Email issues

I’m trying to login to the admin user here not a custom created one

does your admin user have an account for email and ftp?

If its a root user, then that may not work. For example, my root/admin (sudoer) user cannot login using ftp or email. I am quite happy to have it this way. The only access these particular users have on my system is SSH (SFTP)…nothing else.

create a new user account…then this should work much easier for you i think.

the main server administrator account i dont think should be getting email!

I didn’t manually create the account in Ubuntu

And I have to have it it’s my admin@fomain.com aliased to postmaster@domain.com as well

I can check mail in usermin but I’d like to receive notification which requires remote email retrieve

EDIT…oops sorry…i missread your first post. The admin and support accounts should work exactly i have described above. You should be able to open thunderbird, use the auto setup for new accounts, enter the username and password, accept the defaults and it should work.

You may need to edit the incoming and outgoing mail servers in thunderbird to something like mail.yourdomain.com (thats what mine is)…where domain.com is the virtual server domain ie =mail.colby.com (you will need a matching mx record at dns registrar of course)

It finds mail.domsin.com fine

It’s not failing to connect so long as it doesn’t try to use STARTTLS for IMAP. It’s insisting that no matter what my credentials are wrong, and Spark gives a cert error even though everything should be using my LE cert which is good for domain.com and *.domain.com

I dont use spark i am using thunderbird.

I have to go now for a few hours…hopefully you will make some headway with this. I would suggest rechecking your entire SSL setup from scratch. (if this wont stuff website access)

HSTS would ensure it’d be unavailable to everyone

Oddly nothing besides email throws that error, and only Spark

Ok

Email testing indicated Port 993 can’t establish a connection to for whatever reason. Tried logging in on Port 995 and 143 for IMAP and still auth failure

Changing Port 465 to 587 doesn’t help

And if really like to know what the proper username is. Admin.domain.com (domain.com is virtaulserver name) doesn’t work either

What is the correct way to setup IMAP ssl in virtaulmin?

IMAP/POP3

the usual method doesn’t actually require any configuration that I can think of. If postfix and dovecot are working there isn’t much else you need to do other than docs https://www.virtualmin.com/documentation/email

Normally, when I install virtualmin, then add a virtual server, install a LetsEncrypt SSL cert, then add a user account to that virtual server, ensure that at domain SOA (start of authority) the correct mx, spf, DMARC records are in place, it just works (straight out of the box).

I do know that windows 10 mail is a pain in the ass (I have problems using this but its not impossible to setup), thunderbird works essentially with its automatic configuration (perhaps the odd tweak depending on your desktop pc and home network setup)…

if you have manually created additional users (with both ftp&email login abilities) in virtualmin, then those users should work.

Can you just check the following…

Virtualmin>Edit Users

is Admin a user in that list?

If you select user Admin, then under Edit User, choose Login to Usermin (ensure port 20000 is open on any of your firewalls). Can you log into Usermin for the Admin user you have created?

Second, the first user in the list for a new Virtual Server (ie the default Virtual Server User)…whatever it is, should be able to login to Usermin (on mine that is the case). Try to login to Usermin using the default Virtual Server user ie https://yourdomain.com:20000

If default user works, then try user Admin. If Admin doesn’t work, try to create a new “different” username that is not related to server administration (ie a name other than admin or administrator etc)…create a user called “Colby” for example. can you log into usermin with the new user you create called Colby?

Essentially, if you are able to login to Usermin, then the problem is not Virtualmin as such…its the client you are using for email (outlook, thunderbird, windows mail, whatever).

Yeah I can login via usermin

However NO email client is letting me login with ANY user it says authentication failed

However can send/receive mail via usermin

ok, so can I just confirm, when you are logged into both virtual server and also Usermin on your web browser…is the Lets Encrypt SSL certificate correct (ie a padlock immediately to LHS of URL)?

yes

You can check if you want; domain is innonetlife.com

ah…no its not secure.

what SSL certificate are you using?

EDIT…hmm that’s strange, see the https details below (and yet google chrome browser is convinced your site doesn’t have valid ssl)

Primary
Common Name: *.innonetlife.com

Issuer: Let’s Encrypt Authority X3
Expires: 3 months
Valid From: 6/25/2019
Valid To: 9/23/2019
Serial: 033FF2D3F45C2CC9F250A920647D14EB90EB
Algorithm: sha256RSA
Common Name: Let’s Encrypt Authority X3

Issuer: DST Root CA X3
Expires: 1 year 9 months
Valid From: 3/17/2016
Valid To: 3/17/2021
Serial: 0A0141420000015385736A0B85ECA708
Algorithm: sha256RSA
Organization: Let’s Encrypt
Location: US
Common Name: DST Root CA X3

Issuer: DST Root CA X3
Expires: 2 years
Valid From: 9/30/2000
Valid To: 9/30/2021
Serial: 44AFB080D6A327BA893039862EF8406B
Algorithm: sha1RSA
Organization: Digital Signature Trust Co.

also, you have not setup a reverse DNS/ptr record for this mail server correctly It does not match the SMTP banner being sent.

The SMTP banner issued by your email server did not contain the hostname we resolved for your server’s IP address

You need to configure that or your emails wont get delivered reliably.

Some receiving mail servers may use a mismatched or masked banner as an indication of a possible spam source in a scoring system
If you do not have a PTR record, or your record does not match your hostname, we recommend that you contact your ISP and ask them to setup a reverse (PTR) record that matches the hostname of your mail server.

for example…go to mxtoolbox.com

type in your domain.com and select MX record check

after that, then do an smtp test

you will see what I mean

Ok

Well I added an A record but cloudflare doesn’t support PTR records apparently

Can’t setup PTR records at cloudflare

No reason SMTP banner should show different from DNS though

blimey, for such a widely used application, I find that incredible.

Whats even more ridiculous is the extent of Cloudflares article on DNS PTR records… so everyone can have a laugh I will post it in its entirety

DNS PTR Record
Learning Objectives
After reading this article you will be able to:

Understand the purpose of an PTR record.
What is a DNS PTR record?
The ‘pointer’ record is exactly the opposite of the ‘A’ record; the PTR address will give you the domain associated with a given IP address. The PTR record is used in reverse-lookup zones for reverse DNS searches.

Example of an PTR record:

example.com record type: value: TTL
@ PTR example.com 71200
The value here represents an email address ,which can be confusing because it’s missing the ‘@’ sign, but in an SOA record admin.example.com is the equivalent of admin@example.com.

what can one say?

Anyway, the ptr record is done for the server itself. So for example, if you were using Vultr.com as your VPS provider, then you would add the reverse ptr inside Vultr server dashboard/console.

I found another bit of information on cloudflare that will help you out with this…(sorry about the condescending way it starts, I am just copy and pasting it in)

How does reverse DNS work?
Reverse DNS lookups query DNS servers for a PTR (pointer) record; if the server does not have a PTR record, it cannot resolve a reverse lookup. PTR records store IP addresses with their segments reversed, and they append ‘.in-addr.arpa’ to that. For example if a domain has an IP address of 1.2.3.4, the PTR record will store that information as 4.3.2.1.in-addr.arpa.