Servers wont talk to me!

Gateway
1

Okay here is what I have.. Still not sure what's wrong.

http://imgur.com/a/k0ysM
http://imgur.com/a/QuyaO
http://imgur.com/a/9pNyl

I have the IP listed in my networks.

So my setup goes like this:

Incoming email >> firewall >> email server

Cipher mail is not used for incoming, but my outgoing setup is:

Outgoing email >> email server >> ciphermail server >> firewall >> internet

For some reason I think something is getting clogged up on CM server. I
have the email server (postfix) setup with a relayhost, so it will forward
all mails to the ciphermail server. The "locality" setting on my server is
"external" - does this matter? It's behind our firewall and should only be
sending mail off from our internal mail server.

I had it on in the morning and the others told me they are getting a lot of
bouncebacks. I have a feeling this is because of the SFP records but I want
to make sure the server is setup properly.

The OTP you helped me with works now also, thank you!

Everything is inherited from global also.

thanks so much for your help

2

Once the email has been handled by the back-end (MPA), the email is
handed over to the MTA (Postfix). The MTA is responsible for delivering
the email. If the email is not delivered you should check the MTA logs
to see why. There can be a number of reasons why the recipients mail
server won't accept email: your IP address might be dynamic (i.e., some
consumer type ISP), there is no IP reverse name for your IP address, the
reverse IP name is not the same as the SMTP helo name. your IP might be
black-listed.

Solving this does not involve making changes in the CipherMail global
settings. The only change in CipherMail that influences delivery is the
MTA helo name.

Could you sent some MTA logs showing which mails were not delivered?

What is the IP address the CipherMail gateway is using?

Kind regards,

Martijn Brinkers

···

On 06/22/2017 10:32 PM, Paul Bronson via Users wrote:

Okay here is what I have.. Still not sure what's wrong.

Imgur: The magic of the Internet
Imgur: The magic of the Internet
Imgur: The magic of the Internet

I have the IP listed in my networks.

So my setup goes like this:

Incoming email >> firewall >> email server

Cipher mail is not used for incoming, but my outgoing setup is:

Outgoing email >> email server >> ciphermail server >> firewall >> internet

For some reason I think something is getting clogged up on CM server. I
have the email server (postfix) setup with a relayhost, so it will forward
all mails to the ciphermail server. The "locality" setting on my server is
"external" - does this matter? It's behind our firewall and should only be
sending mail off from our internal mail server.

I had it on in the morning and the others told me they are getting a lot of
bouncebacks. I have a feeling this is because of the SFP records but I want
to make sure the server is setup properly.

The OTP you helped me with works now also, thank you!

Everything is inherited from global also.

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

Twitter: http://twitter.com/CipherMail

3

IP Is not blacklisted, reverse DNS has been setup also.

For some reason sendmail and postfix are using the same port? Do I need
both?

I would also like to set the web portal to a different site versus the
hostname.

···

On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < users(a)lists.djigzo.com> wrote:

On 06/22/2017 10:32 PM, Paul Bronson via Users wrote:
> Okay here is what I have.. Still not sure what's wrong.
>
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
>
> I have the IP listed in my networks.
>
> So my setup goes like this:
>
> Incoming email >> firewall >> email server
>
> Cipher mail is not used for incoming, but my outgoing setup is:
>
> Outgoing email >> email server >> ciphermail server >> firewall >>
internet
>
> For some reason I think something is getting clogged up on CM server. I
> have the email server (postfix) setup with a relayhost, so it will
forward
> all mails to the ciphermail server. The "locality" setting on my server
is
> "external" - does this matter? It's behind our firewall and should only
be
> sending mail off from our internal mail server.
>
> I had it on in the morning and the others told me they are getting a lot
of
> bouncebacks. I have a feeling this is because of the SFP records but I
want
> to make sure the server is setup properly.
>
> The OTP you helped me with works now also, thank you!
>
> Everything is inherited from global also.

