DirectAdmin or hosting problem with certificaties and e-mail

[Hendrik]

I've got great problems with a new hosting provider, McSeo. But other hosters have similar certificate problems. The presented certificate does not math !

Free certificate for websites works. Everything else does not work (ftp, mail, e-mail ...)

. Outlook get a warning. The server certificate is used and not the domain certificate. It is sometime a localhost certificate (?) and sometime that of the hoster.
. Ports to be used are confusing. Pop - Smtp works for some sites on 110 with Plain text and 993 with SSL enabled.
. Ports for IMAP work sometimes with 993 and 143. SSL is a mess. Port 587 seems sometimes to work on 'automated' protocol listenings.
. Imap does not work at all on android devices.
. Imap sometimes work om Outlook (the Office version!) Settings are even per site various.

What the hell is going on? Some (hosting companies) say this is a DirectAdmin problem. I think it is both.
. When a new certificate is made (with settings only for web) the old certificate (with SSL for all services) is not deleted.
. Ports 25 and 110 are to be used for plain text. Therefore they should be blocked. SSL and TLS use 143, 587 and 465 and 995 and 993 for as far as I know. But this it what the hosting should know and serve.

Martynas Bendorius knows abbout the problems. What does DirectAdmin offer as answer?

I tend to select an other hosting company that does not use DirectAdmin if al these problems are not solved within days.

Btw. The random Question may be familiair to US speaking, but it is a google search for Dutch people. 'an arm and a __' Whar the .. should that answer be?

 

[Richard G]

What the hell is going on? Some (hosting companies) say this is a DirectAdmin problem. I think it is both.

No it isn't both. Probably some company's having issues are saying this.
It's not a DA problem, also plain servers and Cpanel servers for example have the same problems.

Outlook gives a warning. That's normal if there is only a self signed certificate (default with cpanel and da) and users trying to use ssl.
Ports are not confusing. 587 is a reserve port, and port 465 is for ssl traffic. Imap has it's own ports already mentioned by you.
110 is pop3 incoming, there is a lot to be found about ports. We have never issues with ports on DA.

Ports 25 and 110 are to be used for plain text. Therefore they should be blocked.

That's real nonsense. 100% of email servers are using port 25 to communicate with each other, especially incoming mail. You can't block port 25.
Next to that, you can't obligate people to only use SSL for outgoing traffic. Als keep in mind that normally good SSL Certificats costs a lot of money which is the reason several hosting company's don't use them.

Mostly if there are issues, it's a configuration problem cause by admins doing things wrong or having too little knowledge on how to implement.
It's indeed what hosting providers should know and configure correctly.

Why should Directadmin provide an answer for this? It's not a DA issue. It's not DA's responsibility to give lessons to administrators.

So if you have a hosting provider with these problems, you should indeed select another hosting provider who is knowing what they are doing and can provide you with the things you want.

However again, I don't know what you are trying to accomplish here. This is certainly not a DA problem.

 

[zEitEr]

Agreed with Richard. It's not a Directadmin's problem. These forums have numerous guides on how to do a custom setup for this:

- https://help.directadmin.com/item.php?id=573 posted on Oct 27, 2016
- http://forum.directadmin.com/showthread.php?t=50059&page=7&p=263954#post263954 posted on 04-10-2015
- https://help.directadmin.com/item.php?id=389 posted on Aug 28, 2011

If your hosting company does not know how to customize Directadmin or refuses to customize it for you... that's not Directadmin's fault.

 

[Hendrik]

Agreed with Richard. It's not a Directadmin's problem. These forums have numerous guides on how to do a custom setup for this:

- https://help.directadmin.com/item.php?id=573 posted on Oct 27, 2016
- http://forum.directadmin.com/showthread.php?t=50059&page=7&p=263954#post263954 posted on 04-10-2015
- https://help.directadmin.com/item.php?id=389 posted on Aug 28, 2011

If your hosting company does not know how to customize Directadmin or refuses to customize it for you... that's not Directadmin's fault.

Sorry. But I'm not talking about the webmail application.
It is about an end-user configuration for pop/smtp/imap.
If no certificate is made it is very strange to connect on 110, unencryted while one has to use 465 SSL or 587 TLS to deliver e-mail. This is the case with multiple Hosting companies thatuse DirectAdmin.
The option to select SSL with e-mail and FTP in DirectAdmin seems not to work with any user of DirectAdmin. The DirectAdmin expert that was consulted has confirmed this.
If this option needs additional configuration of Exim4, that should be mentioned. I expect this to be automated.
B.t.w. I miss an option to delete certificates made earlier. I'm not sure what is used. This is not visable in my reseller account.

Those 'random questions drive me crazy' .... Is that what DirectAdmin wants?

 

[ppnl]

It might be an old subject however I think the SSL is now covered by the mail_sni=1 option described in https://directadmin.com/features.php?id=2019
And to test if mail.domain.com (or pop/smtp) using it's correct certificate I found this article very valuable https://help.directadmin.com/item.php?id=627