Received-SPF: pass (Last token {include:spf.zixsmbhosted.com} (res=PASS)) client-ip=74.203.184.34; envelope-from=<fbulk@mypremieronline.com>; x-ip-name=spfaus-b.zixsmbhosted.com;
X-Received: from zh-gw.zixsmbhosted.com (spfaus-b.zixsmbhosted.com [74.203.184.34])
by netwin.co.nz (SurgeMail 7.3p) with ESMTP (TLS) id 7891493-1391920
for <surgemail-list@netwin.co.nz>; Thu, 31 Jan 2019 22:35:23 +0000
X-Return-Path: fbulk
X-Received: from 127.0.0.1 (ZixVPM [127.0.0.1])
by Outbound.zh-gw.zixsmbhosted.com (Proprietary) with SMTP id 5BFAFE2306
for <surgemail-list@netwin.co.nz>; Thu, 31 Jan 2019 16:35:17 -0600 (CST)
X-Received: from encrouter02.b.smb.prod.austin.zixnet.com (encrouter02.b.smb.prod.austin.zixnet.com [10.155.130.32])
by zh-gw.zixsmbhosted.com (Proprietary) with ESMTP id 71194E22F3
for <surgemail-list@netwin.co.nz>; Thu, 31 Jan 2019 16:35:16 -0600 (CST)
X-Received: from pcscmail002.MUTUALTEL.MTCNET.NET (mail.mypremieronline.com [199.120.69.84])
by encrouter02.b.smb.prod.austin.zixnet.com (Postfix) with ESMTPS id 5881EC33
for <surgemail-list@netwin.co.nz>; Thu, 31 Jan 2019 16:35:14 -0600 (CST)
X-Received: from pcscmail002.MUTUALTEL.MTCNET.NET (2607:fe28:11:4000::71) by
pcscmail002.mutualtel.mtcnet.net (2607:fe28:11:4000::71) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
15.1.1591.10; Thu, 31 Jan 2019 16:35:13 -0600
X-Received: from pcscmail002.MUTUALTEL.MTCNET.NET ([fe80::7036:235:e3a9:cf01])
by pcscmail002.MUTUALTEL.MTCNET.NET ([fe80::7036:235:e3a9:cf01%12]) with mapi
id 15.01.1591.011; Thu, 31 Jan 2019 16:35:13 -0600
From: Frank Bulk
To: "surgemail-list@netwin.co.nz" <surgemail-list@netwin.co.nz>
Subject: RE: [SurgeMail List] g_ssl_auto feature - how?
Thread-Topic: [SurgeMail List] g_ssl_auto feature - how?
Thread-Index: AQHUt0l0eyyR+xHTS1mca2wOuvuNbqXJ+k4A
Date: Thu, 31 Jan 2019 22:35:11 +0000
Deferred-Delivery: Thu, 31 Jan 2019 22:35:00 +0000
Message-ID: <0d4bd51f50ce4914a0a036968818d3b5@mypremieronline.com>
References: <5c4f6851.247d.d886700.3188807f@netwin.co.nz>
In-Reply-To: <5c4f6851.247d.d886700.3188807f@netwin.co.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
X-x-originating-ip: [2607:fe28:11:4000:ed02:2136:cbf7:9392]
MIME-Version: 1.0
X-ZIXHOSTED-CUSTOMER: pre51250
X-VPM-MSG-ID: f3780425-4328-4aa7-8fb7-7e37dc87aec4
X-VPM-HOST: zgw-pre51250.b.smb.prod.austin.zixnet.com
X-VPM-GROUP-ID: 2f1c6d76-7106-4d14-a61e-f4b38d435b66
X-VPM-ENC-REGIME: Plaintext
X-VPM-IS-HYBRID: 0
X-Originating-IP: 74.203.184.34
X-Country: code=US country="United States" ip=74.203.184.34
X-ORBS-Accept: hostkarma_white
X-Rcpt-To: <surgemail-list@netwin.co.nz>
X-SpamDetect: *: 1.0 sd=1.0 lv=0.00 nok=1/0 m=1 nf=0 Close 0.04(X-myrbl:Color=white) 0.06(few_words) 0.90(X-Phrase:isspam) 0.76(X-Verify-Helo:-ERR) 0.29(StandardTLD) 0.33(X-Verify-MX present) 0.38(X-NotAscii:utf) 0.43(X-LangGuess:English) 0.46(spfpass) 0.47(X-Verify-Helo:wrongip) Saned 5.0 Sval 1.0 bsan 5.0 Moved 5.0->1.0 Sval 1.0
X-NotAscii: charset=utf-8
X-LangGuess: English
X-Probe: +OK skipped, known ip address
X-Phrase: IsSpam score=1.00