Once the email has been handled by the back-end (MPA), the email is
handed over to the MTA (Postfix). The MTA is responsible for delivering
the email. If the email is not delivered you should check the MTA logs
to see why. There can be a number of reasons why the recipients mail
server won't accept email: your IP address might be dynamic (i.e., some
consumer type ISP), there is no IP reverse name for your IP address, the
reverse IP name is not the same as the SMTP helo name. your IP might be
black-listed.

Solving this does not involve making changes in the CipherMail global
settings. The only change in CipherMail that influences delivery is the
MTA helo name.

Could you sent some MTA logs showing which mails were not delivered?

What is the IP address the CipherMail gateway is using?

Kind regards,

Martijn Brinkers

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

4

You don't need both. One or the other, although Postfix is recommended.

Different site, meaning different server?

···

-----Original Message-----
From: Users [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Paul Bronson via Users
Sent: Monday, June 26, 2017 1:57 PM
To: Martijn Brinkers <martijn(a)ciphermail.com>
Cc: users(a)lists.djigzo.com
Subject: Re: Servers wont talk to me!

IP Is not blacklisted, reverse DNS has been setup also.

For some reason sendmail and postfix are using the same port? Do I need both?

I would also like to set the web portal to a different site versus the hostname.

On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < users(a)lists.djigzo.com> wrote:

On 06/22/2017 10:32 PM, Paul Bronson via Users wrote:
> Okay here is what I have.. Still not sure what's wrong.
>
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
>
> I have the IP listed in my networks.
>
> So my setup goes like this:
>
> Incoming email >> firewall >> email server
>
> Cipher mail is not used for incoming, but my outgoing setup is:
>
> Outgoing email >> email server >> ciphermail server >> firewall >>
internet
>
> For some reason I think something is getting clogged up on CM
> server. I have the email server (postfix) setup with a relayhost, so
> it will
forward
> all mails to the ciphermail server. The "locality" setting on my
> server
is
> "external" - does this matter? It's behind our firewall and should
> only
be
> sending mail off from our internal mail server.
>
> I had it on in the morning and the others told me they are getting a
> lot
of
> bouncebacks. I have a feeling this is because of the SFP records but
> I
want
> to make sure the server is setup properly.
>
> The OTP you helped me with works now also, thank you!
>
> Everything is inherited from global also.

Once the email has been handled by the back-end (MPA), the email is
handed over to the MTA (Postfix). The MTA is responsible for
delivering the email. If the email is not delivered you should check
the MTA logs to see why. There can be a number of reasons why the
recipients mail server won't accept email: your IP address might be
dynamic (i.e., some consumer type ISP), there is no IP reverse name
for your IP address, the reverse IP name is not the same as the SMTP
helo name. your IP might be black-listed.

Solving this does not involve making changes in the CipherMail global
settings. The only change in CipherMail that influences delivery is
the MTA helo name.

Could you sent some MTA logs showing which mails were not delivered?

What is the IP address the CipherMail gateway is using?

Kind regards,

Martijn Brinkers

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

5

Hi Dino,

Wonder why sendmail keeps trying to start then.. Odd.

I'd really like to set the web portal to a different address versus the
HELO name I meant, sorry.

Paul

···

On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users < users(a)lists.djigzo.com> wrote:

You don't need both. One or the other, although Postfix is recommended.

Different site, meaning different server?

-----Original Message-----
From: Users [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Paul
Bronson via Users
Sent: Monday, June 26, 2017 1:57 PM
To: Martijn Brinkers <martijn(a)ciphermail.com>
Cc: users(a)lists.djigzo.com
Subject: Re: Servers wont talk to me!

IP Is not blacklisted, reverse DNS has been setup also.

For some reason sendmail and postfix are using the same port? Do I need
both?

I would also like to set the web portal to a different site versus the
hostname.

