I guess I should start by pointing out one important bit of information. I have unchecked the "Enabled" checkbox for "ESMTP over TLS" under "Inbound ESMTP" in webadmin.
I confess to being unfamiliar with the webadmin tool, and exactly what that is disabling. Did you restart courier after making that change?
The addcr command gives me the following output:> 220 mail.skoroworld.com ESMTP
[EMAIL PROTECTED] root]# addcr | TLS_VERIFYPEER=NONE couriertls -host=localhost -port=25 -protocol=smtp
STARTTLS 220 Ok
That would indicate that the STARTTLS command works if you don't verify the certificate, but doesn't indicate whether the CN matches. In my experience, clients disconnect in two situations most often: when the CN doesn't match the hostname used to connect, and when the cert is not signed by a recognised authority.
The suggested openssl command gives me the following output:
[EMAIL PROTECTED] root]# openssl s_client -connect mail.skoroworld.com:465
-CApath /usr/lib/courier/share/rootcerts connect: Connection refused connect:errno=29
465 probably wasn't the best port to use as an example. I run SMTPS, but you don't seem to. Try one of the SSL ports you have open, probably 993 or 995.
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
