Getting started
What’s New
Roadmap
Octeth Training ProgramInstallation & Setup
Requirements
Architecture
Server Setup
Oempro InstallationCommunity Edition InstallSSL Certificates
Version Upgrade
TroubleshootingVideo Tutorials
Video TutorialsAdministration
Quick Walkthrough
Security
Sub Admin AccountsSettingsDelivery Servers
Global Segments
Global Custom Fields
Bounce Processing
Spam Complaints
Suppression List
Plug-Ins
Delivery ReportUser ManagementMaintenanceAudience Management
Introduction
Subscriber ListsCustom FieldsSegmentsSubscribers
Webhooks
Website Event TrackingEmail Marketing
Introduction
Auto RespondersEmail CampaignsSender Domain Man.
Journeys (Automation)Bounce ProcessingEmail PersonalizationFBL ProcessingEmail Builder IntegrationsEmail DeliverabilitySender Domain ManagementPlug-Ins & Add-Ons
AI Plug-InRSS Plug-InBounce Catcher Add-OnLink Proxy Add-OnDevelopers
Introduction
Single Sign On
APIPlug-In Development
DatabaseAdvanced
Reverse Proxy
CookbookHelp
Troubleshooting
Contact UsHow to activate TLS for Octeth Email Gateway Inbound SMTP Server
Octeth has a powerful, high-performance inbound SMTP server for the Email Gateway feature. This SMTP server accepts TLS connections as well. In order to activate TLS with a properly setup SSL certificate, follow these steps.
First, initiate your SSL certificate using Let’s Encrypt or other SSL certificate providers.
- SSH into the
oempro-appcontainer: - Edit
/var/www/html/_dockerfiles/inbound-smtp-server/server.keyand set the file content to the private key of the new SSL certificate. - Edit
/var/www/html/_dockerfiles/inbound-smtp-server/server.crtand paste the new (1) SSL certificate first, then (2) paste the CA bundle of the SSL certificate. - Edit
/var/www/html/_dockerfiles/inbound-smtp-server/config.jsonand paste these two file paths toCertificateandPrivateKeyparameters. Paths must be relative. Here’s an example: - Rebuild and re-delpoy the inbound SMTP server:
- Test the TLS connection:
cd /opt/oempro/
docker exec -ti oempro_app bash{
"Debug": false,
"Listen": [
":25"
],
"AppName": "Oempro SMTP Server",
"Hostname": "test.local",
"AdminAPIKey": "3b3c98-****-****-****-d3bb6b",
"EmailMaxSizeKB": 100,
"SMTPTimeout": 15,
"Certificate": "./server.crt",
"PrivateKey": "./server.key",
"MaxConnectionLimit": 1500,
"LogFiles": {
"Connections": "./log_connections.log",
"Authentications": "./log_authentications.log"
},
"OemproAPIUrl": "http://192.168.99.101/api.php"
}cd /opt/oempro/
docker-compose build oempro_emailgateway_inbound_smtp
docker-compose kill oempro_emailgateway_inbound_smtp
docker-compose up -d oempro_emailgateway_inbound_smtpopenssl s_client -quiet -starttls smtp -connect your.smtp-server.com:25 # (or 587)
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = AlphaSSL CA - SHA256 - G2
verify return:1
depth=0 CN = *.sendlayer.net
verify return:1
250 ENHANCEDSTATUSCODES
ehlo local
250-smtp.sendlayer.net greets local
250-SIZE 307200
250-AUTH LOGIN PLAIN
250 ENHANCEDSTATUSCODES
quit
221 2.0.0 your.smtp-server.com Octeth SMTP Server v1.2 ESMTP Service closing transmission channel
read:errno=0IMPORTANT:
server.crt file must contain the certificate first and then the CA bundle. server.key file must contain the private key only.The server.crt file structure:
-----BEGIN CERTIFICATE-----
...
****************************************************************
****************************************************************
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
****************************************************************
****************************************************************
...
-----END CERTIFICATE-----The server.key file structure:
-----BEGIN PRIVATE KEY-----
...
****************************************************************
****************************************************************
...
-----END PRIVATE KEY-----
