1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Plesk 10.4.4 Postfix 465

Discussion in 'Plesk 10.x for Linux Issues, Fixes, How-To' started by md3vxx, Nov 20, 2011.

  1. md3vxx

    md3vxx Guest

    0
     
    Plesk 10.4.4, CentOS x64

    Plesk's postfix implementation includes a TLS daemon listening on TCP port 465. By default our company uses seperate SSL wrappers (stunnel) to manage inbound secure email connections to port 465.

    We deleted this line:

    smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes

    From /etc/postfix/master.cf, restarted our /etc/init.d/xinetd service and our wrappers work until Plesk is restarted and it re-generates to master.cf file.

    We only want to master.cf file to list the default service (TCP 25) using this:

    smtp inet n - n - - smtpd

    How can we re-configure Plesk not to turn on the 465 service daemon in Postfix?

    Christopher.
     
  2. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,572
    Likes Received:
    1,243
    Location:
    Novosibirsk, Russia
    I have tried to reproduce this issue. I have just commented line

    smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes

    in master.cf and reloaded mailserver with

    # /usr/local/psa/admin/sbin/mailmng --reload-service

    after that port 465 was disabled:

    # lsof -i tcp:465
    #
     
  3. md3vxx

    md3vxx Guest

    0
     
    That works until you restart Plesk (e.g. /etc/init.d/psa restart) at which time:

    smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes

    Is appended to the base of the file again, see:

    smtp inet n - n - - smtpd
    #smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes

    smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes
     
  4. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,572
    Likes Received:
    1,243
    Location:
    Novosibirsk, Russia
    As far as I remember smtps port shouldn't be closed due to RFC requirements. I think that Plesk just follows this instruction.
     
  5. md3vxx

    md3vxx Guest

    0
     
    The port isn't being closed, we are simply using a STUNNEL wrapper to control the daemon rather than using Postfix's default service. The other issue is that if we switch to using Postfix's implementation all of our customers are forced to use TLS rather than SSL in their email clients and source IP information cannot be wrapped.
     
Loading...