Results 1 to 2 of 2

Thread: 7.1.3: multi-domain and smtp/TLS; manually change master.conf.in?

  1. #1
    ypong is offline Senior Member
    Join Date
    Jan 2009
    Posts
    66
    Rep Power
    6

    Default 7.1.3: multi-domain and smtp/TLS; manually change master.conf.in?

    I have 7.1.3 OSS installed in a multi-server, multi-domain environment, with separate IPs and commercial certificates for each domain. IMAP/Web access with StartTLS works fine, but SMTP via submission port (587) with startTLS seems to be returning the wrong certificate.

    testing with openssl s_client -connect <host : port> -starttls smtp -status, I can see that the only the base domain certificate is returned each time.

    contrast with openssl s_client -connect <host : port> -starttls imap -status, the correct domain's certificate is returned.

    So, more digging: I noticed that nginx is setup only for imap/pop/http(s).

    smtp on the other hand, is handled only by postfix, with 25=smtp, 465=smtps and 587=submission found in /opt/zimbra/postfix/conf/master.conf and master.conf.in.

    I found in Multiple SSL Virtual Hosts 6.0 - Zimbra :: Wiki that I may have to manually hack the master.cf.in file and add the IPs for each of my domains separately.

    Can I confirm this is indeed the way to go? I would have thought that in 7.x this would have been more favourably configured?
    Release 7.2.0_GA_2669.UBUNTU10_64 UBUNTU10_64 FOSS edition

  2. #2
    ypong is offline Senior Member
    Join Date
    Jan 2009
    Posts
    66
    Rep Power
    6

    Default

    I went ahead and created the entries in master.conf.in, and testing with openssl as well as with email clients seems to indicate this is working.
    Release 7.2.0_GA_2669.UBUNTU10_64 UBUNTU10_64 FOSS edition

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •