Re: [Djigzo users] Servers wont talk to me!
On 06/27/2017 09:06 PM, Paul Bronson via Users wrote: > Yep. Everything looks perfect thats the odd part. Microsoft themselves said > its not being blocked by any type of anti-spam. The most likely reason is that there is something with your IP address/SMTP config that O365 does not like. Some possible reasons: - The reverse IP address of the external IP used by CipherMail is not equal to the hostname configured in the MTA settings - You are using a from address which is not authorized to use your IP (for example you use @gmail.com as the from or sender address) - You have setup SPF but the IP address used by CipherMail is not allowed by your SPF records - You have too many recipients at the same time (O365 might not like that) Kind regards, Martijn > > On Tue, Jun 27, 2017 at 3:04 PM, Dino Edwards via Users < > users@lists.djigzo.com> wrote: > >> Have you checked your Ciphermail IP (assuming it’s public) against any >> blacklists? >> >> https://mxtoolbox.com/blacklists.aspx >> >> >> >> From: Paul Bronson [mailto:signaldevelo...@gmail.com] >> Sent: Tuesday, June 27, 2017 2:52 PM >> To: Dino Edwards <dino.edwa...@mydirectmail.net> >> Subject: Re: [Djigzo users] Servers wont talk to me! >> >> Correct. Microsoft states no issues.. Here's what I sent Martijn. >> >> We have a postfix server (plesk) that sends emails to cipher mail. So >> someone in plesk sends an email lets say j...@apple.com<mailto:joe@ >> apple.com> is sending an email out to s...@banana.com<mailto:susi@ >> banana.com>. Our plesk server hosts the @apple.com<http://apple.com/> >> domain. In postfix on the plesk server, we have it setup with: >> >> relayhost = (cipermailserver IP) >> >> Mail then gets sent over to the ciphermail server. Ciphermail has the IP >> of the plesk mail server setup as "my networks". And then it goes out from >> there and just encrypts based on [encrypt] subject. >> >> There are a few domains hosted on the plesk server that would route >> through the cipermail server. >> >> MTA Config: >> >> https://cl.ly/1Q2o312u073q >> >> Global: >> >> https://cl.ly/1U08092o1A1y >> >> So my issue is anytime I email out to anyone on Officer 365, I get this >> code: >> >> https://cl.ly/312x3c2N2c0s >> >> SFP records include both the plesk email server and ciphermail server, >> MXtoolbox shows 100% green, sending reputation is perfect. >> >> Hopefully this helps some.. >> >> On Tue, Jun 27, 2017 at 2:46 PM, Dino Edwards via Users < >> users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: >> But when you send to other recipients who are not on Office 365, it’s no >> problem? >> >> >> >> From: Paul Bronson [mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com>] >> Sent: Tuesday, June 27, 2017 2:37 PM >> To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwards@ >> mydirectmail.net>> >> Subject: Re: [Djigzo users] Servers wont talk to me! >> >> Correct! >> >> On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users < >> users@lists.djigzo.com<mailto:users@lists.djigzo.com>> users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: >> So, email goes from your email server to ciphermail box out to its final >> destination. But when you send email out to Office 365 recipient you are >> getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s >> happening? >> >> >> >> >> From: Paul Bronson [mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com>>] >> Sent: Tuesday, June 27, 2017 11:49 AM >> To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwards@ >> mydirectmail.net><mailto:dino.edwa...@mydirectmail.net> dino.edwa...@mydirectmail.net>>>; Martijn Brinkers <mart...@ciphermail.com >> <mailto:mart...@ciphermail.com><mailto:mart...@ciphermail.com> mart...@ciphermail.com>>> >> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com>> users@lists.djigzo.com<mailto:users@lists.djigzo.com>> >> Subject: Re: [Djigzo users] Servers wont talk to me! >> >> Here is snippet: >> >> https://cl.ly/3w3Q2U1l1N32 >> >> On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson <signaldevelo...@gmail.com< >> mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com>><mailto:signa
Re: [Djigzo users] Servers wont talk to me!
Can you send me an email through your ciphermail gateway directly. Our server is pretty locked down so if there is a problem, it may show up. That Microsoft error is very misleading From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Tuesday, June 27, 2017 2:52 PM To: Dino Edwards <dino.edwa...@mydirectmail.net> Subject: Re: [Djigzo users] Servers wont talk to me! Correct. Microsoft states no issues.. Here's what I sent Martijn. We have a postfix server (plesk) that sends emails to cipher mail. So someone in plesk sends an email lets say j...@apple.com<mailto:j...@apple.com> is sending an email out to s...@banana.com<mailto:s...@banana.com>. Our plesk server hosts the @apple.com<http://apple.com/> domain. In postfix on the plesk server, we have it setup with: relayhost = (cipermailserver IP) Mail then gets sent over to the ciphermail server. Ciphermail has the IP of the plesk mail server setup as "my networks". And then it goes out from there and just encrypts based on [encrypt] subject. There are a few domains hosted on the plesk server that would route through the cipermail server. MTA Config: https://cl.ly/1Q2o312u073q Global: https://cl.ly/1U08092o1A1y So my issue is anytime I email out to anyone on Officer 365, I get this code: https://cl.ly/312x3c2N2c0s SFP records include both the plesk email server and ciphermail server, MXtoolbox shows 100% green, sending reputation is perfect. Hopefully this helps some.. On Tue, Jun 27, 2017 at 2:46 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: But when you send to other recipients who are not on Office 365, it’s no problem? From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Tuesday, June 27, 2017 2:37 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> Subject: Re: [Djigzo users] Servers wont talk to me! Correct! On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: So, email goes from your email server to ciphermail box out to its final destination. But when you send email out to Office 365 recipient you are getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s happening? From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>] Sent: Tuesday, June 27, 2017 11:49 AM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net><mailto:dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>>>; Martijn Brinkers <mart...@ciphermail.com<mailto:mart...@ciphermail.com><mailto:mart...@ciphermail.com<mailto:mart...@ciphermail.com>>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>> Subject: Re: [Djigzo users] Servers wont talk to me! Here is snippet: https://cl.ly/3w3Q2U1l1N32 On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>>> wrote: Dino/Matijn, I am getting a lot of 550 Mailbox Unavailable for people who are using microsoft 365. It happened as soon as we turned on the cipher mail server. Everythins is good via mxtoolbox (all green checkmarks) but not sure why we keep getthing this message. If I turn off cipher mail and just go from email server to outlook 365 it goes through fine. Any ideas? On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>>> wrote: DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists
Re: [Djigzo users] Servers wont talk to me!
Have you checked your Ciphermail IP (assuming it’s public) against any blacklists? https://mxtoolbox.com/blacklists.aspx From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Tuesday, June 27, 2017 2:52 PM To: Dino Edwards <dino.edwa...@mydirectmail.net> Subject: Re: [Djigzo users] Servers wont talk to me! Correct. Microsoft states no issues.. Here's what I sent Martijn. We have a postfix server (plesk) that sends emails to cipher mail. So someone in plesk sends an email lets say j...@apple.com<mailto:j...@apple.com> is sending an email out to s...@banana.com<mailto:s...@banana.com>. Our plesk server hosts the @apple.com<http://apple.com/> domain. In postfix on the plesk server, we have it setup with: relayhost = (cipermailserver IP) Mail then gets sent over to the ciphermail server. Ciphermail has the IP of the plesk mail server setup as "my networks". And then it goes out from there and just encrypts based on [encrypt] subject. There are a few domains hosted on the plesk server that would route through the cipermail server. MTA Config: https://cl.ly/1Q2o312u073q Global: https://cl.ly/1U08092o1A1y So my issue is anytime I email out to anyone on Officer 365, I get this code: https://cl.ly/312x3c2N2c0s SFP records include both the plesk email server and ciphermail server, MXtoolbox shows 100% green, sending reputation is perfect. Hopefully this helps some.. On Tue, Jun 27, 2017 at 2:46 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: But when you send to other recipients who are not on Office 365, it’s no problem? From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Tuesday, June 27, 2017 2:37 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> Subject: Re: [Djigzo users] Servers wont talk to me! Correct! On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: So, email goes from your email server to ciphermail box out to its final destination. But when you send email out to Office 365 recipient you are getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s happening? From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>] Sent: Tuesday, June 27, 2017 11:49 AM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net><mailto:dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>>>; Martijn Brinkers <mart...@ciphermail.com<mailto:mart...@ciphermail.com><mailto:mart...@ciphermail.com<mailto:mart...@ciphermail.com>>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>> Subject: Re: [Djigzo users] Servers wont talk to me! Here is snippet: https://cl.ly/3w3Q2U1l1N32 On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>>> wrote: Dino/Matijn, I am getting a lot of 550 Mailbox Unavailable for people who are using microsoft 365. It happened as soon as we turned on the cipher mail server. Everythins is good via mxtoolbox (all green checkmarks) but not sure why we keep getthing this message. If I turn off cipher mail and just go from email server to outlook 365 it goes through fine. Any ideas? On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>>> wrote: DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>>> wrote: There is certainly way t
Re: [Djigzo users] Servers wont talk to me!
But when you send to other recipients who are not on Office 365, it’s no problem? From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Tuesday, June 27, 2017 2:37 PM To: Dino Edwards <dino.edwa...@mydirectmail.net> Subject: Re: [Djigzo users] Servers wont talk to me! Correct! On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: So, email goes from your email server to ciphermail box out to its final destination. But when you send email out to Office 365 recipient you are getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s happening? From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Tuesday, June 27, 2017 11:49 AM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>>; Martijn Brinkers <mart...@ciphermail.com<mailto:mart...@ciphermail.com>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> Subject: Re: [Djigzo users] Servers wont talk to me! Here is snippet: https://cl.ly/3w3Q2U1l1N32 On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>> wrote: Dino/Matijn, I am getting a lot of 550 Mailbox Unavailable for people who are using microsoft 365. It happened as soon as we turned on the cipher mail server. Everythins is good via mxtoolbox (all green checkmarks) but not sure why we keep getthing this message. If I turn off cipher mail and just go from email server to outlook 365 it goes through fine. Any ideas? On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>> wrote: DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: There is certainly way to do it with Tomcat but I can’t really help with that, I’m not that familiar with it. I can tell you that Apache is a much more advanced http server with a lot more functionality than Tomcat. Tomcat is primarily designed to serve Java Servlets and JSPs. My method is simpler I believe because it does not require you changing the configuration of Tomcat and ciphermail. You simply put Apache in front of it with the mod_proxy_ajp module which communicates with Tomcat using the default config. Of course, it’s all up to you how you want to proceed. From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>] Sent: Monday, June 26, 2017 6:48 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net><mailto:dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>>> Subject: Re: [Djigzo users] Servers wont talk to me! I dont NEED to use apache, is there a way to do it with tomcat? On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>>> wrote: The following settings in main.cf<http://main.cf><http://main.cf><http://main.cf> should get you started for TLS: # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/cert.cer smtpd_tls_key_file = /etc/ssl/certs/key.key smtpd_tls_CAfile = /etc/ssl/certs/root.cer #smtpd_use_tls=yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_loglevel = 1 I misspoke earlier. It’s been so long since I did this. Ciphermail comes bundled with Tomcat and it runs on port if I’m not mistaking. So, if you want to utilize Apache instead, you have to install mod_proxy_ajp module in Apache and setup an apache config like below: ProxyPass /djigzo http://localhost:/djigzo ProxyPassReverse /djigzo http://localhost:/djigzo ProxyPass /web http://localhost:/web ProxyPassReverse /web http://localhost:/web ProxyTimeout 3600 Changing the port has to be done within apache. So, if you want to use 443, you must of course ins
Re: [Djigzo users] Servers wont talk to me!
I sincerely doubt it From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Tuesday, June 27, 2017 2:42 PM To: Dino Edwards <dino.edwa...@mydirectmail.net> Subject: Re: [Djigzo users] Servers wont talk to me! Hi Dino, Does this have to do with our 550 Mailbox unavailable issue? On Tue, Jun 27, 2017 at 2:36 PM, Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> wrote: I had to disable https on tomcat by inserting the following line in the /etc/default/tomcat6 file because no matter what I did, Ciphermail would redirect to port 8443: JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false" After you do that, Ciphermail should answer on either port 8080 or don't remember which right off the top of my head. I have mine configured for port but if your Tomcat is running on 8080 obviously adjust the ProxyPass lines below to your port number. Here’s my apache config: ProxyRequests Off SSLEngine on SSLCertificateFile /etc/ssl/certs/certificate.cer SSLCertificateKeyFile /etc/ssl/certs/private/key.key SSLCertificateChainFile /etc/ssl/certs/chain.cer SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown Order deny,allow Allow from all ProxyPass /djigzo http://localhost:/djigzo ProxyPassReverse /djigzo http://localhost:/djigzo ProxyPass /web http://localhost:/web ProxyPassReverse /web http://localhost:/web ProxyTimeout 3600 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined CustomLog /var/log/apache2/ciphermail combined From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Tuesday, June 27, 2017 10:25 AM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> Subject: Re: [Djigzo users] Servers wont talk to me! DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: There is certainly way to do it with Tomcat but I can’t really help with that, I’m not that familiar with it. I can tell you that Apache is a much more advanced http server with a lot more functionality than Tomcat. Tomcat is primarily designed to serve Java Servlets and JSPs. My method is simpler I believe because it does not require you changing the configuration of Tomcat and ciphermail. You simply put Apache in front of it with the mod_proxy_ajp module which communicates with Tomcat using the default config. Of course, it’s all up to you how you want to proceed. From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Monday, June 26, 2017 6:48 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> Subject: Re: [Djigzo users] Servers wont talk to me! I dont NEED to use apache, is there a way to do it with tomcat? On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: The following settings in main.cf<http://main.cf><http://main.cf> should get you started for TLS: # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/cert.cer smtpd_tls_key_file = /etc/ssl/certs/key.key smtpd_tls_CAfile = /etc/ssl/certs/root.cer #smtpd_use_tls=yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_loglevel = 1 I misspoke earlier. It’s been so long since I did this. Ciphermail comes bundled with Tomcat and it runs on port if I’m not mistaking. So, if you want to utilize Apache instead, you have to install mod_proxy_ajp module in Apache and setup an apache config like below: ProxyPass /djigzo http://localhost:/djigzo ProxyPassReverse /djigzo http://localhost:/djigzo ProxyPass /web http://localhost:/web ProxyPassReverse /web http://localhost:/web ProxyTimeout 3600 Changing the port has to be done within apache. So, if you want to use 443, you must of course install mod_ssl on apache, as well as certificate. I have a complete Apache config file if you want, let me know and I’ll post the relevant parts. From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>] Sent: Monday, June 26, 2017 2:42 PM To: Dino Edward
Re: [Djigzo users] Servers wont talk to me!
I just realized the apache config gets screwed up by the email client. I have attached it as a text instead I had to disable https on tomcat by inserting the following line in the /etc/default/tomcat6 file because no matter what I did, Ciphermail would redirect to port 8443: JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false" After you do that, Ciphermail should answer on either port 8080 or don't remember which right off the top of my head. I have mine configured for port but if your Tomcat is running on 8080 obviously adjust the ProxyPass lines below to your port number. From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Tuesday, June 27, 2017 10:25 AM To: Dino Edwards <dino.edwa...@mydirectmail.net> Cc: users@lists.djigzo.com Subject: Re: [Djigzo users] Servers wont talk to me! DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <users@lists.djigzo.com> wrote: There is certainly way to do it with Tomcat but I can’t really help with that, I’m not that familiar with it. I can tell you that Apache is a much more advanced http server with a lot more functionality than Tomcat. Tomcat is primarily designed to serve Java Servlets and JSPs. My method is simpler I believe because it does not require you changing the configuration of Tomcat and ciphermail. You simply put Apache in front of it with the mod_proxy_ajp module which communicates with Tomcat using the default config. Of course, it’s all up to you how you want to proceed. From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Monday, June 26, 2017 6:48 PM To: Dino Edwards <dino.edwa...@mydirectmail.net> Subject: Re: [Djigzo users] Servers wont talk to me! I dont NEED to use apache, is there a way to do it with tomcat? On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: The following settings in main.cf<http://main.cf> should get you started for TLS: # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/cert.cer smtpd_tls_key_file = /etc/ssl/certs/key.key smtpd_tls_CAfile = /etc/ssl/certs/root.cer #smtpd_use_tls=yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_loglevel = 1 I misspoke earlier. It’s been so long since I did this. Ciphermail comes bundled with Tomcat and it runs on port if I’m not mistaking. So, if you want to utilize Apache instead, you have to install mod_proxy_ajp module in Apache and setup an apache config like below: ProxyPass /djigzo http://localhost:/djigzo ProxyPassReverse /djigzo http://localhost:/djigzo ProxyPass /web http://localhost:/web ProxyPassReverse /web http://localhost:/web ProxyTimeout 3600 Changing the port has to be done within apache. So, if you want to use 443, you must of course install mod_ssl on apache, as well as certificate. I have a complete Apache config file if you want, let me know and I’ll post the relevant parts. From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Monday, June 26, 2017 2:42 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> Subject: Re: [Djigzo users] Servers wont talk to me! Okay I will try that. I am also noticing that mxtoolbox states this server isn't configured for TLS? I do not see any settings under interface for this. Is this set on postfix main.cf<http://main.cf><http://main.cf> file manually? Also if I wanted to remove the port or change the port to a default 443 do I need to do this within apache, or does the GUI do the config itself? On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: I’m guessing sendmail got installed by accident or as part of something else. Not sure. I would either uninstall sendmail or change its port number if it’s absolutely necessary, although it doesn’t seem like that’s the case. Since the Web GUI runs on a different port, you can set whatever hostname you want in ciphermail as long as that hostname is resolvable by the outside world and as long as the back-end webserver (apache I assume) is configured to answer on that port. So, if you want the web portal to be https://webportal.domain.tld:8443/ in ciphermail under settings --> portal è Base URL you set it as follows: https://webpo
Re: [Djigzo users] Servers wont talk to me!
So, email goes from your email server to ciphermail box out to its final destination. But when you send email out to Office 365 recipient you are getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s happening? From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Tuesday, June 27, 2017 11:49 AM To: Dino Edwards <dino.edwa...@mydirectmail.net>; Martijn Brinkers <mart...@ciphermail.com> Cc: users@lists.djigzo.com Subject: Re: [Djigzo users] Servers wont talk to me! Here is snippet: https://cl.ly/3w3Q2U1l1N32 On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>> wrote: Dino/Matijn, I am getting a lot of 550 Mailbox Unavailable for people who are using microsoft 365. It happened as soon as we turned on the cipher mail server. Everythins is good via mxtoolbox (all green checkmarks) but not sure why we keep getthing this message. If I turn off cipher mail and just go from email server to outlook 365 it goes through fine. Any ideas? On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson <signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>> wrote: DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: There is certainly way to do it with Tomcat but I can’t really help with that, I’m not that familiar with it. I can tell you that Apache is a much more advanced http server with a lot more functionality than Tomcat. Tomcat is primarily designed to serve Java Servlets and JSPs. My method is simpler I believe because it does not require you changing the configuration of Tomcat and ciphermail. You simply put Apache in front of it with the mod_proxy_ajp module which communicates with Tomcat using the default config. Of course, it’s all up to you how you want to proceed. From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Monday, June 26, 2017 6:48 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> Subject: Re: [Djigzo users] Servers wont talk to me! I dont NEED to use apache, is there a way to do it with tomcat? On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: The following settings in main.cf<http://main.cf><http://main.cf> should get you started for TLS: # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/cert.cer smtpd_tls_key_file = /etc/ssl/certs/key.key smtpd_tls_CAfile = /etc/ssl/certs/root.cer #smtpd_use_tls=yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_loglevel = 1 I misspoke earlier. It’s been so long since I did this. Ciphermail comes bundled with Tomcat and it runs on port if I’m not mistaking. So, if you want to utilize Apache instead, you have to install mod_proxy_ajp module in Apache and setup an apache config like below: ProxyPass /djigzo http://localhost:/djigzo ProxyPassReverse /djigzo http://localhost:/djigzo ProxyPass /web http://localhost:/web ProxyPassReverse /web http://localhost:/web ProxyTimeout 3600 Changing the port has to be done within apache. So, if you want to use 443, you must of course install mod_ssl on apache, as well as certificate. I have a complete Apache config file if you want, let me know and I’ll post the relevant parts. From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>>] Sent: Monday, June 26, 2017 2:42 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net><mailto:dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>> Subject: Re: [Djigzo users] Servers wont talk to me! Okay I will try that. I am also noticing that mxtoolbox states this server isn't configured for TLS? I do not see any settings under interface for this. Is this set on postfix main.cf<http://main.cf><http://main.cf><http://main.cf> file manually? Also if I wanted to remove the port or change the port to a default 443 do I need to do this within apache, or does the GUI do the config itself? On Mon
Re: [Djigzo users] Servers wont talk to me!
