I am trying to set up a mail server using postfix, dovecot, and roundcube. I want to send mail using TLS encryption, but I get the following messages:
From Roundcube:
[25-Apr-2018 14:43:00 -0700]: <2g3no7cf> SMTP Error: Authentication failure: STARTTLS failed (Code: ) in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1648 (POST /roundcube/?_task=mail&_unlock=loading1524692580810&_lang=undefined&_framed=1&_action=send)
From postfix in /var/log/mail.info:
Apr 25 14:43:00 hwsrv-230549 postfix/submission/smtpd[8500]: connect from localhost[127.0.0.1]
Apr 25 14:43:00 hwsrv-230549 postfix/submission/smtpd[8500]: lost connection after STARTTLS from localhost[127.0.0.1]
Apr 25 14:43:00 hwsrv-230549 postfix/submission/smtpd[8500]: disconnect from localhost[127.0.0.1] ehlo=1 starttls=1 commands=2
Here is my /etc/roundcube/config.inc.php:
$config = array();
$config['default_host'] = 'localhost';
$config['default_port'] = 143;
$config['smtp_server'] = 'tls://localhost';
$config['smtp_port'] = 587;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['smtp_auth_type'] = 'LOGIN';
Here is my /etc/postfix/main.cf:
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
readme_directory = /usr/share/doc/postfix
compatibility_level = 2
smtpd_tls_cert_file=/etc/letsencrypt/live/host.hostprovider.com/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/host.hostprovider.com/privkey.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = host.hostprovider.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
html_directory = /usr/share/doc/postfix/html
config_directory = /etc/postfix
virtual_transport = dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
virtual_mailbox_domains = mysql:/etc/postfix/mysql-vdomains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-vusers.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-valias.cf
And from my /etc/postfix/master.cf:
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_reject_unlisted_recipient=no
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
Adding this to my /etc/roundcube/config.inc.php allows me to send mail, but the mail is unencrypted, and my goal is to send encrypted emails.
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
I have searched and found many people who have the same issue, but have not found a clear solution, and nothing has worked for me so far.
Thanks for your help.
Dan
Best Answer
modify/change /etc/postfix/main.cf like this below: