> On 11 Dec 2018, at 8:55 am, Daniel Miller via Assp-test
> <[email protected] <mailto:[email protected]>>
> wrote:
>
> On 12/10/2018 5:06 AM, James Brown via Assp-test wrote:
>> I’m trying to properly setup Postfix, ASSP, and Dovecot are on the same
>> machine. My problem is with users submitting emails.
>>
>> I think Postfix needs to listen on port 465 and send to ASSP on port 25.
>> ASSP then sends back to Postfix on port 10026? I have in Postfix’s
>> master.conf:
>>
>> 10026 inet n - n - - smtp
>> 465 inet n - n - - smtp
>> dovecot unix - n n - - pipe
>> flags=DRhu user=_vmail argv=/usr/local/libexec/dovecot/deliver -f
>> ${sender} -d ${recipient}
>>
>> listenPort is 25
>> SmtpDestination is 127.0.0.1:10026
>> relayPort: 225
>> allowRelayCon is 127.0.0.1
>> relayHost is 127.0.0.1:10026
>>
> I run exactly the setup above - with a totally different config. A few
> things:
>
> ASSP (as I understand it) should be setup as the "public" interface for all
> SMTP connections - whether internet senders, authenticated clients, or
> internal LAN. So ASSP generally listens on ports 25 & 587 - I don't use 465.
>
> listenPort:=25
> smtpDestination:=127.0.0.1:125
> listenPort2:=587
> smtpAuthServer:=SSL:127.0.0.1:126
> NoAUTHlistenPorts:=25
> There are a number of other ASSP settings you'll have to tweak of course -
> but this are the basics to communicate. So unauthenticated internet senders
> connect to port 25 which is forwarded to Postfix on port 125. Authenticated
> senders on port 587, using SSL (and you may want to wait to get SSL setup
> until the basic connections are working), go to Postfix on port 126.
>
> Postfix master.cf:
>
> # Listeners for mail FROM assp. This is mail from the Internet
> # destined for local delivery
> #
> 127.0.0.1:125 inet n - y - - smtpd
> -o syslog_name=assp
> -o smtpd_proxy_filter=
> -o myhostname=<your public hostname here>
>
> # Listener for dedicated TLS/SSL mode. Historically intended for port 465
> support.
> # Non-TLS connections will not initiate.
> # Functionally identical to previous listener - simply adds TLS line.
> # Comment out the TLS Wrapper for initial setup.
> 127.0.0.1:126 inet n - y - - smtpd
> -o syslog_name=assptls
> -o smtpd_tls_wrappermode=yes
> -o smtpd_proxy_filter=
> -o myhostname=<your public hostname here>
>
> At this point Dovecot has nothing to do with either ASSP or Postfix. Dovecot
> should still be unrelated to ASSP - but if you want to use Dovecot for local
> delivery (a good idea) or authentication (another good idea) there's more to
> configure in Postfix, primarily in main.cf
>
> See if the above gets you working SMTP connections - then take the next step.
>
> --
> Daniel
>
Thanks Bob and Daniel.
This is similar to my current (old) mail server setup. I’m using 465 for
submission as that seems to be the preferred way now ("The latter port (465)
was previously deprecated, but this changed with RFC 8314
<https://tools.ietf.org/html/rfc8314> and its use is now recommended to ensure
security.” - Simple Mail Transfer Protocol - Wikipedia
<https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol> ). With ASSP
handling the SSL on submissions I get ‘SSL wants a read first” error at least
once a day. I have to restart ASSP to allow the person to send emails again.
Now with the new machine I’m setting up, I get this ‘SSL wants a read first’
error for every message I try to send. When I asked Thomas about this he said:
remember "NEVER connect clients directly to ASSP" + "DO NOT use ASSP as a
client connector”
And he said:
the recommended mail flow is
https://sourceforge.net/p/assp/wiki/ASSP_Advanced_Workflow/
<https://sourceforge.net/p/assp/wiki/ASSP_Advanced_Workflow/>
Trying to implement this mail flow is where I came unstuck!
(My new server is running macOS Mojave, perl is 5.028, ASSP is 2.6.2 build
18339)
James._______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