Here is snippet: https://cl.ly/3w3Q2U1l1N32 On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson <signaldevelo...@gmail.com> wrote: > Dino/Matijn, > > I am getting a lot of 550 Mailbox Unavailable for people who are using > microsoft 365. It happened as soon as we turned on the cipher mail server. > Everythins is good via mxtoolbox (all green checkmarks) but not sure why we > keep getthing this message. If I turn off cipher mail and just go from > email server to outlook 365 it goes through fine. > > Any ideas? > > On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson <signaldevelo...@gmail.com> > wrote: > >> DIno, >> >> Thanks for all your help! Can you post the complete apache config file? >> Also I think the paths are wrong (?) Mine is >> https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to >> change the main portal page to something else so I could block port access >> to 8443 on the firewall >> >> On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users < >> users@lists.djigzo.com> wrote: >> >>> There is certainly way to do it with Tomcat but I can’t really help >>> with that, I’m not that familiar with it. I can tell you that Apache is a >>> much more advanced http server with a lot more functionality than Tomcat. >>> Tomcat is primarily designed to serve Java Servlets and JSPs. >>> >>> My method is simpler I believe because it does not require you changing >>> the configuration of Tomcat and ciphermail. You simply put Apache in front >>> of it with the mod_proxy_ajp module which communicates with Tomcat using >>> the default config. >>> >>> Of course, it’s all up to you how you want to proceed. >>> >>> From: Paul Bronson [mailto:signaldevelo...@gmail.com] >>> Sent: Monday, June 26, 2017 6:48 PM >>> To: Dino Edwards <dino.edwa...@mydirectmail.net> >>> Subject: Re: [Djigzo users] Servers wont talk to me! >>> >>> I dont NEED to use apache, is there a way to do it with tomcat? >>> >>> On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users < >>> users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: >>> The following settings in main.cf<http://main.cf> should get you >>> started for TLS: >>> >>> # TLS parameters >>> smtpd_tls_cert_file = /etc/ssl/certs/cert.cer >>> smtpd_tls_key_file = /etc/ssl/certs/key.key >>> smtpd_tls_CAfile = /etc/ssl/certs/root.cer >>> #smtpd_use_tls=yes >>> smtpd_tls_security_level = may >>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache >>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache >>> smtpd_tls_loglevel = 1 >>> >>> I misspoke earlier. It’s been so long since I did this. Ciphermail comes >>> bundled with Tomcat and it runs on port if I’m not mistaking. So, if >>> you want to utilize Apache instead, you have to install mod_proxy_ajp >>> module in Apache and setup an apache config like below: >>> >>> ProxyPass /djigzo http://localhost:/djigzo >>> ProxyPassReverse /djigzo http://localhost:/djigzo >>> ProxyPass /web http://localhost:/web >>> ProxyPassReverse /web http://localhost:/web >>> ProxyTimeout 3600 >>> >>> >>> Changing the port has to be done within apache. So, if you want to use >>> 443, you must of course install mod_ssl on apache, as well as certificate. >>> I have a complete Apache config file if you want, let me know and I’ll post >>> the relevant parts. >>> >>> >>> From: Paul Bronson [mailto:signaldevelo...@gmail.com>> signaldevelo...@gmail.com>] >>> Sent: Monday, June 26, 2017 2:42 PM >>> To: Dino Edwards <dino.edwa...@mydirectmail.net>> dino.edwa...@mydirectmail.net>> >>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> >>> Subject: Re: [Djigzo users] Servers wont talk to me! >>> >>> Okay I will try that. I am also noticing that mxtoolbox states this >>> server isn't configured for TLS? I do not see any settings under interface >>> for this. Is this set on postfix main.cf<http://main.cf><http://main.cf> >>> file manually? >>> >>> Also if I wanted to remove the port or change the port to a default 443 >>> do I need to do this within apache, or does the GUI do the config itself? >>> >>> On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users < >>> users@lists.djigzo.com<mailto:user
Re: [Djigzo users] Servers wont talk to me!
Dino/Matijn, I am getting a lot of 550 Mailbox Unavailable for people who are using microsoft 365. It happened as soon as we turned on the cipher mail server. Everythins is good via mxtoolbox (all green checkmarks) but not sure why we keep getthing this message. If I turn off cipher mail and just go from email server to outlook 365 it goes through fine. Any ideas? On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson <signaldevelo...@gmail.com> wrote: > DIno, > > Thanks for all your help! Can you post the complete apache config file? > Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ > ciphermail is the main admin page.. I wanted to change the main portal > page to something else so I could block port access to 8443 on the firewall > > On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users < > users@lists.djigzo.com> wrote: > >> There is certainly way to do it with Tomcat but I can’t really help with >> that, I’m not that familiar with it. I can tell you that Apache is a much >> more advanced http server with a lot more functionality than Tomcat. Tomcat >> is primarily designed to serve Java Servlets and JSPs. >> >> My method is simpler I believe because it does not require you changing >> the configuration of Tomcat and ciphermail. You simply put Apache in front >> of it with the mod_proxy_ajp module which communicates with Tomcat using >> the default config. >> >> Of course, it’s all up to you how you want to proceed. >> >> From: Paul Bronson [mailto:signaldevelo...@gmail.com] >> Sent: Monday, June 26, 2017 6:48 PM >> To: Dino Edwards <dino.edwa...@mydirectmail.net> >> Subject: Re: [Djigzo users] Servers wont talk to me! >> >> I dont NEED to use apache, is there a way to do it with tomcat? >> >> On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users < >> users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: >> The following settings in main.cf<http://main.cf> should get you started >> for TLS: >> >> # TLS parameters >> smtpd_tls_cert_file = /etc/ssl/certs/cert.cer >> smtpd_tls_key_file = /etc/ssl/certs/key.key >> smtpd_tls_CAfile = /etc/ssl/certs/root.cer >> #smtpd_use_tls=yes >> smtpd_tls_security_level = may >> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache >> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache >> smtpd_tls_loglevel = 1 >> >> I misspoke earlier. It’s been so long since I did this. Ciphermail comes >> bundled with Tomcat and it runs on port if I’m not mistaking. So, if >> you want to utilize Apache instead, you have to install mod_proxy_ajp >> module in Apache and setup an apache config like below: >> >> ProxyPass /djigzo http://localhost:/djigzo >> ProxyPassReverse /djigzo http://localhost:/djigzo >> ProxyPass /web http://localhost:/web >> ProxyPassReverse /web http://localhost:/web >> ProxyTimeout 3600 >> >> >> Changing the port has to be done within apache. So, if you want to use >> 443, you must of course install mod_ssl on apache, as well as certificate. >> I have a complete Apache config file if you want, let me know and I’ll post >> the relevant parts. >> >> >> From: Paul Bronson [mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com>] >> Sent: Monday, June 26, 2017 2:42 PM >> To: Dino Edwards <dino.edwa...@mydirectmail.net> dino.edwa...@mydirectmail.net>> >> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> >> Subject: Re: [Djigzo users] Servers wont talk to me! >> >> Okay I will try that. I am also noticing that mxtoolbox states this >> server isn't configured for TLS? I do not see any settings under interface >> for this. Is this set on postfix main.cf<http://main.cf><http://main.cf> >> file manually? >> >> Also if I wanted to remove the port or change the port to a default 443 >> do I need to do this within apache, or does the GUI do the config itself? >> >> On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users < >> users@lists.djigzo.com<mailto:users@lists.djigzo.com>> users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: >> I’m guessing sendmail got installed by accident or as part of something >> else. Not sure. I would either uninstall sendmail or change its port number >> if it’s absolutely necessary, although it doesn’t seem like that’s the case. >> >> Since the Web GUI runs on a different port, you can set whatever hostname >> you want in ciphermail as long as that hostname is resolvable by the
Re: [Djigzo users] Servers wont talk to me!