X-Verify-Helo: -ERR wrongip: zh-gw.zixsmbhosted.com -> 199.30.*.* not in 74.203.184.34
X-Verify-MX: <fbulk@mypremieronline.com> senders ip (ch=74.203.184.34 msg=74.203.184.34, net=74.203.) not in mx data dom=mypremieronline.com ipname=spfaus-b.zixsmbhosted.com (199.120.69.25 199.120.69.25 208.80.206.6)
X-Encryption: SSL encrypted
X-MyRbl: Color=White Age=192 Spam=0 Notspam=2 Stars=1 Good=384 Friend=616 Surbl=0 Catch=0 r=1.6e-05 ip=74.203.184.34
X-IP-stats: Incoming Last 0, First 44, in=378, out=0, spam=0 ip=74.203.184.34
List-Unsubscribe: <mailto:surgemail-list-leave@netwin.co.nz?subject=unsubscribe>
X-Mailing-List: surgemail-list@netwin.co.nz
List-ID: <surgemail-list@netwin.co.nz>
Precedence: bulk
Reply-To: surgemail-list@netwin.co.nz
Content-Transfer-Encoding: base64
Content-Transfer-Encoding: base64
Chris,
Thanks, I had missed your previous response(s).
Two follow up questions:
- What happens if you forget to exclude those certain domains – are the certificates in the SSL directory ignored and those auto-generated in lets used?
- And how do you “recover” if then want to have custom SSL certificates – do you just add them to g_ssl_lets_exclude, copy the files for that domain from the ssl directory to the lets
directory, and execute “tellmail reload”? Or do you have to restart Surgemail?
Frank
From: Support ChrisP <surgemail-support@netwinsite.com>
Sent: Monday, January 28, 2019 2:39 PM
To: surgemail-list@netwin.co.nz
Subject: RE: [SurgeMail List] g_ssl_auto feature - how?
Yes you can but it's a bit tricky.
Step 1) You need a recent build 7.3p at least
Step 2) You copy the ssl directory tree to the lets directory tree (or the relevant domains folders at least)
Step 3) you set G_SSL_LETS_EXCLUDE "mail.xyz.com,mail.fred.com"
On Tuesday 29/01/2019 at 3:42 am, Frank Bulk wrote:
Any feedback on this? Can we turn this on only for those domains we don’t already have a separate certificate in place?
Frank
Thanks, I had been meaning to ask if we could turn this on only for domains that we don't already have a cert in place.
Frank
Sent from my Android phone using TouchDown (www.symantec.com)
-----Original Message-----
From: Jeff Crowe [jeff@wtccommunications.ca]
Received: Wednesday, 31 Oct 2018, 11:35AM
To: surgemail-list@netwinsite.com [surgemail-list@netwinsite.com]
Subject: [SurgeMail List] g_ssl_auto feature - how?
Hi there,
I have been looking for a fix for my broken Chrome SSL certs today and ran across this gem on the surgemail site:
SurgeMail Version 7.3j2 or later
With this version of surgemail ssl certificates are created and signed completely automatically for all domains, with one setting, no certbot
or other external programs are required!
What signing authority is being used?
Is it lets encrypt built into surgemail?
Will it enable add certs for all services like pop3, imap, smtp as well as https?
Will it automatically new certs close to expiration?
and lastly, where do I download this version? the current version on the download site is 7.3i2.
Inquiring minds want to know!