Closed kilo42L closed 6 years ago
How does LE randomly disable HTTPS? I don't understand. https://mail.forestproperties.com/ looks fine.
"The external clients will handshake tls and connect for a few seconds" <- That's what happens on port 25! That's not a port for clients to use (use port 587 STARTTLS or 465 TLS-wrapped here).
This delay is created by postscreen to catch spam scripts. Once a server has passed this test, it is whitelisted for a while.
Thank you for the fast reply and you are right about port 25. I meant to say 587. As far as the https goes.. im not sure I realized that in mailcow.conf this was not filled out with my local ip.
# You should use HTTPS, but in case of SSL offloaded reverse proxies:
HTTP_PORT=80
HTTP_BIND=0.0.0.0
HTTPS_PORT=443
HTTPS_BIND=0.0.0.0
Not sure whats going on with tls though as I had to disable encryption in dovecot just so the outlook clients could work today. I have tried about everything I can think of to get outlook to work.
A bind does not need to be filled with your local IP. 0.0.0.0 is fine. Why did you disable TLS in Dovecot? I don't see how that relates to your previous problem. LE does not enable or disable certificates by itself. Port 25 and 587 aren't opened by Dovecot but Postfix.
What do you mean, you "meant to say 587? You never said 25.
I don't know what is happening here, sorry.
oh boy i screwed up now.
i changed a cipher temporarily and broke docker conatiners
Starting mailcowdockerized_sogo-mailcow_1 ... error
Starting mailcowdockerized_mysql-mailcow_1 ...
mailcowdockerized_memcached-mailcow_1 is up-to-date
mailcowdockerized_php-fpm-mailcow_1 is up-to-date
Starting mailcowdockerized_unbound-mailcow_1 ... error
Starting mailcowdockerized_dovecot-mailcow_1 ... error
ERROR: for mailcowdockerized_unbound-mailcow_1 Cannot start service unbound-mailcow: Address already in use
ERROR: for mailcowdockerized_dovecot-mailcow_1 Cannot start service dovecot-mailcow: driver failed programming external connectivity on endpoint mailcowdockerized_doStarting mailcowdockerized_mysql-mailcow_1 ... error
ERROR: for mailcowdockerized_mysql-mailcow_1 Cannot start service mysql-mailcow: driver failed programming external connectivity on endpoint mailcowdockerized_mysql-mailcow_1 (bbf5f2108e90f7b191232caa784de740e499a01e9eb60f874f7b8e98e3ea0df3): Bind for 127.0.0.1:13306 failed: port is already allocated
ERROR: for sogo-mailcow Cannot start service sogo-mailcow: Address already in use
can you help ?
Thank God for proxmox snapshots
I am having problems with letsencrypt randomly disabling the https but there is nothing in the logs about any failures and im also having some strange problems with tls. All my clients are using outlook to get messages and 2 are from outside the network. I have to disable security internally because the outlook clients will not connect with encryption enabled.
The external clients will handshake tls and connect for a few seconds and then they loose connection. I m really at a loss as to why this is all happeneing.
using https://www.checktls.com/perl/TestReceiver.pl
I get a good report one second then if I run report again it all fails.
Thanks for any help you can provide