Starting on October 19, 2021, we will enable single-sign-on for our Plesk Support Center to provide a seamless login/account experience. This implies that you’ll be able to use a single account across any of our web-facing properties.
To be prepared for this change and to avoid the need to register during your next ticket submission after the change, we encourage you to create an account here before October 19 using the same email address as your current Zendesk login (support account). It’s essential that you use the same email address on our support center to ensure that your tickets stay attached to the same account. You will continue to use ZenDesk authentication until we switch over to single-sign-on on October 19th.

Articles in this section

See more

TLS encryption in Plesk with Postfix 2.8 and higher

Avatar
Yaroslav Tarasov
Updated
Follow
Plesk for Linux kb: technical ABT: Group B

Applicable to:

  • Plesk for Linux

Symptoms

When Postfix 2.8 or higher on submission port 587 is used as mail server some mail messages cannot be delivered to the server due to the fact that sender does not use TLS encryption and uses, for example, STARTTLS.

Cause

Since submission port is always required to be encrypted, in Plesk with Postfix 2.8 and higher versions, smtpd_tls_security_level is set to encrypt, which forces TLS encryption when communicating with the mail server. It was done to correspond with security protocol requirements.  

Resolution

Functionality when TLS encryption on port 587 is optional is not yet implemented in Plesk. 

Take part in our product improvement and vote for this feature on Plesk User Voice portal.

As workaround proceed with the following:

  1. Connect to the server via SSH 
  2. Open /etc/postfix/master.cf file in any text editor and change these lines from:

    CONFIG_TEXT: submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_restrictions=

    to

    CONFIG_TEXT: submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_tls_security_level=may -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_restrictions=

NOTE: These changes may be overwritten by any Plesk update. 

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles