I have Virtualmin installed on Ubuntu server 18.04. I have several vhosts configured and I’m trying to configure an email client (gmail) to import.
When I run
telnet <server's IP> 995 I connect successfully.
When I run the command
openssl s_client -connect <server's IP>:995 I connect successfully and can login with the email user.
But, when I try to configure gmail to fetch mail from pop3 server using same details it fails and I receive timeout error. It works fine with port 110.
Any idea what I’m doing wrong?
In the mail log I see the following:
Sep 7 15:24:35 vps dovecot: pop3-login: Disconnected (no auth attempts in 25 secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS handshaking: SSL_accept() syscall failed: Success, session=<R9Lf0Lqu74LRVaeX>
Do you DMARC enabled? I think Google refuses to talk to mail servers that don’t (but I wouldn’t swear to that).
DKIM, SPF and DMARC are all defined. BTW, I’m using Cloudflare as my DNS.
Is your Cloudflare TLS certificate is generated? I would check the following links:
- Troubleshooting SSL errors
- SSL handshake failed
I have the same issue and I use Cloudflare as well. Also, I can’t do mydomain.com:10000 to log into my VM GUI. I have to use the IP:port.I’m thinking cloudflare (CF) isn’t good on passing the port like mail.mydomain.com:995 to gmail hence the reason for the timeout. I believe I would have to run my own nameserver to get it working but I could be wrong so you may want to wait for other answers or maybe someone nows how to setup CF to do this.
Off topic, @stuckinthehouse. If you start a new topic we could discuss how the cloudflare setting of leaving a port unmolested could solve your problem.
@stuckinthehouse, even though this is off topic I think you are correct. Cloudflare does not proxy mail protocols like POP3, SMTP or IMAP. As a result I’m not using CF to proxy my pop3 and use it only as DNS but with no luck. Just a reminder, I am able to connect to Dovecot POP3 via the command
openssl s_client -connect mail.domain.com:995 but I fail to connect via gmail.
Because I use CF certificate, and because CF does not proxy mail protocols, I use CF just as a DNS thus having my mail.domain.com without an SSL certificate. I’ve replaced the self signed certificate with a Let’s encrypt certificate and now POP3 995 is working as expected.
Thank you for your support.
This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.