Can I have a valid mail server without buying a certificate? - php

I'm mounting my own mail server and I really get it working now (telnet), I just need to configure IMAP to finish.
BUT three things:
I used telnet to send email to gmail. OK! but the mail arrived says: Gmail can't verify that example.com actually sent this message.
I used gmail to send email to my mail server. OK! (Emails arrived fine, I go to /var/spool/mail/virtual/(mailbox) --> nano *filename*)
I cannot connect to the account (for example myaccount#example.com) in Roundcube, I go to the logs and there's an error on imap: dovecot: imap-login: Fatal: Can't load ssl_cert: There is no valid PEM certificate. (You probably forgot '<' from ssl_cert=<)
During the configuration of the mail server I have seen some parameters related to SSL and certificates, but that's my question:
Is necessary to buy a SSL certificate, can I configure it with self-signed certificates? Can I avoid SSL over IMAP?
Thanks.

buying SSL is not necessary, you need valid domain and SPF record, like
v=spf1 include:example.com ~all
learn more here

Related

Swiftmailer raise an exception with code 554, client host rejected

I'm using Swiftmailer to send mail through a contact form with Symfony. My ISP allows me to send mail from a remote server with my mail account information (username, password and smtp).
My problem is that when I'm sending a mail from my development site (from my desktop server) I can do it and the mail is sent, but in the production environment Swiftmailer raise an exception saying that the client host is rejected (code 554 5.7.1) and failed to send the mail. I have tried to debug this with the app/console swiftmailer:email:send and I get the same error :
Exception occurred while flushing email queue:
Expected response code 220 but got code "554",
with message "554 5.7.1 <unknown[here-example-ipv6]:49545>:
Client host rejected: Access denied " [] []
The ipv6 (here-example-ipv6) is corresponding to a dns of my host that I have not configured, but I don't understand why Swiftmailer believes that this ip is corresponding to the client host, my configuration seems (app/config/config.yml and parameters.yml) to be good because that's work fine from my desktop. Any help would be appreciated, thank.
Ok, I get it. I was confused with the error message because I thought it was comming from Switmailler, but it was comming from my ISP mail server.
The problem was that when you want to send a mail from a remote location my ISP require to activate SSL encryption.
So I have added two more parameters for the Swfitmailler configuration :
port: 465
encryption: ssl
and now that's fine. But because I was testing from a production environment, the cache has to be cleared in order the changes to take effect.

'No Relay Access Allowed' in Swift Mailer

I recently transferred my server to VPS & now email function doesn't work for external emails.
Following are the settings I'm using:
$transport = Swift_SmtpTransport::newInstance('ns1.example.com', 465, 'ssl')
->setUsername('testing#example.com')
->setPassword('password');
$mailer = Swift_Mailer::newInstance($transport);
And the error that I'm getting is this:
SMTP error from remote mail server after initial connection:
host dedrelay.where.example.net [XX.XXX.XXX.XX]: 554
m1plded02-01.prod.mesa1.example.net : DED :
gWqF1p02c0cB4sG01 : DED : ESMTP
No Relay Access Allowed From XXX.XXX.XXX
I've tried telnet & response is ok. I've tried following:
telnet ns1.example.com 465
Response was:
connected to xx.xxx.xxx.xx
I'm also not able to configure my desktop email client. Can anyone tell a solution? Any help will be appreciated.
EDIT
I'm not even able to send an email through server's webmail. Same error.
You tried telnet ns1.example.com 465 and it connected. This shows the SMTP server is up and running and your computer can reach it. But this is not all you need.
The error message No Relay Access Allowed From 123.123.123.123 means the SMTP server is configured to not accept emails from this IP address for relay, i.e. emails that needs to be passed to another server for delivery.
This is an anti-abuse measure and it means the SMTP server is configured correctly.
There is nothing wrong with your SwiftMailer configuration. Any email client (including the desktop client, as you said) you use, the answer is the same.
You need to contact the system administrator of the SMTP server and ask them to allow your IP address to use their SMTP server as relay. If they are your ISP it's also possible that the server allows relay only after authentication: you have an username/password pair (that you use to read the emails, f.e.) and you need to use it in order to send emails through their SMTP server. But this is only a supposition (this is how it usually works); you have to ask them to know for sure.

