2Q Automated recipient verification and public certificate
Posted: 24 Feb 2020 15:41
Downloaded .iso for eFa 4 and ran through initial configuration as a vm as per information in the wiki and FAQs available. Fantastic.
I have setup domains in Mail Settings > Transport Settings pointing to a "SmarterMail" server on the same subnet. Moving forward!
I can telnet on port 25 directly to the SmarterMail server and submit a message as desired. When I telnet on port 25 to the eFa server and attempt to submit a message (to a valid address on the SmarterMail server) I receive the following:
Recipient address rejected: undeliverable address: No user at this address
I have found the "automated receipient verification" area and disabled it (as a test - I would like to utilize this functionality.) After rebooting the eFa, I tested submitting a message again and the message is delivered.
Q1.> What settings are required by the eFa to utilize this feature? Is this an LDAP lookup? (thus there would be something to configure within SmarterMail?)
Q2.> How can I install a public certificate on the eFa so that I can utilize StartTLS. I am not interested in using Let's Encrypt for a few reasons that I'm struggling with ...
1. 90 day renewal ... I'll forget!
2. I'll have to burn a public IP address, one for eFa and one for SmarterMail's web mail/activesync.
I plan to open port 25 (et.al.) to the eFa and ports 80/443 to SmarterMail (via reverse proxy actually) all on one public IP address. If I were to open 80/443 for Let's Encrypt on the eFa, I'd have to use an obscure port for webmail/activesync ... and activesync then becomes a configuration issue. I believe that if I install a public certificate on eFa (not via Let's Encrypt) I can set and forget as it were.
Any advice to a new eFa user is appreciated!
I have setup domains in Mail Settings > Transport Settings pointing to a "SmarterMail" server on the same subnet. Moving forward!
I can telnet on port 25 directly to the SmarterMail server and submit a message as desired. When I telnet on port 25 to the eFa server and attempt to submit a message (to a valid address on the SmarterMail server) I receive the following:
Recipient address rejected: undeliverable address: No user at this address
I have found the "automated receipient verification" area and disabled it (as a test - I would like to utilize this functionality.) After rebooting the eFa, I tested submitting a message again and the message is delivered.
Q1.> What settings are required by the eFa to utilize this feature? Is this an LDAP lookup? (thus there would be something to configure within SmarterMail?)
Q2.> How can I install a public certificate on the eFa so that I can utilize StartTLS. I am not interested in using Let's Encrypt for a few reasons that I'm struggling with ...
1. 90 day renewal ... I'll forget!
2. I'll have to burn a public IP address, one for eFa and one for SmarterMail's web mail/activesync.
I plan to open port 25 (et.al.) to the eFa and ports 80/443 to SmarterMail (via reverse proxy actually) all on one public IP address. If I were to open 80/443 for Let's Encrypt on the eFa, I'd have to use an obscure port for webmail/activesync ... and activesync then becomes a configuration issue. I believe that if I install a public certificate on eFa (not via Let's Encrypt) I can set and forget as it were.
Any advice to a new eFa user is appreciated!