DA fresh install , Problem with SSL on SMTP

shivahost

Verified User
Joined
Mar 7, 2013
Messages
214
we have new server and fresh install of DA , activated let's encrypt on DA with no problem.

but SMTP not working for hostname or mail.anydomain.com

all default values in exim.conf and directadmin.conf used!

any help?
 
Hello,

Did you run an installation script from Directadmin? Or purchased a server with a pre-installed Directadmin?

According to this https://www.directadmin.com/features.php?id=2184 the mail_sni=1 is enabled by default for new installs.

If it's different in your case, then you might report it to Directadmin developers.
 
Hello,

Did you run an installation script from Directadmin? Or purchased a server with a pre-installed Directadmin?

According to this https://www.directadmin.com/features.php?id=2184 the mail_sni=1 is enabled by default for new installs.

If it's different in your case, then you might report it to Directadmin developers.

I installed from the script. "mail_sni=1" is exist in DA.conf by default. Do I need to do something else like Cert installation?
 
Sure, you need to install certs for your domains.

lets encrypt installed on my domain.com , mail.domain.com , sites loading with HTTPS .
also lets encrypt installed on my DA hostname and I login to DA with HTTPS.

but no luck!
 
Maybe stupid question but: is there firewall blocking it ?
 
I would not trust remote tests that much.... what's your hostname? You may send via PM if you want to keep it in a secret from public.
 
OK, I see a wrong self signed certificate is announced from your server.

Try and see whether or not
Code:
/usr/local/directadmin/scripts/letsencrypt.sh request $(hostname)
will fix it.
 
OK, I see a wrong self signed certificate is announced from your server.

Try and see whether or not
Code:
/usr/local/directadmin/scripts/letsencrypt.sh request $(hostname)
will fix it.

thank you, now SMTP from my hostname accepted! but from mail.anydomain.com not working!

in my WHMCS smtp using TLS works with hostname, with SSL not works!
 
Last edited:
> but from mail.anydomain.com not working!

You need to create certificates and include mail
.anydomain.com in Directadmin for every domain
 
> but from mail.anydomain.com not working!

You need to create certificates and include mail
.anydomain.com in Directadmin for every domain

from userlevel in SSL page? I have created lets encrypt for the domain i sent in pm!
 
I see a server-wide cert for your hostname now. It is either mail_sni is not enabled/installed, or too old version of exim.conf is used. So check the requirements and fix them: enable `mail_sni` and upgrade `exim.conf`.
 
I see a server-wide cert for your hostname now. It is either mail_sni is not enabled/installed, or too old version of exim.conf is used. So check the requirements and fix them: enable `mail_sni` and upgrade `exim.conf`.

mail_sni=1 , it was a default of DA install.

exim.conf 4.5 installed by custombuild with DA fresh install.
 
I see a server-wide cert for your hostname now. It is either mail_sni is not enabled/installed, or too old version of exim.conf is used. So check the requirements and fix them: enable `mail_sni` and upgrade `exim.conf`.
@zEitEr

Wich tool do you use for those "test" ?
 
I use openssl to test it.

Try to rebuild configs of Mail related services

Code:
cd /usr/local/directadmin/custombuild./build clean
./build update
./build set eximconf yes
./build set eximconf_release 4.5
./build set dovecot_conf yes
./build exim_conf
./build dovecot_conf

and then

Code:
echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue

wait a couple of minutes and test again.
 
Code:
echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue

wait a couple of minutes and test again.

thanks for your help Alex, this part solve my problem. I think because most of my accounts are restored backups from a server without these configs.
 
Back
Top