Parallels Plesk 12.0.18 - can not send mails using php while spf turned on

I recently upgraded my Parallels Plesk Panel from version 11 to 12.0.18 running on CentOS. And i noticed i can't send mails anymore using the php function "mail" while SPF-Spamprotection is enabled. I am using postfix as mailserver and mails get always rejected becaus of wrong helo (localhost).
This is what the log says:
spf filter[2532]: Starting spf filter...
spf filter[2532]: Wrong HELO hostname: localhost
/usr/lib64/plesk-9.0/psa-pc-remote[2465]: handlers_stderr: REJECT
/usr/lib64/plesk-9.0/psa-pc-remote[2465]: REJECT during call 'spf' handler
postfix/cleanup[2515]: 4E4D620AE2: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 5.7.1 Command rejected; from=<> to=<xxx#xx.xx>
postfix/cleanup[2515]: 4E4D620AE2: to=<xxx#xx.xx>, relay=none, delay=0.08, delays=0.08/0/0/0, dsn=5.7.1, status=bounced (Command rejected)
Turning off SPF Protection works and mails get delivered but thats not what i want. On previous version of Plesk everything worked just fine.
I already searched for a solution but found nothing useful.
Now my question is: how do i get this to work again?
Check your SPF-Records in your DNS settings for the domain you are sending from i.ex:
xxx.xx TXT v=spf1 +a +mx -all +a:your_host_name
Which means:
all ips of the a-records are allowed to send mails under this
domainname
all ips of the mx-records are allowed to sent mails under this domainname
domains send over hostname are allowed to sent mails under this domainname
At least if i remember correctly you can change the HELO domain for php mail function in php.ini
From php documentation (http://php.net/manual/en/ref.mail.php):
; sendmail will use your hostname and your default_domain in the ehlo/helo
; smtp greeting. you can manually set the ehlo/helo name if required
hostname=

Warning: mail(): SMTP server response: 451 spamhaus-xbl - Blocked

Here I am trying to send email from my local machine.At that time I have got this warning.
Warning: mail(): SMTP server response: 451 spamhaus-xbl - Blocked -
121.246.216.118 in C:\wamp\www\OpenInviter\example.php on line 117
I have got this error when I am adding the bellow code at top in my example.php file.
ini_set("SMTP","mail.domain.com");
ini_set("smtp_port","25");
ini_set('sendmail_from', 'Email#domain.com');
Example.php
foreach ($selected_contacts as $email=>$name)
mail($email,$message_subject,$message_body,$headers);
$oks['mails']="Mails sent successfully";
What's the problem?
Spamhaus is blocking your IP as its listed # http://cbl.abuseat.org - The reason is that you may have a virus, trojan on your computer, or possibly infected with a proxy for a spamming botnet, not good.
Once you have made sure that all the systems that use the IP are not infected visit: http://cbl.abuseat.org/lookup.cgi?ip=121.246.216.118 and click the link at the bottom. You will perhaps have to wait a week/month before all the block lists purge your ip.
If you have recently acquired the IP from your service provider, get in touch with them and ask that they change your IP.
Good luck.
Your IP has, correctly or incorrectly, been deemed a source of spam and the SMTP server is not accepting email from you. Try a different SMTP server with which you properly authenticate, possibly a paid-for service, or try to get yourself delisted at spamhaus (good luck with that).

Swiftmailer working on localhost but not in production

On my localhost (Linux Mint OS) Swiftmailer is working fine with the following code, but whenever I move it up to my server is just hangs at the send function and then gives me an internal server error.
I currently have my email setup through Google Apps, so maybe SMTP will not work for this situation? If thats the case, how do you suggest I change this from SMTP.
Also, whenever I send an email like this, it is showing up with a from address of the one in the username area. I want it to show up with the from address in the "setFrom" function.
//Include the swiftmailer class
require_once 'comm/swiftmailer/swift_required.php';
//Create a message
//Pass it as a parameter when you create the message
$message = Swift_Message::newInstance();
$message->setSubject('My Subject');
$message->setFrom(array('noreply#domain.com' => 'No Reply'));
$message->setTo(array('me#domain.com' => 'Me'));
$message->setBody($emailContent, 'text/html');
//Create transport class and email the message
$transport = Swift_SmtpTransport::newInstance('smtp.gmail.com', 465, 'ssl')->setUsername('useracctname')->setPassword('password');
$mailer = Swift_Mailer::newInstance($transport);
$result = $mailer->send($message);
Thanks a lot for any help!
This might be a port problem on the server. Port 465 could be closed to prevent spamming. It could also be that the server's version of PHP lacks SSL support.
I am wondering though, could it be that I am not using the local mail server so it wont allow SMTP?
If you address gmail as explicitly as you do, it's very unlikely you're using another transport type or a different server.
Also, what about using one of the other transport types?
I think SMTP is your only option to get it running with Gmail. It could, however, be that your server is providing a mail() based service (obviously with a different sender address than GMail though). In that case, you may be able to use Swiftmailer's mail transport.
I had the same problem : I was able to send gmail email in local (after updating that configuration : https://www.google.com/settings/security/lesssecureapps ) but not in production.
To fix my problem I've logged to my gmail account with my production ip / from my production server and answer the gmail security question.
One of the solution to log to your gmail account with your production ip, is to
open an ssh tunnel (ssh -2NfCT -D 5000 yoursshuser#yourdomain.org)
configure you browser to use that proxy (eg Firefox :to Preferences > Advanced > Network > Settings > Manual proxy configuration > SOCKS Hosts: localhost / Post: 5000 / SOCKS v5 )
log to you gmail account as usual
The error outputed by Symfony was :
app.ERROR: Exception occurred while flushing email queue: Failed to authenticate on SMTP server with username "joe.doe" using 1 possible authenticators [] []
well, here is the solution.
if you are sending SMTP mail you should create email account at the server then use this email info at your code.
the server will not send the email if you don't have valid email account to send using it
when you use "from".
this should be a true correct email account a fake one.
the only possible reason to send using fake account is using mail() function.

Categories