DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall
On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users < users@lists.djigzo.com> wrote: > There is certainly way to do it with Tomcat but I can’t really help with > that, I’m not that familiar with it. I can tell you that Apache is a much > more advanced http server with a lot more functionality than Tomcat. Tomcat > is primarily designed to serve Java Servlets and JSPs. > > My method is simpler I believe because it does not require you changing > the configuration of Tomcat and ciphermail. You simply put Apache in front > of it with the mod_proxy_ajp module which communicates with Tomcat using > the default config. > > Of course, it’s all up to you how you want to proceed. > > From: Paul Bronson [mailto:signaldevelo...@gmail.com] > Sent: Monday, June 26, 2017 6:48 PM > To: Dino Edwards <dino.edwa...@mydirectmail.net> > Subject: Re: [Djigzo users] Servers wont talk to me! > > I dont NEED to use apache, is there a way to do it with tomcat? > > On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: > The following settings in main.cf<http://main.cf> should get you started > for TLS: > > # TLS parameters > smtpd_tls_cert_file = /etc/ssl/certs/cert.cer > smtpd_tls_key_file = /etc/ssl/certs/key.key > smtpd_tls_CAfile = /etc/ssl/certs/root.cer > #smtpd_use_tls=yes > smtpd_tls_security_level = may > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache > smtpd_tls_loglevel = 1 > > I misspoke earlier. It’s been so long since I did this. Ciphermail comes > bundled with Tomcat and it runs on port 8888 if I’m not mistaking. So, if > you want to utilize Apache instead, you have to install mod_proxy_ajp > module in Apache and setup an apache config like below: > > ProxyPass /djigzo http://localhost:8888/djigzo > ProxyPassReverse /djigzo http://localhost:8888/djigzo > ProxyPass /web http://localhost:8888/web > ProxyPassReverse /web http://localhost:8888/web > ProxyTimeout 3600 > > > Changing the port has to be done within apache. So, if you want to use > 443, you must of course install mod_ssl on apache, as well as certificate. > I have a complete Apache config file if you want, let me know and I’ll post > the relevant parts. > > > From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto: > signaldevelo...@gmail.com>] > Sent: Monday, June 26, 2017 2:42 PM > To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwards@ > mydirectmail.net>> > Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> > Subject: Re: [Djigzo users] Servers wont talk to me! > > Okay I will try that. I am also noticing that mxtoolbox states this server > isn't configured for TLS? I do not see any settings under interface for > this. Is this set on postfix main.cf<http://main.cf><http://main.cf> file > manually? > > Also if I wanted to remove the port or change the port to a default 443 do > I need to do this within apache, or does the GUI do the config itself? > > On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: > I’m guessing sendmail got installed by accident or as part of something > else. Not sure. I would either uninstall sendmail or change its port number > if it’s absolutely necessary, although it doesn’t seem like that’s the case. > > Since the Web GUI runs on a different port, you can set whatever hostname > you want in ciphermail as long as that hostname is resolvable by the > outside world and as long as the back-end webserver (apache I assume) is > configured to answer on that port. So, if you want the web portal to be > https://webportal.domain.tld:8443/ in ciphermail under settings --> portal > > è Base URL you set it as follows: > > https://webportal.domain.tld:8443/web/portal/ > > > > From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto: > signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto: > signaldevelo...@gmail.com>>] > Sent: Monday, June 26, 2017 2:13 PM > To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwards@ > mydirectmail.net><mailto:dino.edwa...@mydirectmail.net<mailto: > dino.edwa...@mydirectmail.net>>> > Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com>> > Subject: Re: [Djigzo users] Servers wont talk to me! > > Hi Dino, > > Wonder why sendmail keeps trying to start then.. Odd. > > I'd really like to set the web portal to a different address versus the > HELO name I meant, sorry. > > Paul > > On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com>><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists. > djigzo.com<mailto:users@lists.djigzo.com>>>> wrote: > You don't need both. One or the other, although Postfix is recommended. > > Different site, meaning different server? > > -----Original Message----- > From: Users [mailto:users-boun...@lists.djigzo.com<mailto:users- > boun...@lists.djigzo.com><mailto:users-boun...@lists.djigzo.com<mailto: > users-boun...@lists.djigzo.com>><mailto:users-boun...@lists.djigzo.com > <mailto:users-boun...@lists.djigzo.com><mailto:users-bounces@lists. > djigzo.com<mailto:users-boun...@lists.djigzo.com>>>] On Behalf Of Paul > Bronson via Users > Sent: Monday, June 26, 2017 1:57 PM > To: Martijn Brinkers <mart...