How to send email using port 465/SSL?

Hi

A customer of mine using Blackberry cant send an email on port 465. We looked into it, made sure Postfix is listening on port 465, and the firewall has the port open. But still does not work. We cant send either.

So would this be because there is no SSL cert copied to postfix for this account?

If this is the case, then when I go to enable SSL on this account, I get a warning to say another account is already using the IP address for a SSL cert and it could conflict, so I did not enable SSL for the account.

Do we need the account using its own SSL and therefore on its own IP? I wont do this as we have loads of accounts all using their own mail server domain maii.theaccount.com (theaccount is the users domain of course). Or should we install a Multi-domain SSL so we can use SSL on all account domains? Or If we can use a self signed SSL, then how do we set this up due to the warning about another site using the IP for a SSL? Or should we not use a shared IP for another sites SSL? (hosting providers just dont like giving IPs out these days).

So how does one correctly setup multiple accounts (so different mail server hostnames) to send email on port 465?

In the meantime I’ve told them to use port 587 with no SSL as that works.

Thanks!

Can you elaborate “does not work” please? What exactly happens on the Blackberry when you try to send mail via SSL? Any error messages? Anything in Postfix’ logfiles?

The customer says he gets no errors (mail just does not send), but when we do it on our email clients (both Apple Mail & Thunderbird), from memory it says something like the server is not allowing connection to port 465. But it is listening on it, and the firewall port is open.

Howdy,

It doesn’t sound like you’re seeing an SSL issue there… since that port is encrypted, it would require an SSL cert in order to function at all.

Just to verify, what do these two commands show:

netstat -anlp | grep :465 iptables -L -n | grep 465
[root@dev ~]# netstat -anlp | grep :465 tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 29430/master [root@dev ~]# iptables -L -n | grep 465 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465

I now have the same issue on another server for both port 465 and 587… GMail says “Couldn’t reach server”. Several port checkers state the port is open (it is open in the firewall), netstat and iptables say:

[root@flow1 ~]# netstat -an | grep :587 tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN

[root@flow1 ~]# iptables -L -n | grep 587
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587

The issue reported above was for a Cpanel imported account… This issue is also with Cpanel account migrated to a different Virtualmin server. I’ve not had email issues like this before, can it be related?

This is in the maillog when I try to connect in GMail:

Jul 30 20:26:22 myserver postfix/smtpd[20307]: connect from mail-vc0-f178.google.com[209.85.220.178] Jul 30 20:26:22 myserver postfix/smtpd[20307]: lost connection after UNKNOWN from mail-vc0-f178.google.com[209.85.220.178] Jul 30 20:26:22 myserver postfix/smtpd[20307]: disconnect from mail-vc0-f178.google.com[209.85.220.178]

Choosing port 25 unsecured connection works OK, so its just port 465 and 587.

Thanks