[Eisfair] [E1 b:2.8.25 K: 5.10.70-eisfair-1-SMP] Problem Mail -> TLS/SSL Zertifikate

Martin Faderbauer martin at fmit.at
Mi Nov 10 22:38:48 CET 2021 

hallo Marcus
  ich haber ene Errormeldung die helfen könnte
> 2021-11-10 22:32:31 TLS error on connection from mail.fmit.at [80.123.215.154] (SSL_accept (TLSv1.3)): error:1408F10B:SSL routines:ssl3_get_record:wrong version number 

die ist auf
> /var/install/bin/certs-request-cert --replace --simulate --certdetails imap mail.bbit.at 993
gekommen

Am 10.11.2021 um 22:26 schrieb Martin Faderbauer:
> 
> 
> Am 10.11.2021 um 22:20 schrieb Martin Faderbauer:
>>
>>
>> Am 10.11.2021 um 22:12 schrieb Martin Faderbauer:
>>> Hallo Marcus
>>>
>>>>
>>>> Bitte post die entsprechenden Abschnitte der Mail-Konfiguration.
>>>
>>>
> 
>> #------------------------------------------------------------------------------ 
>>
>> # pop3/imap: general settings
>> #------------------------------------------------------------------------------ 
>>
>>
>> START_POP3='no'                        # start POP3 server: yes or no
>> START_IMAP='yes'                       # start IMAP server: yes or no
>> POP3IMAP_MAILBOX_FORMAT='mbx'          # mailbox format: mbx, mbox, 
>> maildir
>> POP3IMAP_TRANSPORT='both'              # transport to use: default, 
>> tls or both
>> POP3IMAP_TLS_CERT_NAME='mail.bbit.at'
>> POP3IMAP_IDENT_CALLBACKS='no'          # enable ident callbacks: yes 
>> or no
>>
>> #------------------------------------------------------------------------------ 
>>
>> # pop3/imap: mail users and optional passwords
>> #------------------------------------------------------------------------------ 
>>
> 
> 
> 
> 
>>>> #-------------------------------------
>>> > das müsste der Teil vom Posteingang sein unverschlüsselt über Port 143
>>> funktioniert es aber nicht verschlüsselt über Port993 obwohl das 
>>> dass, das gleiche Zertifikat ist.
>>> die sSMTP config lauft ja
>>>
> 
>> #------------------------------------------------------------------------------ 
>>
>> # smtp: general settings
>> #------------------------------------------------------------------------------ 
>>
>>
>> START_SMTP='yes'                       # start SMTP server: yes or no
>> SMTP_QUALIFY_DOMAIN='bbit.at'          # domain to be added to all 
>> unqualified
>>                                        # addresses
>> SMTP_HOSTNAME='mail.bbit.at'           # canonical hostname of eisfair 
>> server
>> SMTP_QUEUE_INTERVAL='15'               # queueing interval in minutes, 
>> usually 30
>> SMTP_QUEUE_OUTBOUND_MAIL='yes'         # set to yes if you are using a 
>> dialup ISP
>>                                        # and you want to queue 
>> outbound mail until
>>                                        # next queue run which must be 
>> initiated
>>                                        # manually or cron-job
>> SMTP_QUEUE_ACCEPT_PER_CONNECTION='30'  # msg number to accept in one 
>> smtp session
>> SMTP_LISTEN_PORT='smtp'                # port(s) on which Exim is 
>> listening for
>>                                        # inbound traffic, default is 
>> 'smtp' and
>>                                        # 'submission'
>> SMTP_MAIL_TO_UNKNOWN_USERS='forward'   # how to handle mail to unknown 
>> mail users:
>>                                        # bounce, copy or forward
>>                                        # default is 'bounce'
>> SMTP_ALLOW_EXIM_FILTERS='yes'          # allow exim filters in 
>> .forward file: yes or no
>> SMTP_CHECK_RECIPIENTS='50'             # check that not more than the 
>> given number of
>>                                        # recipients per mail are 
>> addressed at once.
>>                                        # Default is being set to 100
>> SMTP_CHECK_SPOOL_SPACE=''              # check if enough disk space 
>> for spool directory
>>                                        # is available. Default is 
>> being set to 10Mb
>> SMTP_CHECK_SPOOL_INODES=''             # check if enough inodes for 
>> spool directory
>>                                        # are available. Default is 
>> being set to 100
>> SMTP_LIMIT='50M'                       # mail size limit. Default is 
>> being set to 50Mb
>> SMTP_REMOVE_RECEIPT_REQUEST='no'       # remove external receipt 
>> request: yes or no
>> SMTP_SERVER_TRANSPORT='both'           # transport to use: default, 
>> tls or both
>> SMTP_IDENT_CALLBACKS='no'              # enable ident callbacks: yes 
>> or no
>> SMTP_SERVER_TLS_ADVERTISE_HOSTS='*bbit.at'
>>                                        # advertise STARTLS to these 
>> hosts, to disable
>>                                        # this feature set to '' 
>> (required for tls!)
>> SMTP_SERVER_TLS_VERIFY_HOSTS=''        # verify tls certs of these 
>> hosts, to diasble
>>                                        # this feature set to ''
>> SMTP_SERVER_TLS_TRY_VERIFY_HOSTS=''    # try to verify tls certs of 
>> these hosts, to
>>                                        # disable this feature set to ''
>> SMTP_SERVER_SSMTP='yes'                # start SSMTP server: yes or no
>> SMTP_SERVER_SSMTP_LISTEN_PORT=''       # port on which Exim is 
>> listening for
>>                                        # inbound traffic, default is 
>> 'ssmtp'
>>
>> #------------------------------------------------------------------------------ 
>>
>> # smtp: local domains
>> #------------------------------------------------------------------------------ 
>>
> 
> 
> 
>>>
>>>> Beschreibe, wie du in welchem Client den Postausgangsserver 
>>>> konfiguriert
>>>> hast.
>>>
>>> im Tunderbird ist der Postausgang mit
>>>
>>> server: mail.bbit.at
>>> port: 465
>>> TLS/SSL
>>> verschlüsseltes Passwort
>>> <Username> <Passwort>
>>>
>>> der Posteingang:
>>>
>>> server: mail.bbit.at
>>> port: 993
>>> TLS/SSL
>>> verschlüsseltes Passwort
>>> <Username> <Passwort>
>>>
>>>>
>>>> Ein Zugriff über Port 465 auf deinen Mailserver überträgt das 
>>>> Zertifikat.
>>>>
>>> das das erklärt warum das versenden über SSL Port465 funktioniert
>>> und nur IMAP über Port993 nicht Funktioniert

Mehr Informationen über die Mailingliste Eisfair