I bought the cert and here is my config.
# Settings for 'stock' qmail-toaster auth_cache_ttl = 1 min auth_cache_negative_ttl = 1 min auth_cache_size = 100M #auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 auth_username_format = %Lu first_valid_uid = 89 first_valid_gid = 89 log_path = /var/log/dovecot.log login_greeting = domain server ready mail_plugins = $mail_plugins quota plugin/quota = maildir protocols = imap pop3 disable_plaintext_auth = yes ssl_cert = </var/qmail/control/domain.com.crt ssl_key = <//etc/ssl/certs/domain.key ssl_dh=</etc/dovecot/dh.pem # the following will likely be the default at some point ssl=yes > On Sep 2, 2021, at 4:37 PM, Eric Broch <ebr...@whitehorsetc.com> wrote: > > One server has a GoDaddy Certificate the other an auto renewing LetsEncrypt > Certificate. > > On 9/2/2021 8:29 AM, Eric Broch wrote: >> I have a 2 QMT 7 servers and they both work with >> dovecot-2.3.11.3-12.qt.el7.x86_64 >> >> >> >> On 9/2/2021 7:55 AM, Jeff Koch wrote: >>> Hi Eric: >>> >>> We'll try doing that but is this a problem with only our mailserver or all >>> QMT 7 mailservers? >>> >>> Jeff >>> >>> On 9/2/2021 9:44 AM, Eric Broch wrote: >>>> Next to the check when entering the settings there is a question mark >>>> circled to the left. Clicking that gives a menu with 'Collect Diagnostics' >>>> & 'Contact Support' >>>> >>>> On 9/2/2021 7:42 AM, Eric Broch wrote: >>>>> When the popup indicates a connection issue I push 'support' button and >>>>> error suggests a certificate issue. Two options appear at this point: >>>>> 'Talk to Agent' & 'OK'. If you 'talk to an agent' you can do more >>>>> advanced troublshooting like sending an Outlook error log file to them. >>>>> You might try this. >>>>> >>>>> Eric >>>>> >>>>> On 9/2/2021 7:11 AM, Jeff Koch wrote: >>>>>> I could be wrong but I think Outlook for Android must be very sensitive >>>>>> to the encryption ciphers being used and the SSL/TLS versions. We use >>>>>> Let's Encrypt certificates - I wonder if it's anything to do with that. >>>>>> >>>>>> Jeff >>>>>> >>>>>> On 9/2/2021 1:16 AM, Remo Mattei wrote: >>>>>>> I just found out to have the same issue from one of my client. >>>>>>> >>>>>>>> Il giorno 2 set 2021, alle ore 02:49, Eric Broch >>>>>>>> <ebr...@whitehorsetc.com> <mailto:ebr...@whitehorsetc.com> ha scritto: >>>>>>>> >>>>>>>> >>>>>>>> Try this script (replace with relevant user, password, & host) from >>>>>>>> the command line of the server. It will yield what version of TLS >>>>>>>> you're running. >>>>>>>> >>>>>>>> <script> >>>>>>>> >>>>>>>> #!/bin/bash >>>>>>>> >>>>>>>> function imapscript () { >>>>>>>> echo "a login $1 $2" >>>>>>>> echo 'a logout' >>>>>>>> sleep 1 >>>>>>>> echo 'quit' >>>>>>>> } >>>>>>>> >>>>>>>> user=some...@mydomain.com <mailto:user=some...@mydomain.com> >>>>>>>> pass=*********** >>>>>>>> host=mail.mydomain.com >>>>>>>> >>>>>>>> imapscript "$user" $pass | openssl s_client -crlf -connect $host:993 >>>>>>>> >>>>>>>> </script> >>>>>>>> >>>>>>>> On 9/1/2021 6:29 PM, Eric Broch wrote: >>>>>>>>> Does your web mail work? >>>>>>>>> On Sep 1, 2021, at 5:12 PM, Jeff Koch <jeffk...@intersessions.com >>>>>>>>> <mailto:jeffk...@intersessions.com>> wrote: >>>>>>>>> Neither IMAP or IMAPS will connect - Jeff >>>>>>>>> >>>>>>>>> On 9/1/2021 6:16 PM, Eric Broch wrote: >>>>>>>>>> What protocol, IMAP, IMAPS, SMTPS...? >>>>>>>>>> >>>>>>>>>> On 9/1/2021 2:36 PM, Jeff Koch wrote: >>>>>>>>>>> >>>>>>>>>>> We have a customer trying to connect to his qmail-toaster email >>>>>>>>>>> account using the MicroSoft Outlook app on an Android phone. He >>>>>>>>>>> keeps getting bounced off with the message 'can't connect to >>>>>>>>>>> server' or 'can't login'. I did some research on the MS forums and >>>>>>>>>>> apparently this Outlook app only connects with SSL (no STARTTLS) >>>>>>>>>>> and TLS 1.2 or higher. If the mailserver tries anything else first >>>>>>>>>>> the connection is dropped. >>>>>>>>>>> >>>>>>>>>>> Is there any known work-around or configuration adjustment needed >>>>>>>>>>> to get this Android Outlook app to work with the toaster. >>>>>>>>>>> >>>>>>>>>>> We're running qmail-1.03-2.2.qt.cdb.el7.x86_64.rpm >>>>>>>>>>> >>>>>>>>>>> Thanks, Jeff >>>>>>>>> >>>>>> >>>
smime.p7s
Description: S/MIME cryptographic signature