Hi Matus
Well, I was asked about mysql, so I posted it.I didn't know the 587 required
authentication, I've tried activating authentication on the client, and then it
works perfectly.So now it's just a question of getting port 25 to show starttls
:-)I added it to main.cf
main.cf:myhostname = bounce
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
smtpd_tls_cert_file = /etc/pki/tls/certs/domain.combined.pem
smtpd_tls_key_file = /etc/pki/tls/private/domain.key
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,
reject_unauth_destination
mynetworks = 127.0.0.0/8
virtual_transport = lmtp:unix:private/dovecot-lmtp
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
Den 14:07 onsdag den 22. november 2017 skrev Matus UHLAR - fantomas
<uh...@fantomas.sk>:
On 22.11.17 07:33, K F wrote:
>Thankyou all for helping me out, and giving me ideas on what to look at.
>
>The argument
>smtpd_tls_security_level = may
if you have working TLS on port 587, but not on port 25, while the same
postfix listens on those, there's apparently a problem
where did you put it? Into the main.cf ?
>didn't help according to openssl
>openssl s_client -connect bounce:25 -starttls smtp
>Loading 'screen' into random state - done
>CONNECTED(00000244)
>didn't found starttls in server response, try anyway...
>write:errno=10053
>
>Can the mysql queries really be affected by using or not using ssl? I don't
> understand how, if the connecting SMTP is not using authentication?
why do you bother with MySQL when your problem lies elsewhere?
Or did you miss something when you asked for TLS?
1. TLS on port 25 did not work, because you did not enable it.
2. recipient got rejected on 587, because port 587 requires authentication.
Neither of those is related to MySQL.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Boost your system's speed by 500% - DEL C:\WINDOWS\*.*
