Back to Community Threads
1
Banner/Greeting Does not contain your hostname
Question asked by Barbara Renowden - 9/11/2015 at 7:07 AM
Unanswered
Hello, we use Unlock the Inbox to test our hosted mail accounts set up and we have recently had an issue pop up on us for POP, IMAP, and SMTP.
 
So we have an SSL certificate that is issued as a wild card to *.centricweb.net.  The certificate is working and is valid.  Our mail server host name is mail.centricweb.net. 
 
In the reports being returned we are getting this.
 
POP3 SSL (Port 995):    Connection Established
- Extensions:    TOP, USER, UIDL, IMPLEMENTATION
- Server Greeting:    POP3 server ready
- SSL Hostname:    *.centricweb.net
- SSL Subject:    CN=*.centricweb.net, OU=Domain Control Validated
- SSL Issuer:    CN=AlphaSSL CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE
- POP3 Banner Reverse DNS Check:    Failed - POP3 Banner/Greeting Does not contain your hostname
- SSL Valid:    Certificate is Valid
- SSL Key Size:    2048
- SSL Protocol Used:    TLS 1.2
- SSL Cipher Algorithm:    AES 128
- SSL Hash Algorithm:    SHA 256
- SSL Exchange Algorithm:    RsaKeyX
- SSLv3 Disabled:    Yes
 
so i guess my question is how do I fix this?  Thanks.

Barbara Renowden President / Co-Founder Centric Web, Inc. https://www.centricweb.com

1 Reply

Reply to Thread
0
Bruce Barnes Replied
9/11/2015 at 9:03 AM
We use this as our BANNER GREETING for SMTP IN
 
#HostName#  #TimeUTC# UTC  | SmarterMail Enterprise 14.2
 
The #HostName# will pick up the hostname which is actually using the SmarterMail SMTP services at the time of the transaction.
 
The #TimeUTC# will enter the time of the transaction in all message headers and logs.  The time stamp is important when troubleshooting and using UTC makes it much easier to vet times against a common standard, vs trying to translate between time zones.
 
You also need to make certain that you have your IP ADDRESS to HOSTNAME mapping for the FULLY QUALIFIED DOMAIN NAME of your PRIMARY SMARTERMAIL SERVER mapped in two places:
 
  • The HOSTNAME in SETTINGS, GENERAL SETTINGS:
 
 
 
  • The HOSTNAME to IP ADDRESS MAPPING in BINDINGS
 
 
Once this is done, make certain you have a valid rDNS mapping for your STATIC, PUBLIC IP ADDRESS to the FQDN of your SmarterMail server, and that will tie everything together.
 
You will also need to make certain that you have the SAME IP ADDRESS setup as the IPV4 IP address in the DOMAIN EDIT screen:
 
 
That IPV6 is DISABLED
 
and that you have your SMTP OUT setup to use the SAME IP ADDRESS as is mapped to your domains:
 
 
 
 
If you have MULTIPLE, PUBLIC, STATIC IP addresses mapped to domains, then you will have to set your SMTP OUT IPV4 IP ADDRESS to use the DOMAINS IP ADDRESS:
 
 
DO NOT enable the check box for ENABLE PRIMARY IP ON FAILURE, especially if you have a hosted service.  I've seen too many situations where they primary IP address is a private IP address which is not properly mapped to a public IP address and, in the case of a failure of the primary IP address, all e-mail stops flowing.
 
 
 
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Multiple Automatic SSL Certs for the Same HostnameSmarterMail > Troubleshooting
Automatic SSL Certificates on a New SmarterMail ServerSmarterMail > Server Configuration and Management
Troubleshooting SmarterMail Automatic SSL CertificatesSmarterMail > Troubleshooting
Configure an Alternative Linux Web Server for SmarterMailSmarterMail > Server Configuration and Management