• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Qmail and TLS

D

deltatech

Regular Pleskian
I am currently running Plesk 11 and was told by Parallels support that qmail does not support TLS on plesk 11.

I am considering upgrading to Plesk 12 and was wondering if qmail on Plesk 12 will support TLS?
 
I have switched from Postfix to Qmail on my test Plesk 12 server and checked that TLS is supported:

[root@ppu12-0 ~]# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 ppu12-0.demo.pp.plesk.ru ESMTP
ehlo
250-ppu12-0.demo.pp.plesk.ru
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
 
Additionally:

# openssl s_client -starttls smtp -crlf -connect localhost:25 | grep TLS
....
250 8BITMIME
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Protocol : TLSv1.2
TLS session ticket lifetime hint: 300 (seconds)
 
IgorG said:
Additionally:

# openssl s_client -starttls smtp -crlf -connect localhost:25 | grep TLS
....
250 8BITMIME
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Protocol : TLSv1.2
TLS session ticket lifetime hint: 300 (seconds)
Click to expand...

On Plesk 11 I get this, any way to fix this on plesk 11?...

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 myserver.com ESMTP
EHLO
250-myserver.com
250-AUTH=LOGIN CRAM-MD5
250-AUTH LOGIN CRAM-MD5
250-PIPELINING
250 8BITMIME

Note it is missing the 250-STARTTLS
 
When you send the EHLO command, the server will respond with a list of the items it supports.
 
IgorG said:
When you send the EHLO command, the server will respond with a list of the items it supports.
Click to expand...

That is the problem, it doesn't list STARTTLS on my plesk 11 box. Is there any way to fix this without upgrading to plesk 12? I do have a support contract so I could upgrade but I am afraid of upgrades as they usually cause too much downtime and my clients can't go days without their email..
 
All works fine by default on my test Plesk 11.5:

root@ppu11-5:~# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 ppu11-5.demo.pp.plesk.ru ESMTP
ehlo
250-ppu11-5.demo.pp.plesk.ru
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
quit
221 ppu11-5.demo.pp.plesk.ru
Connection closed by foreign host.

root@ppu11-5:~# cat /usr/local/psa/version
11.5.30 Debian 6.0 115140407.17
 
You must log in or register to reply here.

Similar threads

R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
986
tessa67
T
S
Issue SMTP/Qmail stop working suddenly without any cause
Replies
3
Views
1K
Stephen_Stephen
S
D
Question Renewing Let's encrypt automatically
Replies
3
Views
556
Kaspar
K
SamirM
Issue Postfix Issues with Alma Linux 9.4
Replies
7
Views
413
Maarten
M
Franco
Resolved CentOs2Alma conversion failed - disk space?
Replies
7
Views
1K
Bitpalast
Bitpalast
Back
Top