On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < > users(a)lists.djigzo.com> wrote:

> On 06/22/2017 10:32 PM, Paul Bronson via Users wrote:
> > Okay here is what I have.. Still not sure what's wrong.
> >
> > Imgur: The magic of the Internet
> > Imgur: The magic of the Internet
> > Imgur: The magic of the Internet
> >
> > I have the IP listed in my networks.
> >
> > So my setup goes like this:
> >
> > Incoming email >> firewall >> email server
> >
> > Cipher mail is not used for incoming, but my outgoing setup is:
> >
> > Outgoing email >> email server >> ciphermail server >> firewall >>
> internet
> >
> > For some reason I think something is getting clogged up on CM
> > server. I have the email server (postfix) setup with a relayhost, so
> > it will
> forward
> > all mails to the ciphermail server. The "locality" setting on my
> > server
> is
> > "external" - does this matter? It's behind our firewall and should
> > only
> be
> > sending mail off from our internal mail server.
> >
> > I had it on in the morning and the others told me they are getting a
> > lot
> of
> > bouncebacks. I have a feeling this is because of the SFP records but
> > I
> want
> > to make sure the server is setup properly.
> >
> > The OTP you helped me with works now also, thank you!
> >
> > Everything is inherited from global also.
>
> Once the email has been handled by the back-end (MPA), the email is
> handed over to the MTA (Postfix). The MTA is responsible for
> delivering the email. If the email is not delivered you should check
> the MTA logs to see why. There can be a number of reasons why the
> recipients mail server won't accept email: your IP address might be
> dynamic (i.e., some consumer type ISP), there is no IP reverse name
> for your IP address, the reverse IP name is not the same as the SMTP
> helo name. your IP might be black-listed.
>
> Solving this does not involve making changes in the CipherMail global
> settings. The only change in CipherMail that influences delivery is
> the MTA helo name.
>
> Could you sent some MTA logs showing which mails were not delivered?
>
> What is the IP address the CipherMail gateway is using?
>
> Kind regards,
>
> Martijn Brinkers
>
>
> --
> CipherMail email encryption
>
> Email encryption with support for S/MIME, OpenPGP, PDF encryption and
> secure webmail pull.
>
> https://www.ciphermail.com
>
> Twitter: http://twitter.com/CipherMail
> _______________________________________________
> Users mailing list
> Users(a)lists.djigzo.com
> https://lists.djigzo.com/lists/listinfo/users
>
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

6

I’m guessing sendmail got installed by accident or as part of something else. Not sure. I would either uninstall sendmail or change its port number if it’s absolutely necessary, although it doesn’t seem like that’s the case.

Since the Web GUI runs on a different port, you can set whatever hostname you want in ciphermail as long as that hostname is resolvable by the outside world and as long as the back-end webserver (apache I assume) is configured to answer on that port. So, if you want the web portal to be https://webportal.domain.tld:8443/ in ciphermail under settings --> portal

è Base URL you set it as follows:

https://webportal.domain.tld:8443/web/portal/

···

From: Paul Bronson [mailto:signaldeveloper(a)gmail.com]
Sent: Monday, June 26, 2017 2:13 PM
To: Dino Edwards <dino.edwards(a)mydirectmail.net>
Cc: users(a)lists.djigzo.com
Subject: Re: Servers wont talk to me!

Hi Dino,

Wonder why sendmail keeps trying to start then.. Odd.

I'd really like to set the web portal to a different address versus the HELO name I meant, sorry.

Paul

On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users <users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>> wrote:
You don't need both. One or the other, although Postfix is recommended.

Different site, meaning different server?

-----Original Message-----
From: Users [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Paul Bronson via Users
Sent: Monday, June 26, 2017 1:57 PM
To: Martijn Brinkers <martijn(a)ciphermail.com<mailto:martijn(a)ciphermail.com>>
Cc: users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>
Subject: Re: Servers wont talk to me!

IP Is not blacklisted, reverse DNS has been setup also.

For some reason sendmail and postfix are using the same port? Do I need both?

I would also like to set the web portal to a different site versus the hostname.

