SMTPTLS port 587 Close after fresh Install

[franmm25]

I think there is a problem with the SSL certificates generated by the SSL module. In my case, to fix the situation, I needed to change the following:

For Postfix:

Edit main.cf and master.cf

In main.cf:

smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes

smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache

smtpd_tls_cert_file = /etc/letsencrypt/live/domain.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/domain.com/privkey.pem

The SSL certificates created inside

/var/sentora/hostdata/zadmin/ssl/sencrypt/letsencrypt/domain.com

Not work with Postfix. I needed to install `certbot` on Ubuntu to create and regenerate SSL certificates in the specified path, adding "domain.com (your domain" and "mail.domain.com".

Note that Apache needs to be stopped during the installation.

To fix port 587, add these two lines inside `master.cf` if you want to use both ports simultaneously, or select the port you want:

smtp inet n - n - - smtpd
587 inet n - y - - smtpd

Also, you need to configure Dovecot with the same paths as in Postfix, need edit dovecot2.conf :

ssl = yes
ssl_cert = </etc/letsencrypt/live/domain.com/fullchain.pem
ssl_key = </etc/letsencrypt/live/domain.com/privkey.pem

When I ran the test on https://www.checktls.com/TestReceiver, everything worked 100%.

I don’t know if this is the best approach for Sentora, but support told me it is the best way to fix this issue. At the moment, I haven't found another solution, and this works perfectly. Ideally, everything should be activated automatically from Sentora, in my opinion.

Additionally, I have noticed that sometimes the SSL module fails to renew certificates, and other times it doesn’t. I think it is necessary to address these issues.

Regards.