Hello,
I’ve set up Mailcow Dockerized and everything works nice. Yesterday I switched ports autodiscover/autoconfig configuration (data/web/inc/vars.local.inc.php) because Thunderbirds autodetection configured for IMAP port 143 with STARTTLS and SMTP with 587 STARTTLS.
My goal was to switch ports to have autodetection for IMAP with Port 993 SSL/TLS and SMTP with Port 465 SSL/TLS.
'imap' => array(
'server' => $mailcow_hostname,
'port' => array_pop(explode(':', getenv('IMAP_PORT'))),
'tlsport' => array_pop(explode(':', getenv('IMAPS_PORT'))),
),
'pop3' => array(
'server' => $mailcow_hostname,
'port' => array_pop(explode(':', getenv('POP_PORT'))),
'tlsport' => array_pop(explode(':', getenv('POPS_PORT'))),
),
'smtp' => array(
'server' => $mailcow_hostname,
'port' => array_pop(explode(':', getenv('SUBMISSION_PORT'))),
'tlsport' => array_pop(explode(':', getenv('SMTPS_PORT'))),
),
I must confess I did’nt read the comments:
// Please don’t use STARTTLS-enabled service ports in the “port” variable.
// The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services).
// The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the “tlsport” variable.
After I realized that I did make a mistake I switched back to the original configuration. Now I’m having the same problem like in mailcow/mailcow-dockerized1769.
When I check now my DNS configuration there two new entries:
_._tcp.mail.mydomain.net TLSA 0: Failed to parse address "mail.mydomain.net:"_smtps._tcp.mydomain.net SRV mail.mydomain.net
Is my mailcow still secure? What should I do to repait it?
