Issue SMTP is not working properly

[dj1sklero]

My problem started when I changed the hosting panel from ISPConfig to Plesk.
I have a discourse forum, in the new panel I created his e-mail address with the same name and password. I tried to send mail from this account and it works. The problem appears in the forum. When connected via port 587 (open in Plesk) he gets an error:

Wrapped OpenSSL :: SSL :: SSLError: hostname "mydomain" does not match the server certificate.

There is an error on port 465:

Jobs :: HandledExceptionWrapper: Wrapped Net :: ReadTimeout: Net :: ReadTimeout with # <TCPSocket: (closed)>.

Even telnet doesn't connect to port 465:

root @ raspberrypi: / home / pi # telnet icegame.pl 465
Trying 161.97.82.2 ...
Connected to icegame.pl.
Escape character is '^]'.

and port 587:

root@forum:~# telnet icegame.pl 587
Trying 161.97.82.2...
Connected to icegame.pl.
Escape character is '^]'.
220 hosting.krishost.pl ESMTP Postfix (Debian/GNU)

 

[Bitpalast]

I interpret two questions from your post:
(1) Why do I see "Wrapped OpenSSL :: SSL :: SSLError: hostname "mydomain" does not match the server certificate." and how to fix it?
(2) Why can I not connect to port 465 on my server?

1) The error is caused by a mismatch of the mail server domain you are trying to access and the certificate of the mail server. The mail server needs to be addressed by the hostname, not by a domain name. Your hostname is not your domain name. In the configuration of your software, enter the hostname as SMTP server, not the domain name or a subdomain of your website. The hostname is set in Plesk in Tools & Settings > Server Settings > Full host name. It is the name of your computer in the data center and normally different from all domains hosted on that system. The SSL certificate for the mail service is set in Tools & Settings > Security > SSL/TLS Certificates. Make sure that your mail server is equipped with the Let's Encrypt server. When you use the correct hostname, connecting to your SMTP server with SSL/TLS will work and use the correct certificate for that hostname. The error message will disappear.

2) There are typically three outgoing mail ports on a system: 25, 465, 587. Some data centers block them by default in a firewall that is in front of your server, to prevent accidental spam sent from your server. Check your data center's control panel for your server if they have a firewall for you and if all the ports are open. You must have port 25 open. Ports 465 and 587 are optional. 465 is for SSL/TLS traffic, port 587 for STARTSSL. There is also a chance that your Plesk firewall is blocking any of these ports. Check Tools & Settings > Security > Firewall if any of the ports are blocked. For your connection test from your home to the data center, it is possible that your internet access provider blocks all or some of the ports or that your local router or antivirus solution is blocking any of them.

To check whether port 465 is open on your system, run
# lsof -i:465
or
# netstat -tulpn | grep LISTEN | grep 465

 

[georgek]

Hello,,

as I come from cPanel I was always put on server "mail.domain.xxx" with port 465 or port 993. This was extremely helpful because even if you change the server the "mail.domain.xxx" was remaining the same. If we change this to server hostname when you will change the server all clients on the server much change the hostname. And this is a bit mess. Is there any way to have ssl connection with "mail.domain.xxx" and not the server's hostname?