@ vs . in username?

christophera · December 14, 2022, 7:30pm

Hi all,

On the same virtual server, some usernames are user@domain.com, others are user.domain

Why is that happening? The users have been set up at different times, I don’t know if maybe Virtualmin has changed the way that works over time.

This came up because I’m having issues with Gmail and it seems that users with the dot I’m able to use TLS as a secure email connection, and ones with the @ I have to use an unsecured connection for it to work. That’s just an observation though, not firm evidence that this is what’s making the difference,

Chris

Operating system CentOS Linux 7.9.2009
Webmin version 2.001 Usermin version 1.860
Virtualmin version 7.3

Joe · December 14, 2022, 9:15pm

It is a configuration option, but if Virtualmin set up the users with @ in them, you should have two users for each (one with @ and one with a -, i think). This is to accommodate software that doesn’t work with @ in the name (I don’t believe your problem could be attributable to that, though).

We changed the default on install a couple years ago, but that would not change any existing installation, only fresh installations. If you’re configured to use @ in usernames now, you made that config change. (Or you migrated users from a system with the old format to one with the new, maybe.)

It’s not clear to me what problem you have, though, so I can’t guess about a solution or confirm or deny it is related to usernames (but my gut tells me no…).

christophera · December 15, 2022, 5:35am

Thanks Joe, I trust your gut with this stuff - you have a little bit of experience with Virtualmin

So, I have a ‘send as’ email address set up in Gmail that has been working fine, but now when I try to send, I get a “The settings for your ‘Send mail as’ account are misconfigured or out of date” error email from Gmail.

I deleted and reset the ‘send as’ account up from scratch (a potential solution from another forum).

That works, but only if I use the unsecured connection option. I used to have it set to tls.

Now, when I try to use tls, I’m getting an error that says:

"Server returned error: “TLS Negotiation failed, the certificate doesn’t match the host., code: 550”

Ugh. I checked and my let’s encrypt cert is active and includes the mail server domain.

I wondered if regenerating the let’s encrypt cert would help, but I get an error when I try to do that:

### Failed to request certificate : Missing file to read at virtual_server::/usr/libexec/webmin/virtual-server/feature-dns.pl line 3484

I’m not sure if that’s related to the email problem I’m having. Probably not.

I tested the tls for the domain on TLS Checker - Instant Results | CDN77.com and it says TLS 1.2 is enabled, TLS 1.3 is disabled.

Not sure what to do next. The ‘send as’ works if I have the setting at ‘unsecured’, but I have this set up for someone else who is in private practice, it would be nicer if it was secured,

Chris

Joe · December 15, 2022, 5:46am

Ah, this is a problem I can explain.

You can’t do that.

Postfix, as shipped with CentOS 7 (a very old operating system at this point) does not support SNI. You can only ever have one TLS certificate for Postfix. You must pick a domain to be the mail domain, and use that for all connections to Postfix (so, any mail clients trying to send through the server).

Dovecot in CentOS 7, I think, does support SNI, so IMAP and POP3 could use different certs (and Virtualmin can configure that) but you can’t reasonably explain that to users, and some mail clients don’t make it easy to configure different send and retrieval hosts.

christophera · December 15, 2022, 3:08pm

hmm, except it’s been working… so confusing, but maybe Google updated something on their system that changed something?

In the end though, it sound like i need to update my OS

Thanks Joe!

Joe · December 15, 2022, 6:53pm

Not with TLS on multiple domains it hasn’t. Your Postfix version simply cannot do that.

christophera · December 15, 2022, 9:40pm

No, sorry, I’m not saying it can do that. I have all of the email being picked up from one domain. It’s sent through several, but all forwarded to mailboxes on one domain and Gmail picks them up from that one… and that worked, until it didn’t.

What I’ll do though is update to Ubuntu 22.04 LTS and transfer the domains and ip over to that server and lets see if that does the trick. Been needing to upgrade anyway, as you noticed, just haven’t gotten to it

edit - getting an updated server and moving everything to it fixed the issue, I don’t know if it’s because TLS 1.3 is enabled now or… just not sure.

system · December 23, 2022, 9:40pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.