Enable SSL authentication on port 465 in ISPConfig 3 on Ubuntu

I used this tutorial located on howtoforge.com for installing ISPConfig. It covers TLS authentication for SMTP but not SSL. To use SSL you must do the following steps :

We must first allow postfix to listen on port SMTPS aka port 465

1. Edit your /etc/postfix/master.conf and make sure you have the following lines uncommented :

smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

2. Restart postfix :

#service postfix restart

3. Restart dovecot :

#service dovecot restart

4. Create / modify a new account on your email client and use the following settings for SMTP server :

Port : 465

Authentication method : Normal password

Connection Security : SSL/TLS

*These settings are for Mozilla Thunderbird 24.3.0

At this point you may get an error in Thunderbird when trying to test the account.

Looking in your postfix log you can see something like :

warning: TLS library problem: 26981:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1256:SSL alert number 48:

This happens because you have a self signed certificate and Thunderbird refuses to accept it.

To use port 465 and SSL, just use another method for Outgoing SMTP settings (connection security NONE or TLS) to get past the account creation, and then go to SMTP server settings and manually choose port 465 and SSL (or SSL/TLS).

Now try to send an email and watch for Thunderbird failing and giving you a popup window to accept the certificate. Accept the certificate and all will be OK.

Tested on ISPConfig running onĀ Ubuntu 12.04.4 LTS x64

1 comment

    • user on March 1, 2015 at 3:41 am
    • Reply

    Thank you. Search on google, found your website and solved my problem with testing in less than 30 minute.

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.