DIno, Thanks for all your help! Can you post the complete apache config file? Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to change the main portal page to something else so I could block port access to 8443 on the firewall On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users < users@lists.djigzo.com> wrote: > There is certainly way to do it with Tomcat but I can’t really help with > that, I’m not that familiar with it. I can tell you that Apache is a much > more advanced http server with a lot more functionality than Tomcat. Tomcat > is primarily designed to serve Java Servlets and JSPs. > > My method is simpler I believe because it does not require you changing > the configuration of Tomcat and ciphermail. You simply put Apache in front > of it with the mod_proxy_ajp module which communicates with Tomcat using > the default config. > > Of course, it’s all up to you how you want to proceed. > > From: Paul Bronson [mailto:signaldevelo...@gmail.com] > Sent: Monday, June 26, 2017 6:48 PM > To: Dino Edwards <dino.edwa...@mydirectmail.net> > Subject: Re: [Djigzo users] Servers wont talk to me! > > I dont NEED to use apache, is there a way to do it with tomcat? > > On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: > The following settings in main.cf<http://main.cf> should get you started > for TLS: > > # TLS parameters > smtpd_tls_cert_file = /etc/ssl/certs/cert.cer > smtpd_tls_key_file = /etc/ssl/certs/key.key > smtpd_tls_CAfile = /etc/ssl/certs/root.cer > #smtpd_use_tls=yes > smtpd_tls_security_level = may > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache > smtpd_tls_loglevel = 1 > > I misspoke earlier. It’s been so long since I did this. Ciphermail comes > bundled with Tomcat and it runs on port if I’m not mistaking. So, if > you want to utilize Apache instead, you have to install mod_proxy_ajp > module in Apache and setup an apache config like below: > > ProxyPass /djigzo http://localhost:/djigzo > ProxyPassReverse /djigzo http://localhost:/djigzo > ProxyPass /web http://localhost:/web > ProxyPassReverse /web http://localhost:/web > ProxyTimeout 3600 > > > Changing the port has to be done within apache. So, if you want to use > 443, you must of course install mod_ssl on apache, as well as certificate. > I have a complete Apache config file if you want, let me know and I’ll post > the relevant parts. > > > From: Paul Bronson [mailto:signaldevelo...@gmail.com signaldevelo...@gmail.com>] > Sent: Monday, June 26, 2017 2:42 PM > To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwards@ > mydirectmail.net>> > Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> > Subject: Re: [Djigzo users] Servers wont talk to me! > > Okay I will try that. I am also noticing that mxtoolbox states this server > isn't configured for TLS? I do not see any settings under interface for > this. Is this set on postfix main.cf<http://main.cf><http://main.cf> file > manually? > > Also if I wanted to remove the port or change the port to a default 443 do > I need to do this within apache, or does the GUI do the config itself? > > On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com> users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: > I’m guessing sendmail got installed by accident or as part of something > else. Not sure. I would either uninstall sendmail or change its port number > if it’s absolutely necessary, although it doesn’t seem like that’s the case. > > Since the Web GUI runs on a different port, you can set whatever hostname > you want in ciphermail as long as that hostname is resolvable by the > outside world and as long as the back-end webserver (apache I assume) is > configured to answer on that port. So, if you want the web portal to be > https://webportal.domain.tld:8443/ in ciphermail under settings --> portal > > è Base URL you set it as follows: > > https://webportal.domain.tld:8443/web/portal/ > > > > From: Paul Bronson [mailto:signaldevelo...@gmail.com signaldevelo...@gmail.com><mailto:signaldevelo...@gmail.com signaldevelo...@gmail.com>>] > Sent: Monday, June 26, 2017 2:13 PM > To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwards@ > mydirectmail.net><mailto:dino.edwa...@mydirectmail.net dino.edwa...@mydirectmail.net>>> > Cc: users@lists.djigzo.com<mailto:users@lists
Re: [Djigzo users] Servers wont talk to me!
