• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Qmail and TLS

D

deltatech

Regular Pleskian
I am currently running Plesk 11 and was told by Parallels support that qmail does not support TLS on plesk 11.

I am considering upgrading to Plesk 12 and was wondering if qmail on Plesk 12 will support TLS?
 
I have switched from Postfix to Qmail on my test Plesk 12 server and checked that TLS is supported:

[root@ppu12-0 ~]# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 ppu12-0.demo.pp.plesk.ru ESMTP
ehlo
250-ppu12-0.demo.pp.plesk.ru
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
 
Additionally:

# openssl s_client -starttls smtp -crlf -connect localhost:25 | grep TLS
....
250 8BITMIME
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Protocol : TLSv1.2
TLS session ticket lifetime hint: 300 (seconds)
 
IgorG said:
Additionally:

# openssl s_client -starttls smtp -crlf -connect localhost:25 | grep TLS
....
250 8BITMIME
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Protocol : TLSv1.2
TLS session ticket lifetime hint: 300 (seconds)
Click to expand...

On Plesk 11 I get this, any way to fix this on plesk 11?...

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 myserver.com ESMTP
EHLO
250-myserver.com
250-AUTH=LOGIN CRAM-MD5
250-AUTH LOGIN CRAM-MD5
250-PIPELINING
250 8BITMIME

Note it is missing the 250-STARTTLS
 
When you send the EHLO command, the server will respond with a list of the items it supports.
 
IgorG said:
When you send the EHLO command, the server will respond with a list of the items it supports.
Click to expand...

That is the problem, it doesn't list STARTTLS on my plesk 11 box. Is there any way to fix this without upgrading to plesk 12? I do have a support contract so I could upgrade but I am afraid of upgrades as they usually cause too much downtime and my clients can't go days without their email..
 
All works fine by default on my test Plesk 11.5:

root@ppu11-5:~# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 ppu11-5.demo.pp.plesk.ru ESMTP
ehlo
250-ppu11-5.demo.pp.plesk.ru
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
quit
221 ppu11-5.demo.pp.plesk.ru
Connection closed by foreign host.

root@ppu11-5:~# cat /usr/local/psa/version
11.5.30 Debian 6.0 115140407.17
 
You must log in or register to reply here.

Similar threads

A
Issue FTP - Insecure server, it does not support FTP over TLS.
Replies
3
Views
739
Alban Staehli
A
R
Issue Unable to connect to FTP via
Replies
4
Views
849
kilowhisky65
K
TimReeves
Issue drwebd now fails to start on Debian 12
Replies
7
Views
2K
TimReeves
TimReeves
K
Resolved Plesk panel update fails with "certificate has expired"
Replies
3
Views
617
Sebahat.hadzhi
Sebahat.hadzhi
brother4
Question Cron Stil "30 11,16 * * 3-7" allowed in Plesk?
Replies
3
Views
702
AYamshanov
AYamshanov
Back
Top