Dec 29, 2023: iRedMail-1.6.8 has been released.

**dittman** · 2024-02-20 08:11:24

dittman
Member
Offline

Registered: 2015-08-15
Posts: 55

Topic: Weird problem with TLS

The Unifi UDMP/UDMSE has a problematic email client. Some people just disable STARTTLS on it which works but I've been playing and found that if I configure one to send to my iRedMail server from the WAN it works but if I use the LAN the connection drops after CONNECT or STARTTLS depending on whether I'm using 587 or 465.

My cert is valid (from Let's Encrypt) and non-UDMP/UDMSE systems can send on the LAN just fine using STARTTLS.

So my question is a general one on iRedMail which is does the cert handling change on whether it comes in from a network on mynetworks or not?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2024-02-26 10:16:35

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,792

Re: Weird problem with TLS

Try to use "fullchain.pem" instead of "cert.pem" offered by Let's Encrypt in Postfix/Dovecot/Nginx.

**dittman** · 2024-02-27 11:17:42

dittman
Member
Offline

Registered: 2015-08-15
Posts: 55

Re: Weird problem with TLS

ZhangHuangbin wrote:

Try to use "fullchain.pem" instead of "cert.pem" offered by Let's Encrypt in Postfix/Dovecot/Nginx.

I changed from cert.pem to fullchain.pem in Postfix and Dovecot and it didn't help. The UDM SE and Pro can't send on the LAN but can on the WAN.

**ZhangHuangbin** · 2024-03-29 10:38:43

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,792

Re: Weird problem with TLS

dittman wrote:

but if I use the LAN the connection drops after CONNECT or STARTTLS depending on whether I'm using 587 or 465.

Do you use private IP address as smtp server address?

**dittman** · 2024-03-30 00:26:33

dittman
Member
Offline

Registered: 2015-08-15
Posts: 55

Re: Weird problem with TLS

ZhangHuangbin wrote:

dittman wrote:
but if I use the LAN the connection drops after CONNECT or STARTTLS depending on whether I'm using 587 or 465.
Do you use private IP address as smtp server address?

Yes.

Dec 29, 2023: iRedMail-1.6.8 has been released.

Weird problem with TLS

Posts: 5

1 Topic by dittman 2024-02-20 08:11:24

Topic: Weird problem with TLS

2 Reply by ZhangHuangbin 2024-02-26 10:16:35

Re: Weird problem with TLS

3 Reply by dittman 2024-02-27 11:17:42

Re: Weird problem with TLS

4 Reply by ZhangHuangbin 2024-03-29 10:38:43

Re: Weird problem with TLS

5 Reply by dittman 2024-03-30 00:26:33

Re: Weird problem with TLS

Posts: 5