/log/supervise" 3) Create a file named /var/qmail/supervise/smtp-ssl/run containing: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SMTPD="/var/qmail/bin/qmail-smtpd" TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" export SMTPS=1 exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 465 \ $SMTPD $VCHKPW /bin/true 2>&1 4) Create a file named /var/qmail/supervise/smtp-ssl/log/run containing: #!/bin/sh LOGSIZE=`cat /var/qmail/control/logsize` LOGCOUNT=`cat /var/qmail/control/logcount` exec /usr/bin/setuidgid qmaill /usr/bin/multilog \ t s$LOGSIZE n$LOGCOUNT /var/log/qmail/smtp-ssl 2>&1 5) Execute the following commands: # chmod +x /var/qmail/supervise/smtp-ssl/run /var/qmail/supervise/smtp-ssl/log/run # chown -R qmaill:qmail /var/qmail/supervise/smtp-ssl 6) Start qmail: # service qmail start 7) Open port tcp/465 in firewall if necessary. 8) Configure the client to use smtp-ssl via port 465. now my worry is that i need to provide for smtp authentication also for outgoing messages i tried adding export REQUIRE_AUTH=1 after export SMTPS=1, in the run file but it does not work. help required please thanks rajesh - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] ssl/tls for iphones and mac
Hi! certificate install with all chain... if install without chain the mobile device dont work fine. Thx. 2017-04-11 14:41 GMT-03:00 Rajesh M <24x7ser...@24x7server.net>: > hi > > we recently purchased wildcard ssl for our mailserver and updated our > servercert.pem file with rsa key and the certificates (domain certs and the > chain) > > *.myhostname.com > > problem installing the ssl, iphones and macbooks are giving message that : > certificate cannot be verified. > > found out that iphones and mac use ssl/tls only and not starttls. > > i configured slsl/tls using the following steps > > http://wiki.qmailtoaster.com/index.php/SSL > > 1) Stop qmail: > # service qmail stop > 2) Create the supervise directories for smtps > # mkdir -p /var/qmail/supervise/smtp-ssl/supervise > /var/qmail/supervise/smtp-ssl/log/supervise" > 3) Create a file named /var/qmail/supervise/smtp-ssl/run containing: > #!/bin/sh > QMAILDUID=`id -u vpopmail` > NOFILESGID=`id -g vpopmail` > MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` > SMTPD="/var/qmail/bin/qmail-smtpd" > TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" > HOSTNAME=`hostname` > VCHKPW="/home/vpopmail/bin/vchkpw" > export SMTPS=1 > exec /usr/bin/softlimit -m 1200 \ > /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ > -u "$QMAILDUID" -g "$NOFILESGID" 0 465 \ > $SMTPD $VCHKPW /bin/true 2>&1 > > 4) Create a file named /var/qmail/supervise/smtp-ssl/log/run containing: > #!/bin/sh > LOGSIZE=`cat /var/qmail/control/logsize` > LOGCOUNT=`cat /var/qmail/control/logcount` > exec /usr/bin/setuidgid qmaill /usr/bin/multilog \ > t s$LOGSIZE n$LOGCOUNT /var/log/qmail/smtp-ssl 2>&1 > > 5) Execute the following commands: > # chmod +x /var/qmail/supervise/smtp-ssl/run > /var/qmail/supervise/smtp-ssl/log/run > # chown -R qmaill:qmail /var/qmail/supervise/smtp-ssl > 6) Start qmail: > # service qmail start > 7) Open port tcp/465 in firewall if necessary. > 8) Configure the client to use smtp-ssl via port 465. > > > now my worry is that i need to provide for smtp authentication also for > outgoing messages > > i tried adding export REQUIRE_AUTH=1 after export SMTPS=1, in the run file > but it does not work. > > help required please > > thanks > rajesh > > > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >
[qmailtoaster] ssl/tls for iphones and mac
hi we recently purchased wildcard ssl for our mailserver and updated our servercert.pem file with rsa key and the certificates (domain certs and the chain) *.myhostname.com problem installing the ssl, iphones and macbooks are giving message that : certificate cannot be verified. found out that iphones and mac use ssl/tls only and not starttls. i configured slsl/tls using the following steps http://wiki.qmailtoaster.com/index.php/SSL 1) Stop qmail: # service qmail stop 2) Create the supervise directories for smtps # mkdir -p /var/qmail/supervise/smtp-ssl/supervise /var/qmail/supervise/smtp-ssl/log/supervise" 3) Create a file named /var/qmail/supervise/smtp-ssl/run containing: #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SMTPD="/var/qmail/bin/qmail-smtpd" TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" export SMTPS=1 exec /usr/bin/softlimit -m 1200 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 465 \ $SMTPD $VCHKPW /bin/true 2>&1 4) Create a file named /var/qmail/supervise/smtp-ssl/log/run containing: #!/bin/sh LOGSIZE=`cat /var/qmail/control/logsize` LOGCOUNT=`cat /var/qmail/control/logcount` exec /usr/bin/setuidgid qmaill /usr/bin/multilog \ t s$LOGSIZE n$LOGCOUNT /var/log/qmail/smtp-ssl 2>&1 5) Execute the following commands: # chmod +x /var/qmail/supervise/smtp-ssl/run /var/qmail/supervise/smtp-ssl/log/run # chown -R qmaill:qmail /var/qmail/supervise/smtp-ssl 6) Start qmail: # service qmail start 7) Open port tcp/465 in firewall if necessary. 8) Configure the client to use smtp-ssl via port 465. now my worry is that i need to provide for smtp authentication also for outgoing messages i tried adding export REQUIRE_AUTH=1 after export SMTPS=1, in the run file but it does not work. help required please thanks rajesh - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com