Hi everyone,
In the last few days we tried to enable email in our domain. Here I must explain we are only planning to use it internally, for notifications etc.
We’ve installed the Mail Server app and tried to connect using a number of clients.
First problem was that not all clients could connect. Some failing auth, some not recognising ports (port/protocol combination i.e.: 143 / STARTTLS)
We also noticed that SMTP unauthenticated send was working on port 25.
Looking at the logs we found this:
/var/log/dovecot.warn
Jul 13 02:27:57 dc01 dovecot: doveconf: Warning: Obsolete setting in /etc/dovecot/conf.d/10-ssl.conf:61: ssl_protocols has been replaced by ssl_min_protocol
Jul 13 02:27:57 dc01 dovecot: doveconf: Error: Could not find a minimum ssl_min_protocol setting from ssl_protocols = SSLv2 SSLv3: Unrecognized protocol 'SSLv2'
/var/log/dovecot.err
Jul 13 02:27:57 dc01 dovecot: doveconf: Error: Could not find a minimum ssl_min_protocol setting from ssl_protocols = SSLv2 SSLv3: Unrecognized protocol 'SSLv2'
Jul 13 02:27:57 dc01 dovecot: config: Error: Could not find a minimum ssl_min_protocol setting from ssl_protocols = SSLv2 SSLv3: Unrecognized protocol 'SSLv2'
And surely that’s configured in UCR
Looking at Dovecot documentation we decided to use the “TLSv1.2”. This made the error go away from dovecot.err and dovecot.warn.
Searching for the SSLv2 & v3 we noticed this:
Again, Postfix documentation is quite clear (here and here)
We went with “>=TLSv1.2” for postfix, however this does not produce any log files.
Couple of questions:
- Why can’t we use UCS docs to configure email client? What to do to get this rectified?
- Should the defaults in UCR be changed to reflect current state of Dovecot and Postfix docs?
- How to enable postfix log
