certificate verification failed for mail

3 posts / 0 new
Last post
#1 Wed, 06/19/2019 - 15:08
Parapluie

certificate verification failed for mail

I am trying to send an email to an alias that is set up on my system. Nothing comes through, though I have a report from maillog. I need help translating this though. What does this point to on a Virtualmin setup?:

Jun 19 14:03:13 ded postfix/smtp[10262]: certificate verification failed for mail.sendingservername.com[222.198.333.55]:25: untrusted issuer /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root

and

Jun 19 14:03:33 ded postfix/smtp[10262]: F368A56C0496: to=<btv1==073a91275a3==kenneth@sendingservername.com>, relay=mail.sendingservername.com[222.198.333.55]:25, delay=40, delays=0.05/0.01/20/20, dsn=5.0.0, status=bounced (host mail.sendingservername.com[222.198.333.55] said: 550 " (in reply to RCPT TO command))

Thanking you.

Kenneth

Thu, 06/20/2019 - 06:11
adamjedgar

Have a read of the following articles...might help you on your way researching for solutions.

https://ubuntuforums.org/showthread.php?t=2151606

https://support.plesk.com/hc/en-us/articles/213924865-Mail-delivery-to-G...

https://www.howtoforge.com/community/threads/authentification-problem-wi...

https://rricketts.com/postfix-mail-log-errors-untrusted-issuer/

http://giantdorks.org/alain/fix-for-postfix-untrusted-certificate-tls-er...

And take a look at this virtualmin forum post...it could be the solution for you...

https://www.virtualmin.com/node/40302

Finally, why not just use Let's Encrypt SSL? (Instead of Comodo) they are free and it's built right into virtualmin...works with the click of a mouse button!

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin

https://ajecreative.com.au

Thu, 06/20/2019 - 13:06
Parapluie

Aha! So, it is an SSL issue. I should have suspected. I have had boatloads of issues with SSL on my Virtualmin system:

https://www.virtualmin.com/node/59316

https://www.virtualmin.com/node/59471

I paid to have an expert from the forum set up the server, and email has never worked. :-( I am now convinced that my only recourse seems to be to talk to my ISP about setting up cPanel. It's a shame, as VirtualMin works in all other regards.

However… Adam, thanks to your help, I believe I have cleared this hurdle. I searched at the BASH line for ca-bundle.crt, and subsequently linked the Postfix to that file by including smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt in the main.cf config file. The log now reads:

Jun 20 12:23:57 ded postfix/qmgr[5094]: 23CA956C04BA: from=<btv1==0746f062ff8==kenneth@ sendingservername.com >, size=6387, nrcpt=1 (queue active)

Now, there's an error in the pipe (Feed to program); but that is a separate issue, and one that I can deal with.

Thank you for your help!

Topic locked