On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>> wrote:

On 06/22/2017 10:32 PM, Paul Bronson via Users wrote:
> Okay here is what I have.. Still not sure what's wrong.
>
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
>
> I have the IP listed in my networks.
>
> So my setup goes like this:
>
> Incoming email >> firewall >> email server
>
> Cipher mail is not used for incoming, but my outgoing setup is:
>
> Outgoing email >> email server >> ciphermail server >> firewall >>
internet
>
> For some reason I think something is getting clogged up on CM
> server. I have the email server (postfix) setup with a relayhost, so
> it will
forward
> all mails to the ciphermail server. The "locality" setting on my
> server
is
> "external" - does this matter? It's behind our firewall and should
> only
be
> sending mail off from our internal mail server.
>
> I had it on in the morning and the others told me they are getting a
> lot
of
> bouncebacks. I have a feeling this is because of the SFP records but
> I
want
> to make sure the server is setup properly.
>
> The OTP you helped me with works now also, thank you!
>
> Everything is inherited from global also.

Once the email has been handled by the back-end (MPA), the email is
handed over to the MTA (Postfix). The MTA is responsible for
delivering the email. If the email is not delivered you should check
the MTA logs to see why. There can be a number of reasons why the
recipients mail server won't accept email: your IP address might be
dynamic (i.e., some consumer type ISP), there is no IP reverse name
for your IP address, the reverse IP name is not the same as the SMTP
helo name. your IP might be black-listed.

Solving this does not involve making changes in the CipherMail global
settings. The only change in CipherMail that influences delivery is
the MTA helo name.

Could you sent some MTA logs showing which mails were not delivered?

What is the IP address the CipherMail gateway is using?

Kind regards,

Martijn Brinkers

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users

7

Okay I will try that. I am also noticing that mxtoolbox states this server
isn't configured for TLS? I do not see any settings under interface for
this. Is this set on postfix main.cf file manually?

Also if I wanted to remove the port or change the port to a default 443 do
I need to do this within apache, or does the GUI do the config itself?

···

On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users < users(a)lists.djigzo.com> wrote:

I’m guessing sendmail got installed by accident or as part of something
else. Not sure. I would either uninstall sendmail or change its port number
if it’s absolutely necessary, although it doesn’t seem like that’s the case.

Since the Web GUI runs on a different port, you can set whatever hostname
you want in ciphermail as long as that hostname is resolvable by the
outside world and as long as the back-end webserver (apache I assume) is
configured to answer on that port. So, if you want the web portal to be
https://webportal.domain.tld:8443/ in ciphermail under settings --> portal

è Base URL you set it as follows:

https://webportal.domain.tld:8443/web/portal/

From: Paul Bronson [mailto:signaldeveloper(a)gmail.com]
Sent: Monday, June 26, 2017 2:13 PM
To: Dino Edwards <dino.edwards(a)mydirectmail.net>
Cc: users(a)lists.djigzo.com
Subject: Re: Servers wont talk to me!

Hi Dino,

Wonder why sendmail keeps trying to start then.. Odd.

I'd really like to set the web portal to a different address versus the
HELO name I meant, sorry.

Paul

On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users < > users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>> wrote:
You don't need both. One or the other, although Postfix is recommended.

Different site, meaning different server?

-----Original Message-----
From: Users [mailto:users-bounces(a)lists.djigzo.com<mailto:users-
bounces(a)lists.djigzo.com>] On Behalf Of Paul Bronson via Users
Sent: Monday, June 26, 2017 1:57 PM
To: Martijn Brinkers <martijn(a)ciphermail.com<mailto:martijn(a)ciphermail.com
>>
Cc: users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>
Subject: Re: Servers wont talk to me!

IP Is not blacklisted, reverse DNS has been setup also.

For some reason sendmail and postfix are using the same port? Do I need
both?

I would also like to set the web portal to a different site versus the
hostname.

