1

Topic: rookie linux'er and rookie iRedMail'er - need help with SMTP and SSL

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.2
- Linux/BSD distribution name and version: UBUNTU 14.0.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MYSQL
- Web server (Apache or Nginx): APACHE
- Manage mail accounts with iRedAdmin-Pro?  NO
- Related log if you're reporting an issue:
====

LOCAL NETWORK ONLY - the mail server only allows users on this mail server to send to other users on this mail server. no external email.

Fresh server. Fresh install. super smooth. I've done the install a few times actually to get used to the commands and the work arounds.  I ran back through the dpkg reconfigure postfix command and made the installation a LOCAL ONLY... did that break it?  not sure.

Challenge: 

I am trying to get the OUTLOOOK client to connect to the mail server.  IMAP connects up just fine.  SMTP does not.  cannot send.  after browsing the forums I found the MASTER.CF file and its settings and found down at the bottom a few settings that may be causing me issues for the OUTLOOK users.  the options I have changed and am looking at are:

-o mynetworks=192.168.0.0/24 127.0.0.0/8        I added my local subnet because the users are on the same subnet.

-o mynetworks_style=host            does this mean that only the host can send to itself?

-o smtp_tls_security_level=none         I have tried this both at ENCRYPT and NONE but the outlook client still fails to send.
-o smtpd_tls_security_level=none        same as above.

smtp client restrictions=permitmysubnets, reject

smtpd sender restrictions= <blank>  and I have tried permitmysubnets here...  no love....


I'm hoping it's something very simple, but being a novice, I'm struggling through it. 

Can anyone point me in the right direction?

local devices need to be able to access email and send email from their outlook clients.  Is it a port issue?  or am I missing something else?

thanks so much.

Joey

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 (edited by joeya 2015-10-01 03:31:07)

Re: rookie linux'er and rookie iRedMail'er - need help with SMTP and SSL

OOH

•Specify "mynetworks_style = subnet" when Postfix should "trust" remote SMTP clients in the same IP subnetworks as the local machine. On Linux, this works correctly only with interfaces specified with the "ifconfig" command.

that may be my answer.  time is all...   maybe...

nope. 

Any help would be greatly appreciated.

3

Re: rookie linux'er and rookie iRedMail'er - need help with SMTP and SSL

so I ran sudo dpkg-reconfigure postfix and changed it to a regular network smtp server... rebooted...  check the config, tested outbound and it seemed to try to send... which is bad... I don't want to create a list of all bad domains... so then I dpkg reconfigure again, setting it back to to local only, and then see what changes were made...

inet-interfaces: loopback-only is now set....  interesting...

setting default_transport: error
setting relay_transport: error

4

Re: rookie linux'er and rookie iRedMail'er - need help with SMTP and SSL

I'm afraid that you did it wrong.

The simplest solution is blocking SMTP/IMAP/POP3 access with iptables from external network, just allow your local networks. There's nothing to change in Postfix or other configuration files.

5

Re: rookie linux'er and rookie iRedMail'er - need help with SMTP and SSL

something I will need to learn then.  Thank you!

6

Re: rookie linux'er and rookie iRedMail'er - need help with SMTP and SSL

so I decided after completely breaking the server to rebuild it again.  (many times actually) and I decided to dpkg-reconfigure postfix, make it a completely LOCAL ONLY server, since my needs are to keep all email traffic INTERNAL... and then just played with the connection settings on the clients.  Turns out, OUTLOOK was able to connect to the mail server in that configuration, so I made all those changes for naught.  but learned some things along the way.

all fixed.