I was able to locate the parameter in my main.inc.db for RC to force RC to use TLS when using IMAP:
// the mail host chosen to perform the log-in // leave blank to show a textbox at login, give a list of hosts // to display a pulldown menu or set one host as string. // To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// $rcmail_config['default_host'] = 'tls://mail.mydomain.tld';
// TCP port used for IMAP connections $rcmail_config['default_port'] = 143;
My question is I am unable to force RC to use TLS whens ending mail via SMTP on port 25. I don't know why or what I am missing but I did the following:
// use this host for sending mails. // to use SSL connection, set ssl://smtp.host.com // if left blank, the PHP mail() function is used // Use %h variable as replacement for user's IMAP hostname $rcmail_config['smtp_server'] = 'tls://mail.mydomain.tld';
// SMTP port (default is 25; 465 for SSL) $rcmail_config['smtp_port'] = 25;
// SMTP username (if required) if you use %u as the username RoundCube // will use the current username for login $rcmail_config['smtp_user'] = '%u';
// SMTP password (if required) if you use %p as the password RoundCube // will use the current user's password for login $rcmail_config['smtp_pass'] = '%p';
// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use // best server supported one) $rcmail_config['smtp_auth_type'] = '';
The above doesn't work for SMTP with TLS. Anyone know how I can correctly get TLS working with SMTP? It works great with IMAP but I have to remove the 'tls://' from SMTP and then I am able to send email successfully...but w/o TLS.
Please help! _______________________________________________ List info: http://lists.roundcube.net/users/
Carlos Mennens wrote:
// use this host for sending mails. // to use SSL connection, set ssl://smtp.host.com // if left blank, the PHP mail() function is used // Use %h variable as replacement for user's IMAP hostname $rcmail_config['smtp_server'] = 'tls://mail.mydomain.tld';
// SMTP port (default is 25; 465 for SSL) $rcmail_config['smtp_port'] = 25;
The above doesn't work for SMTP with TLS. Anyone know how I can correctly get TLS working with SMTP? It works great with IMAP but I have to remove the 'tls://' from SMTP and then I am able to send email successfully...but w/o TLS.
In 0.3.1 TLS for SMTP is used by default (if server supports it) and tls:// prefix doesn't work at all. In current svn-trunk version you must use tls:// prefix to force TLS.
On Mon, Apr 5, 2010 at 10:54 AM, A.L.E.C alec@alec.pl wrote:
In 0.3.1 TLS for SMTP is used by default (if server supports it) and tls:// prefix doesn't work at all. In current svn-trunk version you must use tls:// prefix to force TLS.
So can I leave the specified port as 25 or will it not default to TLS if the port for SMTP is 25?
// SMTP port (default is 25; 465 for SSL) $rcmail_config['smtp_port'] = 25; _______________________________________________ List info: http://lists.roundcube.net/users/
On Mon, 5 Apr 2010 12:58:29 -0400, Carlos Mennens carloswill@gmail.com wrote:
On Mon, Apr 5, 2010 at 10:54 AM, A.L.E.C alec@alec.pl wrote:
In 0.3.1 TLS for SMTP is used by default (if server supports it) and tls:// prefix doesn't work at all. In current svn-trunk version you
must
use tls:// prefix to force TLS.
So can I leave the specified port as 25 or will it not default to TLS if the port for SMTP is 25?
// SMTP port (default is 25; 465 for SSL) $rcmail_config['smtp_port'] = 25;
the default port for TLS is 587 don't use 25 _______________________________________________ List info: http://lists.roundcube.net/users/
On Mon, Apr 5, 2010 at 1:15 PM, fakessh fakessh@fakessh.eu wrote:
the default port for TLS is 587 don't use 25
When I change my SMTP from 25 to 587. I am unable to send email from webmail. If I change the port back to 25, I can send SMTP fine. I checked my Firewall and I am allowing port 587 outbound for sending TLS from my DMZ. I am using Postfix and my TLS configuration is fairly basic. I thought TLS was possible on port 25 but from what you're saying it's not. I must be confused... _______________________________________________ List info: http://lists.roundcube.net/users/
On 04/05/10 13:45, Carlos Mennens wrote:
On Mon, Apr 5, 2010 at 1:15 PM, fakesshfakessh@fakessh.eu wrote:
the default port for TLS is 587 don't use 25
When I change my SMTP from 25 to 587. I am unable to send email from webmail. If I change the port back to 25, I can send SMTP fine. I checked my Firewall and I am allowing port 587 outbound for sending TLS from my DMZ. I am using Postfix and my TLS configuration is fairly basic. I thought TLS was possible on port 25 but from what you're saying it's not. I must be confused...
You can do TLS on any port. Usually, you set up a separate submission instance on port 587 where you force TLS authentication. For example in Postfix this instance would have smtpd_tls_security_level=encrypt. Your users use port 587, and that way, they can never send credentials in plain text.
However, you can also use opportunistic (i.e. whenever it will work) TLS on port 25. If a remote mail server supports TLS, great, but you can't require it because most remote MTAs won't have it enabled.
Whether or not any of that will actually work, of course, depends on your Postfix config. If you can't do TLS on port 25, you may not have it enabled on that port. Make sure you have at least smtpd_tls_security_level=may, but *don't* set your main port 25 smtpd to level=encrypt.
List info: http://lists.roundcube.net/users/
-
A.L.E.C -
Carlos Mennens -
fakessh -
Michael Orlitzky