Hello Courier users! Up to now I was not aware that Qualys' SSL test could be used on other ports than 443. Here is how.
1) You spin up an hourly billed VPS (like UpCloud) Probably your 443 port is already used for production websites. 2) Enable IP forwarding echo 1 > cat /proc/sys/net/ipv4/ip_forward 3) Route all tcp/443 traffic to your Courier installation iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination ${COURIER_IP}:465 iptables -t nat -A POSTROUTING -p tcp --dst ${COURIER_IP} --dport 465 -j SNAT --to-source ${TEMPORARY_VPS_IP} pre-4) Add an exception in Fail2ban for ${TEMPORARY_VPS_IP} 4) Enter the VPS' reverse host name https://www.ssllabs.com/ssltest/ Of course there will be a CN mismatch but all the rest of Qualys' fine report will show you all the details. All the best! SZÉPE Viktor https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md -- +36-20-4242498 s...@szepe.net skype: szepe.viktor Budapest, III. kerület ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users