1 Topic by jhpolice

  • jhpolice
  • Member
  • Offline
  • Registered: 2017-07-28
  • Posts: 6

Topic: TLS Issue as other domain says "our domain did not encrypt this messa"

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: CentOS Linux release 7.2.1511
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? yes RedAdmin-Pro     v2.6.1 (LDAP)
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
We're facing issue in TLS. When we're sending email to gmail account it's says that "our domain did not encrypt this message" and red color lock icon is coming. But we've integrated TLS service. Below few things we've done already:

added below in master.cf file ;
465     inet  n       -       n       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Also uncommented below lines in main.cf file;
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
smtpd_sasl_security_options = noanonymous

In firewall we've allowed 465, 587,25, ports too.

we need your help on priority please...

Thanks
Jitendra
Police Headquarter, Jharkhand

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: TLS Issue as other domain says "our domain did not encrypt this messa"

Make sure you have below settings in Postfix main.cf, restart postfix and try to send one more to Gmail for testing.

smtpd_tls_security_level = may
smtp_tls_security_level = may

3 Reply by jhpolice (edited by jhpolice 2017-09-09 14:49:01)

  • jhpolice
  • Member
  • Offline
  • Registered: 2017-07-28
  • Posts: 6

Re: TLS Issue as other domain says "our domain did not encrypt this messa"

ZhangHuangbin wrote:

Make sure you have below settings in Postfix main.cf, restart postfix and try to send one more to Gmail for testing.

smtpd_tls_security_level = may
smtp_tls_security_level = may

Yes both parameters already exists in main.cf file.. And again I have taken today's screenshot attached for your needful action.. Please help me..

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: TLS Issue as other domain says "our domain did not encrypt this messa"

What's the link to the "Learn more"?

5 Reply by jhpolice (edited by jhpolice 2017-09-09 14:48:45)

  • jhpolice
  • Member
  • Offline
  • Registered: 2017-07-28
  • Posts: 6

Re: TLS Issue as other domain says "our domain did not encrypt this messa"

ZhangHuangbin wrote:

What's the link to the "Learn more"?

This link is support link from google.

https://support.google.com/mail/answer/ … n&rd=1

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: TLS Issue as other domain says "our domain did not encrypt this messa"

Make sure you have settings below in main.cf:

smtpd_tls_security_level = may
smtp_tls_security_level = may
smtpd_tls_CApath = /etc/pki/tls/certs
smtp_tls_CApath = /etc/pki/tls/certs

Also, check Postfix log file when you send email to Gmail, it should show you secure connection related info.