1

Topic: Enable smtps on port 465.

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):   1.4.0
- Deployed with iRedMail Easy or the downloadable installer?  Downloadable
- Linux/BSD distribution name and version: Ubuntu 20.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL - MariaDB
- Web server (Apache or Nginx):  Nginx
- Manage mail accounts with iRedAdmin-Pro?   no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I followed the document https://docs.iredmail.org/enable.smtps.html, as I did other times in the past to enable legacy smtp on ssl port 465, but it seems not to work now.

telnet from localhost to   localhost:465  generates an error in /var/log/syslog:

smtpd: SSL_accept error from mail.mydomain.com[127.0.0.1]: -1       
smtpd: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:   

I think the problem could be openssl, which is now at version: OpenSSL 1.1.1f  31 Mar 2020
Maybe now SSL legacy support is now definitively removed.

In other (older) servers, where smtps:465 works I checked openssl to be at version: OpenSSL 1.0.2k-fips  26 Jan 2017

I don't think that downgrade openssl would be the best idea of the year... is there something to do?
Thank you!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Enable smtps on port 465.

"telnet" doesn't support tls/ssl secure connection, don't use it for testing.
Try a normal MUA like Outlook, Thunderbird for testing.