On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < > users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>> wrote:

> On 06/22/2017 10:32 PM, Paul Bronson via Users wrote:
> > Okay here is what I have.. Still not sure what's wrong.
> >
> > Imgur: The magic of the Internet
> > Imgur: The magic of the Internet
> > Imgur: The magic of the Internet
> >
> > I have the IP listed in my networks.
> >
> > So my setup goes like this:
> >
> > Incoming email >> firewall >> email server
> >
> > Cipher mail is not used for incoming, but my outgoing setup is:
> >
> > Outgoing email >> email server >> ciphermail server >> firewall >>
> internet
> >
> > For some reason I think something is getting clogged up on CM
> > server. I have the email server (postfix) setup with a relayhost, so
> > it will
> forward
> > all mails to the ciphermail server. The "locality" setting on my
> > server
> is
> > "external" - does this matter? It's behind our firewall and should
> > only
> be
> > sending mail off from our internal mail server.
> >
> > I had it on in the morning and the others told me they are getting a
> > lot
> of
> > bouncebacks. I have a feeling this is because of the SFP records but
> > I
> want
> > to make sure the server is setup properly.
> >
> > The OTP you helped me with works now also, thank you!
> >
> > Everything is inherited from global also.
>
> Once the email has been handled by the back-end (MPA), the email is
> handed over to the MTA (Postfix). The MTA is responsible for
> delivering the email. If the email is not delivered you should check
> the MTA logs to see why. There can be a number of reasons why the
> recipients mail server won't accept email: your IP address might be
> dynamic (i.e., some consumer type ISP), there is no IP reverse name
> for your IP address, the reverse IP name is not the same as the SMTP
> helo name. your IP might be black-listed.
>
> Solving this does not involve making changes in the CipherMail global
> settings. The only change in CipherMail that influences delivery is
> the MTA helo name.
>
> Could you sent some MTA logs showing which mails were not delivered?
>
> What is the IP address the CipherMail gateway is using?
>
> Kind regards,
>
> Martijn Brinkers
>
>
> --
> CipherMail email encryption
>
> Email encryption with support for S/MIME, OpenPGP, PDF encryption and
> secure webmail pull.
>
> https://www.ciphermail.com
>
> Twitter: http://twitter.com/CipherMail
> _______________________________________________
> Users mailing list
> Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com>
> https://lists.djigzo.com/lists/listinfo/users
>
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

8

The following settings in main.cf should get you started for TLS:

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
smtpd_tls_key_file = /etc/ssl/certs/key.key
smtpd_tls_CAfile = /etc/ssl/certs/root.cer
#smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_loglevel = 1

I misspoke earlier. It’s been so long since I did this. Ciphermail comes bundled with Tomcat and it runs on port 8888 if I’m not mistaking. So, if you want to utilize Apache instead, you have to install mod_proxy_ajp module in Apache and setup an apache config like below:

ProxyPass /djigzo http://localhost:8888/djigzo
ProxyPassReverse /djigzo http://localhost:8888/djigzo
ProxyPass /web http://localhost:8888/web
ProxyPassReverse /web http://localhost:8888/web
ProxyTimeout 3600

Changing the port has to be done within apache. So, if you want to use 443, you must of course install mod_ssl on apache, as well as certificate. I have a complete Apache config file if you want, let me know and I’ll post the relevant parts.

···

From: Paul Bronson [mailto:signaldeveloper(a)gmail.com]
Sent: Monday, June 26, 2017 2:42 PM
To: Dino Edwards <dino.edwards(a)mydirectmail.net>
Cc: users(a)lists.djigzo.com
Subject: Re: Servers wont talk to me!

Okay I will try that. I am also noticing that mxtoolbox states this server isn't configured for TLS? I do not see any settings under interface for this. Is this set on postfix main.cf<http://main.cf> file manually?

Also if I wanted to remove the port or change the port to a default 443 do I need to do this within apache, or does the GUI do the config itself?

On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users <users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>> wrote:
I’m guessing sendmail got installed by accident or as part of something else. Not sure. I would either uninstall sendmail or change its port number if it’s absolutely necessary, although it doesn’t seem like that’s the case.

