Highest Voted 'starttls' Questions - Server Fault Stack Exchange

4

votes

0 answers

How can I explicitly disable TLS when sending to one specific recipient?

I have a SendMail 8.14 server deployed in the middle of an SMTP workflow (Outbound mail looks like Exchange -> SendMail -> Appliance -> Internet) I have TLS configured for the first three hosts. This works fine for the most part but I need to…

asked Nov 22 '14 at 00:36

Mike B

11,570
42
106
165

3

votes

3 answers

Client did not present a certificate (Postfix)

I have postfix SMTP relay which have been configured with TLS option. Now just realized when sending email to gmail (for example) using Microsoft outlook,found out this "Client did not present a certificate" on the recipient's mail header Received:…

centos ssl postfix starttls

asked May 05 '18 at 15:25

David A

107
3
10

3

votes

1 answer

Sendmail process crashes as soon as STARTTLS is received

I just upgraded my server from FreeBSD 10.3 to 11.1. It's now running Sendmail 8.15.2 and OpenSSL 1.0.2k-freebsd 26 Jan 2017. Since the upgrade, sending mail to my server is failing. I cranked up the log level to show all incoming and outgoing…

freebsd sendmail openssl starttls

asked Mar 08 '18 at 17:14

FKEinternet

291
2
4
10

3

votes

1 answer

Postfix TLS encryption: smtp_* vs smptd_*

I am really confused about the postfix TLS settings. There are in each case settings for private keys and public keys. smtpd_tls_cert_file = smtpd_tls_key_file = smtpd_* And smtp_tls_cert_file = smtp_tls_key_file = smtp_* What is their…

ssl postfix starttls

asked Mar 13 '17 at 20:28

cytopia

177
1
12

3

votes

2 answers

Configure OpenLDAP using GnuTLS with TLS=required

We have an openldap server and don't want to allow unencrypted communication, so acceptable is either tls over port 389 (starttls) or ssl over 636 (ldaps). As we use slapd.conf for configuration, olcSecurity isn't an option. TLSCipherSuite seems to…

ldap openldap starttls gnutls

asked Mar 03 '17 at 11:53

blockbax

33
1
5

3

votes

0 answers

Postfix STARTTLS works in LAN but not externally

if I connect in LAN on port 25 to my mail server, it offers STARTTLS telnet mailserver.com 25 Trying 192.168.0.x... Connected to mailserver.com Escape character is '^]'. 220 mailserver.com ESMTP Postfix ehlo…

postfix smtp centos7 starttls

asked Jan 14 '16 at 20:44

Florian

59
1
5

3

votes

1 answer

How to disable SSLv3 in Postfix 2.11?

I just noticed (by some online check tools) that my mailserver may allow SSLv3 and updated my configuration. My current config in Postfix 2.11.2: # inbound smtpd_tls_security_level = may smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 #…

ssl postfix openssl tls starttls

asked Feb 19 '15 at 12:08

burnersk

1,966
4
25
38

3

votes

2 answers

How do I log tls-encrypted smtp traffic?

I'd like to know what my local postfix says to the Amazon SES smtpd after the STARTTLS. In plain text, so I can understand it. Amazon SES requires TLS, so I can't temporarily turn it off. I currently log both legs of the traffic with this…

ssl smtp tls netcat starttls

asked Aug 21 '12 at 20:34

Johannes Ernst

1,037
4
16
26

2

votes

1 answer

CentOS OpenLDAP STARTTLS wierdness

I am having a very strange problem configuring my CentOS OpenLDAP for STARTTLS. Here's what's going on. I have a bunch os scripts that I use to configure my system. I do this to document a machine's setup and to ensure that I set it up the same way…

centos openldap starttls

asked May 07 '19 at 21:31

Mister Rose

21
1

2

votes

1 answer

Do any reputable mail servers require STARTTLS encryption for SMTP delivery?

Are there any large, reputable MTAs (like gmail, hotmail, icloud, etc) that will bounce mail or otherwise fail to deliver if the receiving MTA doesn't support STARTTLS? Put another way, will reputable MTAs generally retry delivery without TLS if an…

ssl smtp starttls smtps

asked Nov 24 '18 at 21:31

ATLief

299
2
12

2

votes

1 answer

Postfix STARTTLS encryption before authentication

I'm trying my best to configure Postfix with STARTTLS using port 25. Now the problem is STARTTLS is not working on port 25. 250-VRFY 250-ETRN 250-XXXXXXXA 250-AUTH PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH LOGIN 334…

postfix centos7 starttls

asked Apr 29 '18 at 10:05

David A

107
3
10

2

votes

1 answer

Disabling SSLv2 in Courier IMAP

I'm attempting to disable SSLv2 support (amongst other things) in Courier on Linux. In /etc/courier/imapd-ssl I have: TLS_CIPHER_LIST="HIGH:!MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:!ADH:@STRENGTH:!3DES" TLS_PROTOCOL=TLS1 TLS_STARTTLS_PROTOCOL=TLS1 This…

ssl imap courier starttls courier-imap

asked Apr 18 '17 at 21:20

Ian480

21
4

2

votes

1 answer

ssmtp settings for namecheap: Invalid response SMTP Server (STARTTLS)

I am trying to configure ssmtp to use the namecheap smtp server to send emails. My current…

linux smtp starttls ssmtp namecheap

asked Jun 17 '16 at 18:20

Sgoettschkes

189
1
1
9

2

votes

2 answers

How to force STARTTLS in Exim?

I am learning to set up a mailserver. I got it working with postfix, now trying the same configuration with Exim. How can I force a client to take up only STARTTLS connection for SMTP outgoing connection? I followed the instructions in this…

exim starttls

asked May 31 '16 at 20:39

Elan

123
1
4

2

votes

1 answer

Properly Configure Postfix to be secure (SASL + TLS)

I've followed online tutorials online to setup my mail server with SASL and TLS, and amavis. It all seems to works - except i can send mails even if i don't authenticate first - which is not good. I want users to: be required to use TLS when…

postfix saslauthd starttls

asked Mar 29 '16 at 09:52

537mfb

167
1
11

Questions tagged [starttls]