@ciphermail.com<mailto:mart...@ciphermail.com > ><mailto:mart...@ciphermail.com<mailto:mart...@ciphermail.com>><mailto: > mart...@ciphermail.com<mailto:mart...@ciphermail.com><mailto:martijn@ > ciphermail.com<mailto:mart...@ciphermail.com>>>> > Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com>><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists. > djigzo.com<mailto:users@lists.djigzo.com>>> > Subject: Re: [Djigzo users] Servers wont talk to me! > > IP Is not blacklisted, reverse DNS has been setup also. > > For some reason sendmail and postfix are using the same port? Do I need > both? > > I would also like to set the web portal to a different site versus the > hostname. > On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com>><mailto: > users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists. > djigzo.com<mailto:users@lists.djigzo.com>>>> wrote: > > > On 06/22/2017 10:32 PM, Paul Bronson via Users wrote: > > > Okay here is what I have.. Still not sure what's wrong. > > > > > > http://imgur.com/a/k0ysM > > > http://imgur.com/a/QuyaO > > > http://imgur.com/a/9pNyl > > > > > > I have the IP listed in my networks. > > > > > > So my setup goes like this: > > > > > > Incoming email >> firewall >> email server > > > > > > Cipher mail is not used for incoming, but my outgoing setup is: > > > > > > Outgoing email >> email server >> ciphermail server >> firewall >> > > internet > > > > > > For some reason I think something is getting clogged up on CM > > > server. I have the email server (postfix) setup with a relayhost, so > > > it will > > forward > > > all mails to the ciphermail server. The "locality" setting on my > > > server > > is > > > "external" - does this matter? It's behind our firewall and should > > > only > > be > > > sending mail off from our internal mail server. > > > > > > I had it on in the morning and the others told me they are getting a > > > lot > > of > > > bouncebacks. I have a feeling this is because of the SFP records but > > > I > > want > > > to make sure the server is setup properly. > > > > > > The OTP you helped me with works now also, thank you! > > > > > > Everything is inherited from global also. > > > > Once the email has been handled by the back-end (MPA), the email is > > handed over to the MTA (Postfix). The MTA is responsible for > > delivering the email. If the email is not delivered you should check > > the MTA logs to see why. There can be a number of reasons why the > > recipients mail server won't accept email: your IP address might be > > dynamic (i.e., some consumer type ISP), there is no IP reverse name > > for your IP address, the reverse IP name is not the same as the SMTP > > helo name. your IP might be black-listed. > > > > Solving this does not involve making changes in the CipherMail global > > settings. The only change in CipherMail that influences delivery is > > the MTA helo name. > > > > Could you sent some MTA logs showing which mails were not delivered? > > > > What is the IP address the CipherMail gateway is using? > > > > Kind regards, > > > > Martijn Brinkers > > > > > > -- > > CipherMail email encryption > > > > Email encryption with support for S/MIME, OpenPGP, PDF encryption and > > secure webmail pull. > > > > https://www.ciphermail.com > > > > Twitter: http://twitter.com/CipherMail > > _______________________________________________ > > Users mailing list > > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com><mailto: > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com>><mailto: > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com><mailto:Users@lists. > djigzo.com<mailto:Users@lists.djigzo.com>>> > > https://lists.djigzo.com/lists/listinfo/users > > > _______________________________________________ > Users mailing list > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com><mailto: > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com>><mailto: > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com><mailto:Users@lists. > djigzo.com<mailto:Users@lists.djigzo.com>>> > https://lists.djigzo.com/lists/listinfo/users > _______________________________________________ > Users mailing list > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com><mailto: > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com>><mailto: > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com><mailto:Users@lists. > djigzo.com<mailto:Users@lists.djigzo.com>>> > https://lists.djigzo.com/lists/listinfo/users > > _______________________________________________ > Users mailing list > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com><mailto: > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com>> > https://lists.djigzo.com/lists/listinfo/users > > _______________________________________________ > Users mailing list > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com> > https://lists.djigzo.com/lists/listinfo/users > > _______________________________________________ > Users mailing list > Users@lists.djigzo.com > https://lists.djigzo.com/lists/listinfo/users > _______________________________________________ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
