DA fresh install , Problem with SSL on SMTP

shivahost

Verified User
Joined
Mar 7, 2013
Messages
209
we have new server and fresh install of DA , activated let's encrypt on DA with no problem.

but SMTP not working for hostname or mail.anydomain.com

all default values in exim.conf and directadmin.conf used!

any help?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,131
Location
GMT +7.00
Hello,

Did you run an installation script from Directadmin? Or purchased a server with a pre-installed Directadmin?

According to this https://www.directadmin.com/features.php?id=2184 the mail_sni=1 is enabled by default for new installs.

If it's different in your case, then you might report it to Directadmin developers.
 

shivahost

Verified User
Joined
Mar 7, 2013
Messages
209
Hello,

Did you run an installation script from Directadmin? Or purchased a server with a pre-installed Directadmin?

According to this https://www.directadmin.com/features.php?id=2184 the mail_sni=1 is enabled by default for new installs.

If it's different in your case, then you might report it to Directadmin developers.
I installed from the script. "mail_sni=1" is exist in DA.conf by default. Do I need to do something else like Cert installation?
 

shivahost

Verified User
Joined
Mar 7, 2013
Messages
209
Sure, you need to install certs for your domains.
lets encrypt installed on my domain.com , mail.domain.com , sites loading with HTTPS .
also lets encrypt installed on my DA hostname and I login to DA with HTTPS.

but no luck!
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,131
Location
GMT +7.00
I would not trust remote tests that much.... what's your hostname? You may send via PM if you want to keep it in a secret from public.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,131
Location
GMT +7.00
OK, I see a wrong self signed certificate is announced from your server.

Try and see whether or not
Code:
/usr/local/directadmin/scripts/letsencrypt.sh request $(hostname)
will fix it.
 

shivahost

Verified User
Joined
Mar 7, 2013
Messages
209
OK, I see a wrong self signed certificate is announced from your server.

Try and see whether or not
Code:
/usr/local/directadmin/scripts/letsencrypt.sh request $(hostname)
will fix it.
thank you, now SMTP from my hostname accepted! but from mail.anydomain.com not working!

in my WHMCS smtp using TLS works with hostname, with SSL not works!
 
Last edited:

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,131
Location
GMT +7.00
> but from mail.anydomain.com not working!

You need to create certificates and include mail
.anydomain.com in Directadmin for every domain
 

shivahost

Verified User
Joined
Mar 7, 2013
Messages
209
> but from mail.anydomain.com not working!

You need to create certificates and include mail
.anydomain.com in Directadmin for every domain
from userlevel in SSL page? I have created lets encrypt for the domain i sent in pm!
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,131
Location
GMT +7.00
I see a server-wide cert for your hostname now. It is either mail_sni is not enabled/installed, or too old version of exim.conf is used. So check the requirements and fix them: enable `mail_sni` and upgrade `exim.conf`.
 

shivahost

Verified User
Joined
Mar 7, 2013
Messages
209
I see a server-wide cert for your hostname now. It is either mail_sni is not enabled/installed, or too old version of exim.conf is used. So check the requirements and fix them: enable `mail_sni` and upgrade `exim.conf`.
mail_sni=1 , it was a default of DA install.

exim.conf 4.5 installed by custombuild with DA fresh install.
 

ikkeben

Verified User
Joined
May 22, 2014
Messages
705
Location
Netherlands Germany
I see a server-wide cert for your hostname now. It is either mail_sni is not enabled/installed, or too old version of exim.conf is used. So check the requirements and fix them: enable `mail_sni` and upgrade `exim.conf`.
@zEitEr

Wich tool do you use for those "test" ?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,131
Location
GMT +7.00
I use openssl to test it.

Try to rebuild configs of Mail related services

Code:
cd /usr/local/directadmin/custombuild./build clean
./build update
./build set eximconf yes
./build set eximconf_release 4.5
./build set dovecot_conf yes
./build exim_conf
./build dovecot_conf
and then

Code:
echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue
wait a couple of minutes and test again.
 

shivahost

Verified User
Joined
Mar 7, 2013
Messages
209
Code:
echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue
wait a couple of minutes and test again.
thanks for your help Alex, this part solve my problem. I think because most of my accounts are restored backups from a server without these configs.
 
Top