Re: problem connecting from Outlook Android

Matus UHLAR - fantomas Fri, 02 Apr 2021 05:02:15 -0700

On 01.04.21 21:58, DEPRÉ Gaëtan - NGServers.com wrote:

Default for tls_wrappermode is 'no'. I changed the values.


I hope you only changed value of tls_wrappermode for smtps/465.

...and I hope you learned to read docs anr proposed configs instead of blindly
configuring something to master.cf ;-)

Bad to have to enable 465 port just for using outlook mobile. I could change, 
but customers won't, and they would complain...


I use to enable port 465 for years. It was longly supported by many MSPs,
e.g. google.

Outlook up to 2003 only supported STARTTLS on 25 and implicit TLS on other
ports. I haven't try mobile outlook.

even with submission/587 with STARTTLS available, some considered 465 better
choice, since it's impossible to go without SSL negotiation.

And since RFC 8314, port 465 is documented standard.

Thx again for your daily help, Viktor and everyone in this ML 😊

-----Message d'origine-----
De : owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> De la 
part de Viktor Dukhovni
Envoyé : jeudi 1 avril 2021 21:25
À : postfix-users@postfix.org
Objet : Re: problem connecting from Outlook Android

On Thu, Apr 01, 2021 at 08:31:59PM +0200, DEPRÉ Gaëtan - NGServers.com wrote:

You're right, Viktor.

See below :

smtp       inet  n       -       y       -       1       postscreen
    -o smtpd_sasl_auth_enable=no
smtpd      pass  -       -       y       -       -       smtpd
dnsblog    unix  -       -       y       -       0       dnsblog
tlsproxy   unix  -       -       y       -       0       tlsproxy
smtps      inet  n       -       y       -       -       smtpd


Well there's your problem.  You have neglected to enable TLS wrapper mode for 
the port 465 service, so it is still a STARTTLS service, but this time without 
all the settings appropriate for submission...

The stock master.cf file from postfix.org has:

   #smtps     inet  n       -       n       -       -       smtpd
   #  -o syslog_name=postfix/smtps
   #  -o smtpd_tls_wrappermode=yes
   #  -o smtpd_sasl_auth_enable=yes
   #  -o smtpd_reject_unlisted_recipient=no
   #  -o smtpd_client_restrictions=$mua_client_restrictions
   #  -o smtpd_helo_restrictions=$mua_helo_restrictions
   #  -o smtpd_sender_restrictions=$mua_sender_restrictions
   #  -o smtpd_recipient_restrictions=
   #  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
   #  -o milter_macro_daemon_name=ORIGINATING


--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)

Re: problem connecting from Outlook Android

Reply via email to