Since the Web GUI runs on a different port, you can set whatever hostname you want in ciphermail as long as that hostname is resolvable by the outside world and as long as the back-end webserver (apache I assume) is configured to answer on that port. So, if you want the web portal to be https://webportal.domain.tld:8443/ in ciphermail under settings --> portal

è Base URL you set it as follows:

https://webportal.domain.tld:8443/web/portal/

From: Paul Bronson [mailto:signaldeveloper(a)gmail.com]
Sent: Monday, June 26, 2017 2:13 PM
To: Dino Edwards <dino.edwards(a)mydirectmail.net<mailto:dino.edwards(a)mydirectmail.net>>
Cc: users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com>
Subject: Re: Servers wont talk to me!

Hi Dino,

Wonder why sendmail keeps trying to start then.. Odd.

I'd really like to set the web portal to a different address versus the HELO name I meant, sorry.

Paul

On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users <users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com><mailto:users(a)lists.djigzo.com>> wrote:
You don't need both. One or the other, although Postfix is recommended.

Different site, meaning different server?

-----Original Message-----
From: Users [mailto:users-bounces(a)lists.djigzo.com<mailto:users-bounces(a)lists.djigzo.com>] On Behalf Of Paul Bronson via Users
Sent: Monday, June 26, 2017 1:57 PM
To: Martijn Brinkers <martijn(a)ciphermail.com<mailto:martijn(a)ciphermail.com><mailto:martijn(a)ciphermail.com>>
Cc: users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com><mailto:users(a)lists.djigzo.com>
Subject: Re: Servers wont talk to me!

IP Is not blacklisted, reverse DNS has been setup also.

For some reason sendmail and postfix are using the same port? Do I need both?

I would also like to set the web portal to a different site versus the hostname.
On Fri, Jun 23, 2017 at 3:15 AM, Martijn Brinkers via Users < users(a)lists.djigzo.com<mailto:users(a)lists.djigzo.com><mailto:users(a)lists.djigzo.com>> wrote:

On 06/22/2017 10:32 PM, Paul Bronson via Users wrote:
> Okay here is what I have.. Still not sure what's wrong.
>
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
> Imgur: The magic of the Internet
>
> I have the IP listed in my networks.
>
> So my setup goes like this:
>
> Incoming email >> firewall >> email server
>
> Cipher mail is not used for incoming, but my outgoing setup is:
>
> Outgoing email >> email server >> ciphermail server >> firewall >>
internet
>
> For some reason I think something is getting clogged up on CM
> server. I have the email server (postfix) setup with a relayhost, so
> it will
forward
> all mails to the ciphermail server. The "locality" setting on my
> server
is
> "external" - does this matter? It's behind our firewall and should
> only
be
> sending mail off from our internal mail server.
>
> I had it on in the morning and the others told me they are getting a
> lot
of
> bouncebacks. I have a feeling this is because of the SFP records but
> I
want
> to make sure the server is setup properly.
>
> The OTP you helped me with works now also, thank you!
>
> Everything is inherited from global also.

Once the email has been handled by the back-end (MPA), the email is
handed over to the MTA (Postfix). The MTA is responsible for
delivering the email. If the email is not delivered you should check
the MTA logs to see why. There can be a number of reasons why the
recipients mail server won't accept email: your IP address might be
dynamic (i.e., some consumer type ISP), there is no IP reverse name
for your IP address, the reverse IP name is not the same as the SMTP
helo name. your IP might be black-listed.

Solving this does not involve making changes in the CipherMail global
settings. The only change in CipherMail that influences delivery is
the MTA helo name.

Could you sent some MTA logs showing which mails were not delivered?

What is the IP address the CipherMail gateway is using?

Kind regards,

Martijn Brinkers

--
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com><mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com><mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com><mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com<mailto:Users(a)lists.djigzo.com>
https://lists.djigzo.com/lists/listinfo/users