Hi Larry,
Hmmm, not sure this will every work - and if it does work with
Google it will break most other mail servers that try to talk to you.
Port 25 is the original email port (sendmail) and is no auth, no SSL/TLS
on purpose. As defined by the IETF, port 465 is the SSL/TLS port for
sendmail, and port 587 is the authenticated, with SSL/TLS port.
Not withstanding that, your error is no acceptable cipher for you
and gmail to agree upon. Port 443 is web (http / Apache) and postfix
is mail. Is it possible that you email is not configured to use the
keys you created??
In 5210R and 5211R the SSL certificates of Vsites are used for HTTPS in
Apache and/or Nginx. But they are are also tied into Dovecot for POP3
and IMAP as well as into Postfix.
This was also in large part the drive to switch newer BlueOnyx versions
from Sendmail to Postfix, as Postfix supports SNI and Sendmail doesn't.
So if you run a BlueOnyx 5210R or 5211R, have it configured to use
Postfix and have "Enable SMTPS Server" enabled? It will not only use the
GUI's SSL certificate, but also the SSL certificates of all Vsites to
answer to TLS connections.
The SNI Email integration in BlueOnyx is explained here:
Postfix:
https://www.blueonyx.it/news/267/15/5210R-Postfix-SNI-for-email-and-Maildir/
Dovecot:
https://www.blueonyx.it/news/266/15/5209R5210R-SNI-support-added-to-Dovecot/
But yeah, in Arie's case there was something off. His SNI certificates
didn't include validity for the requested domain and there also seems to
have been a protocol/cipher mismatch.
--
With best regards
Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