The following settings in main.cf should get you started for TLS: # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/cert.cer smtpd_tls_key_file = /etc/ssl/certs/key.key smtpd_tls_CAfile = /etc/ssl/certs/root.cer #smtpd_use_tls=yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_loglevel = 1 I misspoke earlier. It’s been so long since I did this. Ciphermail comes bundled with Tomcat and it runs on port if I’m not mistaking. So, if you want to utilize Apache instead, you have to install mod_proxy_ajp module in Apache and setup an apache config like below: ProxyPass /djigzo http://localhost:/djigzo ProxyPassReverse /djigzo http://localhost:/djigzo ProxyPass /web http://localhost:/web ProxyPassReverse /web http://localhost:/web ProxyTimeout 3600 Changing the port has to be done within apache. So, if you want to use 443, you must of course install mod_ssl on apache, as well as certificate. I have a complete Apache config file if you want, let me know and I’ll post the relevant parts. From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Monday, June 26, 2017 2:42 PM To: Dino Edwards <dino.edwa...@mydirectmail.net> Cc: users@lists.djigzo.com Subject: Re: [Djigzo users] Servers wont talk to me! Okay I will try that. I am also noticing that mxtoolbox states this server isn't configured for TLS? I do not see any settings under interface for this. Is this set on postfix main.cf<http://main.cf> file manually? Also if I wanted to remove the port or change the port to a default 443 do I need to do this within apache, or does the GUI do the config itself? On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: I’m guessing sendmail got installed by accident or as part of something else. Not sure. I would either uninstall sendmail or change its port number if it’s absolutely necessary, although it doesn’t seem like that’s the case. Since the Web GUI runs on a different port, you can set whatever hostname you want in ciphermail as long as that hostname is resolvable by the outside world and as long as the back-end webserver (apache I assume) is configured to answer on that port. So, if you want the web portal to be https://webportal.domain.tld:8443/ in ciphermail under settings --> portal è Base URL you set it as follows: https://webportal.domain.tld:8443/web/portal/ From: Paul Bronson [mailto:signaldevelo...@gmail.com<mailto:signaldevelo...@gmail.com>] Sent: Monday, June 26, 2017 2:13 PM To: Dino Edwards <dino.edwa...@mydirectmail.net<mailto:dino.edwa...@mydirectmail.net>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> Subject: Re: [Djigzo users] Servers wont talk to me! Hi Dino, Wonder why sendmail keeps trying to start then.. Odd. I'd really like to set the web portal to a different address versus the HELO name I meant, sorry. Paul On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: You don't need both. One or the other, although Postfix is recommended. Different site, meaning different server? -Original Message- From: Users [mailto:users-boun...@lists.djigzo.com<mailto:users-boun...@lists.djigzo.com><mailto:users-boun...@lists.djigzo.com<mailto:users-boun...@lists.djigzo.com>>] On Behalf Of Paul Bronson via Users Sent: Monday, June 26, 2017 1:57 PM To: Martijn Brinkers <mart...@ciphermail.com<mailto:mart...@ciphermail.com><mailto:mart...@ciphermail.com<mailto:mart...@ciphermail.com>>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>> Subject: Re: [Djigzo users] Servers wont talk to me! IP Is not blacklisted, reverse DNS has been setup also. For some reason sendmail and postfix are using the same port? Do I need both? I would also like to set the web portal to a different site versus the hostname. On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < users@lists.djigzo.com<mailto:users@lists.djigzo.com><mailto:users@lists.djigzo.com<mailto:users@lists.djigzo.com>>> wrote: > On 06/22/2017 10:32 PM, Paul Bronson via Users wrote: > > Okay here is what I have.. Still not sure what's wrong. > > > > http://imgur.com/a/k0ysM > > http://imgur.com/a/QuyaO > > http://imgur.com/a/9pNyl > > > > I have the IP listed in my networks. > > > > So my setup goes like this: > > > > Incoming email >> firewall >> email server > > > > Cipher mail is not used for incoming, bu
Re: [Djigzo users] Servers wont talk to me!
Okay I will try that. I am also noticing that mxtoolbox states this server isn't configured for TLS? I do not see any settings under interface for this. Is this set on postfix main.cf file manually? Also if I wanted to remove the port or change the port to a default 443 do I need to do this within apache, or does the GUI do the config itself? On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users < users@lists.djigzo.com> wrote: > I’m guessing sendmail got installed by accident or as part of something > else. Not sure. I would either uninstall sendmail or change its port number > if it’s absolutely necessary, although it doesn’t seem like that’s the case. > > Since the Web GUI runs on a different port, you can set whatever hostname > you want in ciphermail as long as that hostname is resolvable by the > outside world and as long as the back-end webserver (apache I assume) is > configured to answer on that port. So, if you want the web portal to be > https://webportal.domain.tld:8443/ in ciphermail under settings --> portal > > è Base URL you set it as follows: > > https://webportal.domain.tld:8443/web/portal/ > > > > From: Paul Bronson [mailto:signaldevelo...@gmail.com] > Sent: Monday, June 26, 2017 2:13 PM > To: Dino Edwards <dino.edwa...@mydirectmail.net> > Cc: users@lists.djigzo.com > Subject: Re: [Djigzo users] Servers wont talk to me! > > Hi Dino, > > Wonder why sendmail keeps trying to start then.. Odd. > > I'd really like to set the web portal to a different address versus the > HELO name I meant, sorry. > > Paul > > On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: > You don't need both. One or the other, although Postfix is recommended. > > Different site, meaning different server? > > -Original Message- > From: Users [mailto:users-boun...@lists.djigzo.com<mailto:users- > boun...@lists.djigzo.com>] On Behalf Of Paul Bronson via Users > Sent: Monday, June 26, 2017 1:57 PM > To: Martijn Brinkers <mart...@ciphermail.com<mailto:mart...@ciphermail.com > >> > Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> > Subject: Re: [Djigzo users] Servers wont talk to me! > > IP Is not blacklisted, reverse DNS has been setup also. > > For some reason sendmail and postfix are using the same port? Do I need > both? > > I would also like to set the web portal to a different site versus the > hostname. > > On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < > users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: > > > On 06/22/2017 10:32 PM, Paul Bronson via Users wrote: > > > Okay here is what I have.. Still not sure what's wrong. > > > > > > http://imgur.com/a/k0ysM > > > http://imgur.com/a/QuyaO > > > http://imgur.com/a/9pNyl > > > > > > I have the IP listed in my networks. > > > > > > So my setup goes like this: > > > > > > Incoming email >> firewall >> email server > > > > > > Cipher mail is not used for incoming, but my outgoing setup is: > > > > > > Outgoing email >> email server >> ciphermail server >> firewall >> > > internet > > > > > > For some reason I think something is getting clogged up on CM > > > server. I have the email server (postfix) setup with a relayhost, so > > > it will > > forward > > > all mails to the ciphermail server. The "locality" setting on my > > > server > > is > > > "external" - does this matter? It's behind our firewall and should > > > only > > be > > > sending mail off from our internal mail server. > > > > > > I had it on in the morning and the others told me they are getting a > > > lot > > of > > > bouncebacks. I have a feeling this is because of the SFP records but > > > I > > want > > > to make sure the server is setup properly. > > > > > > The OTP you helped me with works now also, thank you! > > > > > > Everything is inherited from global also. > > > > Once the email has been handled by the back-end (MPA), the email is > > handed over to the MTA (Postfix). The MTA is responsible for > > delivering the email. If the email is not delivered you should check > > the MTA logs to see why. There can be a number of reasons why the > > recipients mail server won't accept email: your IP address might be > > dynamic (i.e., some consumer type ISP), there is no IP reverse name > > for your IP address,
Re: [Djigzo users] Servers wont talk to me!
