[SOLVED] google gmail - servername.com didn't encrypt this message

5 posts / 0 new
Last post
#1 Thu, 02/11/2016 - 07:13
Nile

[SOLVED] google gmail - servername.com didn't encrypt this message

Dear All,

As you may have been informed, gmail has this new feature which indicates whether an emailr was encrypted or not.

"In Gmail on your computer, you can check that a message you’ve received was sent over TLS by clicking the small down arrow at the top-left of the email and reading the message details.

If you see a red open padlock icon on a message you’ve received, or on one you're about to send, it means that the message may not be encrypted."

My problem is, that my sent and received emails have this indicator. I use ssl in case of all my sites and I use tls(Secured connection on port 587 using TLS) when I send my emails from gmail though my server.

What should I do in order to remove this red indicator? is it possible to force dovecot and postfix to use only tls? Would it solve the problem?

Thank you!

Nile

Thu, 02/11/2016 - 08:30
Nile

postfix -> SMTP Client Options -> Use TLS for SMTP connections -> yes

Tue, 02/23/2016 - 14:45
amityweb

Hi NIle

Do you know if there is any issue enabling that? Does it work without out mail server having a SSL? Thanks

Tue, 02/23/2016 - 14:54 (Reply to #3)
Nile

Hi,

I haven't got any issues since I enabled it, although you need to have checked the SSL website option in case of your domains so virtualmin generates ssl certificates for them. Afterwards you can send the certificate to dovecot or postfix if you haven't done it yet.

Tue, 01/31/2017 - 09:52
Luiz Lopes

Great! Depending on your postfix version, you may want to not actually use smtp_use_tls, as it was made obsolete in Postfix 2.3 and higher. The correct setting in later postfix for opportunistic TLS is: smtp_tls_security_level = may (Read for more info: http://www.postfix.org/postconf.5.html#smtp_tls_security_level)

The commands to add TLS you can find here: https://help.ubuntu.com/lts/serverguide/postfix.html

Actually, in the console, just type:

sudo postconf -e 'smtp_tls_security_level = may'
sudo postconf -e 'smtpd_tls_security_level = may'
sudo postconf -e 'smtp_tls_note_starttls_offer = yes'

Because the certs you already installed by Virtualmin.

This will remove the Gmail´s red padlock.

Topic locked