STARTTLS is the SMTP command to connect to email servers securely over TLS (formerly SSL). Use with an email server tag like [postfix], [exchange], etc.
Questions tagged [starttls]
106 questions
1
vote
1 answer
Trying to make submission (587) work - Exchange 2016
I'm trying to allow the authenticated relay (Client Frontend connector) to process requests from LAN and internet, but I'm struggling so far.
First, I have linked this connector to my SSL wildcard certificate (so far so good, openssl starttls on 587…
![](../../users/profiles/473108.webp)
Nemesis
- 31
- 3
1
vote
1 answer
Mail server: Does /etc/mailname have to match SSL certificate CN?
I set up a web and email server on a VPS that uses apache2 with multiple virtual hosts and postfix, dovecot, and roundcube for the email server. I am getting an authentication failure when trying to send mail using roundcube, and I am thinking it…
![](../../users/profiles/466965.webp)
Dan
- 51
- 1
- 9
1
vote
1 answer
postfix tls not reading or finding key
I've been having issues sending mail to my server, and there are indications of TLS errors (mostly from the maillog).
What I've tried:
Ensuring that postfix / dovecot can read the certificates (made new group "certs") and tested (see below for…
user353390
1
vote
0 answers
Postfix TLS Roundcube problems
im writing this because i have a problem when i try to test SMTP with Roundcube. Before i had no problem with Postfix ou Dovecot.
It seems like it's a TLS problem :
SMTP Test
When i look in my log file i have this :
log file
Contrariwise the IMAP…
![](../../users/profiles/397628.webp)
Maxime.c
- 11
- 1
- 3
1
vote
2 answers
Exim client not issuing STARTTLS when connecting to smarthost
I have a Debian8 server running exim4 that sends outgoing mail by smarthost through NameCheap's mail.privateemail.com smtp server - or at least it use to. After a recent update, the server no longer accepts connections on port 25. I've reconfigured…
![](../../users/profiles/160557.webp)
ecellingsworth
- 101
- 2
- 4
1
vote
1 answer
Thunderbird STARTTLS fails connecting to Cyrus-IMAP 2.2.13
Today all of a sudden my Icedove mail clients (38.7.0) ceased working using STARTTLS after I renewed the server certificate. Plain text IMAP works fine.
The server logs STARTTLS negotiation failed for each TLS connection attempt. Analyzing the…
![](../../users/profiles/195823.webp)
Lars Hanke
- 281
- 2
- 15
1
vote
0 answers
Postfix with Dovecot Disconnects after STARTTLS on Port 25
I am having a lot of trouble setting up the Postfix to do STARTTLS. It seems that I could successfully send outgoing mail using Thunderbird. However, I can't seem to get the Postman SMTP for Wordpress to work with STARTTLS and PLAIN AUTH.
I…
![](../../users/profiles/267552.webp)
cs378
- 123
- 1
- 1
- 7
1
vote
1 answer
Enabling STARTTLS for all on Postfix with Zarafa
I ran into a problem which I just cannot solve with just googling it - I need some expert help.
My company runs it's own mailserver (postfix with zarafa groupware). We're an insurance company so we often receive mails with personal information which…
user333222
1
vote
0 answers
Are there issues in whitelabling a SMTP server (not mine) with an A record that doesn't match 200 helo?
I know that a CNAME and a MX record can't exist on the same host. In this scenario I'm using A records to manage SMTP for 350 DNS domains.
companyA.com MX myAlias.whitelabel.com
companyb.com MX myAlias.whitelabel.com
companyc.com MX …
![](../../users/profiles/51457.webp)
makerofthings7
- 8,821
- 28
- 115
- 196
1
vote
1 answer
Drop non-TLS connection on EXIM
How to restrict access to EXIM to clients with STARTTLS? I want to be able to drop non-TLS connections.
Current setup:
tls_on_connect_ports = 465
tls_advertise_hosts = *
tls_certificate = /some/file/name
tls_privatekey = /some/file/name
![](../../users/profiles/297596.webp)
Tru64Gurus
- 11
- 2
1
vote
1 answer
Verify TLS encryped communication when querying LDAP server?
I have a web application (not hosted on windows) that authenticates users by querying an LDAP server (a windows domain controller). The app is configured to use STARTTLS to encrypt communication with the LDAP server. I would like to verify that this…
![](../../users/profiles/279582.webp)
derp
- 11
- 1
1
vote
1 answer
How can I explicitly force SendMail to not use SSLv3 for STARTTLS connections?
SendMail 8.14.x
With SSLv3 being sunset (to put it lightly), I'd like to ensure that my SendMail servers aren't using it when establishing STARTTLS connections. Is there a way I can force SendMail to NOT use SSLv3?
![](../../users/profiles/21875.webp)
Mike B
- 11,570
- 42
- 106
- 165
1
vote
1 answer
postfix cannot communicate with target server via TLS/SSL
I am able to connect my postfix server with TLS. All things are set up. But when i send a message with this secure connection, target server (for example gmail) receive my message without TLS/SSL secure connection.
If i use another server which has…
![](../../users/profiles/131740.webp)
xangr
- 144
- 4
1
vote
3 answers
Exim after Thunderbird update: "Could not negotiate a supported cipher suite"
Recently, after I installed updates on my Kubuntu 14.04. system and a new version of thunderbird was installed, I could not send emails any more. It prompts:
Sending of message failed. The message could not be sent because the
connection to SMTP…
![](../../users/profiles/106009.webp)
yankee
- 177
- 2
- 6
1
vote
0 answers
Postfix - SASLAuthentication Problems Cram-MD5 with StartTLS
Recently I configured my mail server which uses Postfix and Courier. Everything works except for the authentication when sending mail via my Postfix server(running on port 587) which has StartTLS enabled and uses SASLAuthentication with virtual…
![](../../users/profiles/180880.webp)
Martin
- 111
- 1