STARTTLS on internal Port 26?

[matze1]

Hi,

i have configured PMG to use TLS, that works on external port 25.

But on internal port 26 there is no offering of STARTTLS after EHLO

Where can i configure PGM to use STARTTLS on this port too?

Matze

 

[tom]

See https://bugzilla.proxmox.com/show_bug.cgi?id=1649

 

[matze1]

Ok, so that's considered a bug.

Thanks for your quick reply, Tom.

Matze

 

[tom]

Ok, so that's considered a bug.

Thanks for your quick reply, Tom.

Matze

Not really a bug, we also file enhancement requests in our Bugzilla.

 

[Plaintext]

Not really a bug, we also file enhancement requests in our Bugzilla.

Ups, this is a show stopper somehow. Is it possible to give a time frame for the solution?
(or we have to create some vpn tunnel solution as a workaround )

 

[tom]

Ups, this is a show stopper somehow. Is it possible to give a time frame for the solution?
(or we have to create some vpn tunnel solution as a workaround )

Someone needs to implement it, we also accepts patches from external contributors in the case you want to add it by yourself.

 

[Davide Bozzelli]

To implement tls on port 26 like port 25:
(I assume port 26 if your internal smtp port)

WARNING: Use at your own risk

1) mkdir -p /etc/pmg/templates
2) cp /var/lib/pmg/templates/master.cf.in /etc/pmg/templates
3) edit /etc/pmg/templates/master.cf.in
3) find [% pmg.mail.int_port %]
4) add at the end of the block the following line: [% IF pmg.mail.tls %] -o smtpd_tls_security_level=may [% END %]

now run: pmgconfig sync

To test it:
openssl s_client -debug -starttls smtp -crlf -connect pmg_internal_ip:26
You should be able to do an smtp conversation with your pmg on port 26.

FOR DEV: please add -o smtpd_tls_security_level=may by default.