I’m guessing sendmail got installed by accident or as part of something else. Not sure. I would either uninstall sendmail or change its port number if it’s absolutely necessary, although it doesn’t seem like that’s the case. Since the Web GUI runs on a different port, you can set whatever hostname you want in ciphermail as long as that hostname is resolvable by the outside world and as long as the back-end webserver (apache I assume) is configured to answer on that port. So, if you want the web portal to be https://webportal.domain.tld:8443/ in ciphermail under settings --> portal è Base URL you set it as follows: https://webportal.domain.tld:8443/web/portal/ From: Paul Bronson [mailto:signaldevelo...@gmail.com] Sent: Monday, June 26, 2017 2:13 PM To: Dino Edwards <dino.edwa...@mydirectmail.net> Cc: users@lists.djigzo.com Subject: Re: [Djigzo users] Servers wont talk to me! Hi Dino, Wonder why sendmail keeps trying to start then.. Odd. I'd really like to set the web portal to a different address versus the HELO name I meant, sorry. Paul On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users <users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: You don't need both. One or the other, although Postfix is recommended. Different site, meaning different server? -Original Message- From: Users [mailto:users-boun...@lists.djigzo.com<mailto:users-boun...@lists.djigzo.com>] On Behalf Of Paul Bronson via Users Sent: Monday, June 26, 2017 1:57 PM To: Martijn Brinkers <mart...@ciphermail.com<mailto:mart...@ciphermail.com>> Cc: users@lists.djigzo.com<mailto:users@lists.djigzo.com> Subject: Re: [Djigzo users] Servers wont talk to me! IP Is not blacklisted, reverse DNS has been setup also. For some reason sendmail and postfix are using the same port? Do I need both? I would also like to set the web portal to a different site versus the hostname. On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < users@lists.djigzo.com<mailto:users@lists.djigzo.com>> wrote: > On 06/22/2017 10:32 PM, Paul Bronson via Users wrote: > > Okay here is what I have.. Still not sure what's wrong. > > > > http://imgur.com/a/k0ysM > > http://imgur.com/a/QuyaO > > http://imgur.com/a/9pNyl > > > > I have the IP listed in my networks. > > > > So my setup goes like this: > > > > Incoming email >> firewall >> email server > > > > Cipher mail is not used for incoming, but my outgoing setup is: > > > > Outgoing email >> email server >> ciphermail server >> firewall >> > internet > > > > For some reason I think something is getting clogged up on CM > > server. I have the email server (postfix) setup with a relayhost, so > > it will > forward > > all mails to the ciphermail server. The "locality" setting on my > > server > is > > "external" - does this matter? It's behind our firewall and should > > only > be > > sending mail off from our internal mail server. > > > > I had it on in the morning and the others told me they are getting a > > lot > of > > bouncebacks. I have a feeling this is because of the SFP records but > > I > want > > to make sure the server is setup properly. > > > > The OTP you helped me with works now also, thank you! > > > > Everything is inherited from global also. > > Once the email has been handled by the back-end (MPA), the email is > handed over to the MTA (Postfix). The MTA is responsible for > delivering the email. If the email is not delivered you should check > the MTA logs to see why. There can be a number of reasons why the > recipients mail server won't accept email: your IP address might be > dynamic (i.e., some consumer type ISP), there is no IP reverse name > for your IP address, the reverse IP name is not the same as the SMTP > helo name. your IP might be black-listed. > > Solving this does not involve making changes in the CipherMail global > settings. The only change in CipherMail that influences delivery is > the MTA helo name. > > Could you sent some MTA logs showing which mails were not delivered? > > What is the IP address the CipherMail gateway is using? > > Kind regards, > > Martijn Brinkers > > > -- > CipherMail email encryption > > Email encryption with support for S/MIME, OpenPGP, PDF encryption and > secure webmail pull. > > https://www.ciphermail.com > > Twitter: http://twitter.com/CipherMail > ___ > Users mailing list > Users@lists.djigzo.com<mailto:Users@lists.djigzo.com> > https://lists.djigzo.com/lists/listinfo/users > ___ Users mailing list Users@lists.djigzo.com<mailto:Users@lists.djigzo.com> https://lists.djigzo.com/lists/listinfo/users ___ Users mailing list Users@lists.djigzo.com<mailto:Users@lists.djigzo.com> https://lists.djigzo.com/lists/listinfo/users ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] Servers wont talk to me!
Hi Dino, Wonder why sendmail keeps trying to start then.. Odd. I'd really like to set the web portal to a different address versus the HELO name I meant, sorry. Paul On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users < users@lists.djigzo.com> wrote: > You don't need both. One or the other, although Postfix is recommended. > > Different site, meaning different server? > > -Original Message- > From: Users [mailto:users-boun...@lists.djigzo.com] On Behalf Of Paul > Bronson via Users > Sent: Monday, June 26, 2017 1:57 PM > To: Martijn Brinkers <mart...@ciphermail.com> > Cc: users@lists.djigzo.com > Subject: Re: [Djigzo users] Servers wont talk to me! > > IP Is not blacklisted, reverse DNS has been setup also. > > For some reason sendmail and postfix are using the same port? Do I need > both? > > I would also like to set the web portal to a different site versus the > hostname. > > On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < > users@lists.djigzo.com> wrote: > > > On 06/22/2017 10:32 PM, Paul Bronson via Users wrote: > > > Okay here is what I have.. Still not sure what's wrong. > > > > > > http://imgur.com/a/k0ysM > > > http://imgur.com/a/QuyaO > > > http://imgur.com/a/9pNyl > > > > > > I have the IP listed in my networks. > > > > > > So my setup goes like this: > > > > > > Incoming email >> firewall >> email server > > > > > > Cipher mail is not used for incoming, but my outgoing setup is: > > > > > > Outgoing email >> email server >> ciphermail server >> firewall >> > > internet > > > > > > For some reason I think something is getting clogged up on CM > > > server. I have the email server (postfix) setup with a relayhost, so > > > it will > > forward > > > all mails to the ciphermail server. The "locality" setting on my > > > server > > is > > > "external" - does this matter? It's behind our firewall and should > > > only > > be > > > sending mail off from our internal mail server. > > > > > > I had it on in the morning and the others told me they are getting a > > > lot > > of > > > bouncebacks. I have a feeling this is because of the SFP records but > > > I > > want > > > to make sure the server is setup properly. > > > > > > The OTP you helped me with works now also, thank you! > > > > > > Everything is inherited from global also. > > > > Once the email has been handled by the back-end (MPA), the email is > > handed over to the MTA (Postfix). The MTA is responsible for > > delivering the email. If the email is not delivered you should check > > the MTA logs to see why. There can be a number of reasons why the > > recipients mail server won't accept email: your IP address might be > > dynamic (i.e., some consumer type ISP), there is no IP reverse name > > for your IP address, the reverse IP name is not the same as the SMTP > > helo name. your IP might be black-listed. > > > > Solving this does not involve making changes in the CipherMail global > > settings. The only change in CipherMail that influences delivery is > > the MTA helo name. > > > > Could you sent some MTA logs showing which mails were not delivered? > > > > What is the IP address the CipherMail gateway is using? > > > > Kind regards, > > > > Martijn Brinkers > > > > > > -- > > CipherMail email encryption > > > > Email encryption with support for S/MIME, OpenPGP, PDF encryption and > > secure webmail pull. > > > > https://www.ciphermail.com > > > > Twitter: http://twitter.com/CipherMail > > ___ > > Users mailing list > > Users@lists.djigzo.com > > https://lists.djigzo.com/lists/listinfo/users > > > ___ > Users mailing list > Users@lists.djigzo.com > https://lists.djigzo.com/lists/listinfo/users > ___ > Users mailing list > Users@lists.djigzo.com > https://lists.djigzo.com/lists/listinfo/users > ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] Servers wont talk to me!
