Koozali.org: home of the SME Server
Contribs.org Forums => General Discussion => Topic started by: gbentley on May 09, 2011, 01:51:10 PM
-
Just a quickie as I seem to be getting this round my neck a bit - I have Secure SMTP and Secure IMAP enabled on SME, my firewall has forward ports 993 and 465 to SME IP as well as rules to allow these in first place from the WAN.
Sevceral test services show these ports as open and I have tested this from another site using Outlook Express.
No joy on iphone however and using exactly the same settings.
Anyone got this working / any tips?
Thanks!
-
If you're using a self-signed certificate on your SME server, you'll need to "install" it on your iphone.
logging into webmail from the iphone may work, or here's another technique (https://discussions.apple.com/message/7581648?messageID=7581648) that involves emailing your SME cert to a different email address on your iphone.
-
Heck, better search on self signed certs lol
tried logging into Horde - got mainly blank screen with welcome msg
then tried mail but no go :(
-
Here are some notes I made about Entourage and self-signed certs (possibly useless, possibly helpful): http://wiki.contribs.org/Email#Entourage:_Using_SME.27s_Self-Signed_Certificate_for_SSL_Connections_from_Entourage_on_OS_X_10.4 (http://wiki.contribs.org/Email#Entourage:_Using_SME.27s_Self-Signed_Certificate_for_SSL_Connections_from_Entourage_on_OS_X_10.4)
Perhaps if you generate a PEM base-64 encoded cert, post it to an ibay, then browse to it the iphone will let you install it...
Or, here's another howto: http://blog.markusbordihn.de/2009/05/iphone-ipod-touch-with-self-signed-ssl.html
Edit by cactus: Fixed URL to appear as a URL
-
Thanks for that - not looked into yet but I did go back and check my settings / rules etc and am now at a remote office.
I have setup Outlook Express and IMAPs receive is working fine however Secure SMTP is not. I have exactly the same rules page and similar config on the router [for port 465 though] as well as port forwarding to the SME.
I have tried various different settings in Outlook Express [including 'Log on with Secure Password Auth'] to no avail [almost always reports 'connected' but times out] and seem to be stuck on this. Has anyone with this working any tips / anything I might have missed?
canyouseeme.org reports that port 465 is open
I have now config on router to log when ruleset for port 465 is matched and will go looking through server logs.
-
Any kind / patient person offer any tips ? Still can't track this down ;
[root@mail ~]# netstat -tln | grep :465
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN
From another thread I read the above as the port being open and available. The server is in 'Server Mode' only and is behind an ADSL Router / Firewall. I have a nat rule to forward requests for port 465 to the server as well as a firewall filter rule that pinholes port 465. All the other rules I have setup in this way [ssh,https,imaps] are working fine. An external test using canyouseeme.org reports that port 465 is open.
I am now thinking its something I am doing [or not doing] on the mail client thats stopping this working.
I have the WAN IP address down as the incoming imap+smtp, and in advanced outgoing port as 465, incoming as 993 and both SSL boxes ticked. Just tested this again and getting error from mail client ; outgoing is being rejected with 550 relaying denied error - I am using the admin account for testing purposes.
I have 'Allow SSMPT (secure)' in the email settings of server manager.
Any help appreciated :)
-
try to use thunderbird as e-mail client.
It has an auto-detect feature ou account config who test auth settings and choose best (including ports).
So you'll learn how to configure from it.
-
tb - yes, I have used that feature - I have found all too often it does things that I dont want it to do and end up manually creating an account anyways.
-
gbentley
Works fine for me using OE, Windows Mail, Thunderbird and iPhone, all using SSL, connecting to sme server using IMAP
In OE under Servers tab, DO NOT tick the box for "Log on using secure password authentication", but DO tick the box for "My server requires authentication" and under the Settings button select "Use same settings as my incoming mail server".
For server names (Incoming mail (IMAP) and Outgoing mail (SMTP) I use servername.mydomain.com which should be resolvable or you can just use mydomain.com
Under Advanced tab tick both boxes for "This server requires secure connection (SSL)", and for "Outgoing mail (SMTP)" enter port 465 and for "Incoming mail (IMAP)" enter port 993.
On the iphone use similar settings
For Outgoing Mail Server
Use SSL On
Authentication Password
Server port 465
For Incoming Settings (under Advanced)
Use SSL On
Authentication Password
Server Port 993
-
> DO tick the box for "My server requires authentication" and under the
> Settings button select "Use same settings as my incoming mail server".
Mary,
That did the trick - thanks, think I had tried this at some point but probably
had other settings incorrect at that time. Funny how staring at screens too
long removes clue precentage!
On to iPhones next :)