This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

SMTP..POP..IMAP (Vulernablilty) Certificate Error
#1
SMTP..POP..IMAP (Vulernablilty) Certificate Error
Hello dear Sentora support <3

Firstly I'd like to say thank you for this awesome platform that i will be using and supporting for my website!

I have successfully installed latest version of Sentora on my VPS (Centos7) and everything works great! I also setup my Letsencrypt certificates for CP and the domain. 

Now last thing todo is to fix this vulerntability that i found.

When someone tries to access the SMTP server or POP that i sat in Cloudflare pointing to my VPS ip (I use cloudflare as DNS manager), It exposes my VPS Info (user/IP)

check it out here for example: https://smtp.domain.com/ 

it shows certificate error,, but when you press continue and get the forbidden page. and try to view the certificate it actually shows my VPS IP! and username.

I don't want it to return anything when they visit these records! SMTP,POP .. etc

see for example google and other websites.. when you try to do the same thing:
https://smtp.gmail.com/

it gives u error (took so long to respond..etc..) nothing shows up! thats exactly how i want it to be.

I'm not sure where exactly is this problem coming from, but i don't want to install SSL certificates for each SMTP..Imap..pop..etc.. it just doesnt make sense todo imo.

I'm sure there's a way to fix it but i really don't know.. it could be something in (main.cf) file in the (/etc/postfix).. or master.cf

I really don't know how.. I searched everywhere..
EDIT: I temporarly redirected the (smtp.domain.com) not the HTTPS url to my main website just a temp fix.. using the /etc/sentora/configs/apache/httpd.conf  file

I put these redirections but only the http one works:
Code:
#Default
entry for any undefined domain or direct IP access
<VirtualHost *:80>
       Redirect / http://domain.com/
</VirtualHost>
#Default
entry for any undefined domain or direct IP access
<VirtualHost *:443>
       Redirect / http://domain.com/
</VirtualHost>

I wonder how to fix this issue im no expert at these stuff but i know somethings. so im not compelely noob lol. 

Again thank you so much for the great support. Nd ill be posting some tutorials soon on my website when im done!

<3

- M0HX
Reply
Thanks given by:


Messages In This Thread
SMTP..POP..IMAP (Vulernablilty) Certificate Error - by M0HX - 06-08-2017, 07:28 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
Repo update error hostingms 3 6 ,829 02-14-2024, 09:20 AM
Last Post: TGates
apt-get install mod_ssl ERROR CMs222 9 28 ,356 11-11-2022, 09:14 PM
Last Post: zustudios
Sentora debug and error files johnnyp 0 1 ,596 10-27-2022, 06:16 PM
Last Post: johnnyp

Forum Jump:


Users browsing this thread: 3 Guest(s)