You don't need both. One or the other, although Postfix is recommended. Different site, meaning different server? -Original Message- From: Users [mailto:users-boun...@lists.djigzo.com] On Behalf Of Paul Bronson via Users Sent: Monday, June 26, 2017 1:57 PM To: Martijn Brinkers <mart...@ciphermail.com> Cc: users@lists.djigzo.com Subject: Re: [Djigzo users] Servers wont talk to me! IP Is not blacklisted, reverse DNS has been setup also. For some reason sendmail and postfix are using the same port? Do I need both? I would also like to set the web portal to a different site versus the hostname. On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < users@lists.djigzo.com> wrote: > On 06/22/2017 10:32 PM, Paul Bronson via Users wrote: > > Okay here is what I have.. Still not sure what's wrong. > > > > http://imgur.com/a/k0ysM > > http://imgur.com/a/QuyaO > > http://imgur.com/a/9pNyl > > > > I have the IP listed in my networks. > > > > So my setup goes like this: > > > > Incoming email >> firewall >> email server > > > > Cipher mail is not used for incoming, but my outgoing setup is: > > > > Outgoing email >> email server >> ciphermail server >> firewall >> > internet > > > > For some reason I think something is getting clogged up on CM > > server. I have the email server (postfix) setup with a relayhost, so > > it will > forward > > all mails to the ciphermail server. The "locality" setting on my > > server > is > > "external" - does this matter? It's behind our firewall and should > > only > be > > sending mail off from our internal mail server. > > > > I had it on in the morning and the others told me they are getting a > > lot > of > > bouncebacks. I have a feeling this is because of the SFP records but > > I > want > > to make sure the server is setup properly. > > > > The OTP you helped me with works now also, thank you! > > > > Everything is inherited from global also. > > Once the email has been handled by the back-end (MPA), the email is > handed over to the MTA (Postfix). The MTA is responsible for > delivering the email. If the email is not delivered you should check > the MTA logs to see why. There can be a number of reasons why the > recipients mail server won't accept email: your IP address might be > dynamic (i.e., some consumer type ISP), there is no IP reverse name > for your IP address, the reverse IP name is not the same as the SMTP > helo name. your IP might be black-listed. > > Solving this does not involve making changes in the CipherMail global > settings. The only change in CipherMail that influences delivery is > the MTA helo name. > > Could you sent some MTA logs showing which mails were not delivered? > > What is the IP address the CipherMail gateway is using? > > Kind regards, > > Martijn Brinkers > > > -- > CipherMail email encryption > > Email encryption with support for S/MIME, OpenPGP, PDF encryption and > secure webmail pull. > > https://www.ciphermail.com > > Twitter: http://twitter.com/CipherMail > ___ > Users mailing list > Users@lists.djigzo.com > https://lists.djigzo.com/lists/listinfo/users > ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] Servers wont talk to me!
On 06/22/2017 10:32 PM, Paul Bronson via Users wrote: > Okay here is what I have.. Still not sure what's wrong. > > http://imgur.com/a/k0ysM > http://imgur.com/a/QuyaO > http://imgur.com/a/9pNyl > > I have the IP listed in my networks. > > So my setup goes like this: > > Incoming email >> firewall >> email server > > Cipher mail is not used for incoming, but my outgoing setup is: > > Outgoing email >> email server >> ciphermail server >> firewall >> internet > > For some reason I think something is getting clogged up on CM server. I > have the email server (postfix) setup with a relayhost, so it will forward > all mails to the ciphermail server. The "locality" setting on my server is > "external" - does this matter? It's behind our firewall and should only be > sending mail off from our internal mail server. > > I had it on in the morning and the others told me they are getting a lot of > bouncebacks. I have a feeling this is because of the SFP records but I want > to make sure the server is setup properly. > > The OTP you helped me with works now also, thank you! > > Everything is inherited from global also. Once the email has been handled by the back-end (MPA), the email is handed over to the MTA (Postfix). The MTA is responsible for delivering the email. If the email is not delivered you should check the MTA logs to see why. There can be a number of reasons why the recipients mail server won't accept email: your IP address might be dynamic (i.e., some consumer type ISP), there is no IP reverse name for your IP address, the reverse IP name is not the same as the SMTP helo name. your IP might be black-listed. Solving this does not involve making changes in the CipherMail global settings. The only change in CipherMail that influences delivery is the MTA helo name. Could you sent some MTA logs showing which mails were not delivered? What is the IP address the CipherMail gateway is using? Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] Servers wont talk to me!
Can you provide an example bounce message? -Original Message- From: Users [mailto:users-boun...@lists.djigzo.com] On Behalf Of Paul Bronson via Users Sent: Thursday, June 22, 2017 5:44 PM To: Stefan Michael Guenther <s.guent...@in-put.de> Cc: users@lists.djigzo.com Subject: Re: [Djigzo users] Servers wont talk to me! Hi, Under settings >> general I Just don't know why it isn't working. Also, sendmail and postfix keep killing each other stating port already in use On Thu, Jun 22, 2017 at 4:56 PM, Stefan Michael Guenther < s.guent...@in-put.de> wrote: > Hi, > > > all mails to the ciphermail server. The "locality" setting on my > > server > is > > "external" - does this matter? It's behind our firewall and should > > only > be > > sending mail off from our internal mail server. > > > where did you define "external"? In the domain or user setting? Based > on "internal/external" ciphermail decides whether an email has to > decrypted or encrypted. This has nothing to with the location of the > ciphermail server in your network. > > Stefan > ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] Servers wont talk to me!
Not sure why you are using both sendmail and postfix on the same server. Am I understanding this correctly? -Original Message- From: Users [mailto:users-boun...@lists.djigzo.com] On Behalf Of Paul Bronson via Users Sent: Thursday, June 22, 2017 5:44 PM To: Stefan Michael Guenther <s.guent...@in-put.de> Cc: users@lists.djigzo.com Subject: Re: [Djigzo users] Servers wont talk to me! Hi, Under settings >> general I Just don't know why it isn't working. Also, sendmail and postfix keep killing each other stating port already in use On Thu, Jun 22, 2017 at 4:56 PM, Stefan Michael Guenther < s.guent...@in-put.de> wrote: > Hi, > > > all mails to the ciphermail server. The "locality" setting on my > > server > is > > "external" - does this matter? It's behind our firewall and should > > only > be > > sending mail off from our internal mail server. > > > where did you define "external"? In the domain or user setting? Based > on "internal/external" ciphermail decides whether an email has to > decrypted or encrypted. This has nothing to with the location of the > ciphermail server in your network. > > Stefan > ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users