similar to: Share Website certificate with SSL/STL Dovecot IMAP and Postifix SMTP

Hi guys, I've bought a certificate from the authority for my website to use to access in https mode. Is it possible to share the same pairs to authenticate the emails sent by postfix and Dovecot in order to avoid that client as Hotmail.it or Gmail intercept these as Spam? Thank you

HotSlots Webmaster <webmaster at hotslots132.com> writes: > I have had Dovecot working fine with SSL for nearly two years now. It's > time to renew the SSL certificate, so I did (same CA). The new > certificate works fine in Apache and Postfix. But when I update Dovecot > to use the same certificate, and restart the server, Dovecot stops > responding to connects. > ...

Steve Matzura writes: > What is the reasoning behind that `<' anyway? It just appears so odd > that a path should have that at its front. I think this was a special syntax-hack that Timo used to mean "read into a buffer", or some different way to handle file data, probably for security reasons. Joseph Tam <jtam.home at gmail.com>

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 07/08/2019 00:37 Joseph Tam via dovecot < <a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote: </div>

With PKIX validation the certificate should match the hostname. With SMTP, the hostname should match the reverse IP though often it does not. Using subdomains gives you flexibility. with DANE validation, it is DNSSEC that validates the fingerprint to the hostname so I do not believe there is a need for the hostname in the cert to match anything, but DANE validation is currently not used by

I deleted the certificate already, but I think it only uses that for imap/dovecot. I don't think it actually stores one for smtps (or am I not talking sense here). Sent from my iPhone > On 10 Aug 2017, at 23:25, Joseph Tam <jtam.home at gmail.com> wrote: > > >> On Thu, 10 Aug 2017, Larry Rosenman wrote: >> >> Which mail client on iOS? > > Sorry,

Sent from my iPhone > On 14 Aug 2017, at 13:03, Alef Veld <alefveld at outlook.com> wrote: > > Hey Mike. > The iPhone and MacBook started working, but the two remaining iMacs still have problems. It's really weird. But if the first 2 are working it MUST be something local right? > > I removed the servers and re-added but no go. Maybe I'll need to remove the plist

On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) Joseph Tam <jtam.home at gmail.com> wrote: > Michael Felt <michael at felt.demon.nl> writes: > > >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is > >> written in pure shell script, so no python dependencies. > >> https://github.com/Neilpang/acme.sh > > > > Thanks - I might

On Sat, 19 Aug 2017 21:39:18 -0400 KT Walrus <kevin at my.walr.us> wrote: > > On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> > > wrote: > > > > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) > > Joseph Tam <jtam.home at gmail.com> wrote: > > > >> Michael Felt <michael at felt.demon.nl> writes: >

Evolution prompted to accept the cert; which I did. Thunderbird used to prompt and allow acceptance; it no longer does... well sorta does. See my other posting for a screenshot where it shows "add server location https:// ...." HTTPS . no way to add from SMTP. Have also tried typing smtp://host:25 and https://host:25 On 4/30/20 5:39 PM, Joseph Tam wrote: > On Thu, 30 Apr 2020,

On Sun, 20 Aug 2017 12:29:49 -0400 KT Walrus <kevin at my.walr.us> wrote: > > On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> > > wrote: > > > > On Sat, 19 Aug 2017 21:39:18 -0400 > > KT Walrus <kevin at my.walr.us> wrote: > > > >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at

On Mon, 4 Dec 2017 12:53:15 -0800 (PST) Joseph Tam <jtam.home at gmail.com> wrote: > "Davide Marchi" <danjde at msw.it> writes: > > >> UW-IMAP's mailutil, imapsync, YippieMove and Larch. > > Whatever you use, *don't* use UW-IMAP's mailutil unless you got lots > of time to kill. It is dreadfully slow -- I used it to export some of >

On Thu, 10 Aug 2017, Larry Rosenman wrote: > Which mail client on iOS? Sorry, maybe not iOS, but definitely MacOSX Mail app. Joseph Tam <jtam.home at gmail.com>

On 04/12/17 23:15, Steve Litt wrote: > On Mon, 4 Dec 2017 12:53:15 -0800 (PST) > Joseph Tam <jtam.home at gmail.com> wrote: > >> "Davide Marchi" <danjde at msw.it> writes: >> >>>> UW-IMAP's mailutil, imapsync, YippieMove and Larch. >> >> Whatever you use, *don't* use UW-IMAP's mailutil unless you got lots >> of

Michael Felt <michael at felt.demon.nl> writes: >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >> written in pure shell script, so no python dependencies. >> https://github.com/Neilpang/acme.sh > > Thanks - I might look at that, but as Ralph mentions in his reply - > Let's encrypt certs are only for three months - never ending circus.

Alef Veld writes: >> I'm wondering if there is any cache for a certificate or something, my >> maillog shows up something like 10 bytes read, -1. So it returns an >> error. I deleted the accounts and created them again, still no go. >> >> Anyone had anything similar before? On top of the usual mail set up problems (and it appears to be some SSL/STARTLS port

Joseph Ward writes: > I'm aware of at least a couple of fallback options: > ??? -have a self-signed cert for replication and use the Let's Encrypt > one for IMAP/POP > ??? - create firewall rules allowing them to connect to each other over > the public internet so that it can validate the proper cert > ? > These are both much less palatable than simply disabling the

Is there some reason to use a mail.domain.com cert for mail rarher than just using domain.com for everything? Historically the subdomain were used because they were on different hardware. That is www was on one machine and mail was on another. ? Original Message ? From: dovecot at dovecot.org Sent: March 14, 2019 3:56 PM To: dovecot at dovecot.org Reply-to: jtam.home at gmail.com

> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) > Joseph Tam <jtam.home at gmail.com> wrote: > >> Michael Felt <michael at felt.demon.nl> writes: >> >>>> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >>>> written in pure

mick crane wrote: > Apache2 default install has this snake oil certificate > Can make a new one for apache I won't go over some of the excellent points in previous posts, but I will mention SAN as a third type of certificate you can make. LetsEncrypt supports this type of certificate. This is halfway between single CN and wildcard certificate where you can combine many hostnames (up