Dear all, I am setting up postfix in my OmniOS/illumos installation (at home, I am an enthusiast an no expert admin) and I encountered the issue I will describe. I tried for more than two evenings but I had no success at all, so I ask here and I hope you will be able to help.
I have a domain with OVH and they allow (according to http://help.ovh.co.uk/EmailSmtpPop3Imap ) only SMTPS or SSL/TLS (I copy and paste from OVH): • SSL/TLS: you can activate a coding tunnel between your email software and our SMTP server (port 25), • SMTPS: you can create a coding SSL tunnel directly to any connection (port 465), • Our SMTP servers always try to force the connections in SSL/TLS (port 25). If I use ssl0.ovh.net:25, I get a timeout. If I use port 587, I get "(TLS is required, but was not offered by host ssl0.ovh.net[213.186.33.20])", so I opted for SMTPS. However, Postfix cannot do SMTPS on port 465, so I installed stunnel and I set it to connect to ssl0.ovh.net:465. I did it on my OS X 10.8 and it worked, I can send mail from command line. As reference, I used the config suggested in postifx help: [smtp-tls-wrapper] accept = localhost:11125 client = yes connect = ssl0.ovh.net:465 ;delay = yes I replicated both main.cf and stunnel.conf on OmniOS and it doesn't work! However, I ask in this mailing list because postfix is an extra package not part of the base OmniOS distro. If you tell me everything seems ok, I will ask them. The error I get from postfix is the following, taken from the output of "mailq": (connect to 127.0.0.1[127.0.0.1]:11125: Connection refused) Well, I tried "telnet 127.0.0.1 465" from a SSH prompt and I was able to connect to the remote mail server, so stunnel is working and listening. So what should I do now? This is the output of "postconf -n": command_directory = /usr/local/sbin config_directory = /etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = /usr/local/html/postfix inet_protocols = ipv4 mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man mydestination = $myhostname, localhost.$mydomain, localhost mydomain = rijswijk.marzocchi.net myhostname = OmniOS-Xeon.rijswijk.marzocchi.net mynetworks_style = host myorigin = $mydomain newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no relayhost = [127.0.0.1]:11125 sample_directory = /etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = postfix smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_use_tls = no smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL unknown_local_recipient_reject_code = 550 Needless to say, when I did the test on port 25 and 587 of the remote SMTP server, I had different options: relayhost=ssl0.ovh.net:25 (or 587) smtp_use_tls=yes smtp_tls_security_level=encrypt In case it can be useful, I add another bit of information: I tried to use remote port 587 and no encryption (since it said TLS is not available…) but in mailq I got: (local data error while talking to ssl0.ovh.net[213.186.33.20]) Any help will be very welcome, I don't even know where to look for solutions. Google didn't help either and I did my number of searches. Of course, if you see a configuration mistake that prevents me from using directly SSL/TLS on the remote Regards, Olaf Marzocchi
