SSL installation on port 465 - Plesk 11.5

[UFHH01]

Hi Shiney,

for your modification:

SO I then added:

# ================================================================================
# Special configurations to fit SMTP banner and certificates - Plesk-modified
# ================================================================================

plesk-domainname.co.uk-123.45.67.89- unix - n n - - smtp
-o smtpd_tls_key_file=/domain/ssl/certs/domainname.key
-o smtpd_tls_cert_file=/domain/ssl/certs/domainname.pem
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

... you should rather use:

plesk-domainname.co.uk-123.45.67.89- unix - n n - - smtp 
    -o smtpd_tls_key_file=/domain/ssl/certs/domainname.key 
    -o smtpd_tls_cert_file=/domain/ssl/certs/domainname.pem 
    -o smtpd_enforce_tls=yes 
    -o smtpd_tls_security_level=encrypt 
    -o smtpd_sasl_auth_enable=yes 
    -o smtp_bind_address=123.45.67.89 
    -o smtp_bind_address6= 
    -o smtp_address_preference=ipv4 
    -o smtp_helo_name=domainname.co.uk 
    -o myhostname=mail.domainname.co.uk 
    -o cleanup_service_name=pre-cleanup

Pls. try to follow the official postfix documentation when you edit postfix configuration files:

http://www.postfix.org/postfix-manuals.html

http://www.postfix.org/postconf.5.html
http://www.postfix.org/master.5.html​

You will notice, that it is very important, that you follow the instructions, as for example the usage of whitespaces and new ( logical ) lines, because if you ignore that, you will experience issues/errors/problems.
It might be as well a good idea to CHECK your modifications for syntax errors ( and permission issues ) with the following command over your command line: "postfix check"​

 

[Shiney]

Hi UFHH01

The good news, after checking and double checking what you had written and the documents re white/nonwhite space I have finally added both the Port 587 and Plesk-modified codes (including commenting out the last line) and I have a working, stable postfix. I have NOT added the the port 465 and 25 changes though.
The bad news, it still only finds the default certificate and ignores the new domain ssl. I have set the permissions where the SSL certificates is held to 400 so it can read them and as instructed for uploading.

If I have learnt something it's that the main.cf is still overriding the changes we have made in the master.cf and using the default certificate. My main.cf is the original unchanged version.

Thank you

 

[UFHH01]

Hi Shiney,

due to the fact, that you didn't include your operating system and the postfix version yet, it could be as well, that your environment does not meet possible, suggested configuration options - the same as already mentioned, when you use an older Plesk version.

 

[Shiney]

Centos 6.5 | plesk 11.5.30 | postfix 2.8.14-13040119 (I did check and post fix has to be 2.1 or newer apparently).
Maybe I should update to 12.5 and see what happens as maybe you are correct in that my versions do not work with your suggestions. The last time I upgrade Plesk it all went wrong, hence my hesitation.

Thanks UFHH01