certificate verification failed for mail

3 posts / 0 new
Last post
#1 Wed, 06/19/2019 - 15:08

certificate verification failed for mail

I am trying to send an email to an alias that is set up on my system. Nothing comes through, though I have a report from maillog. I need help translating this though. What does this point to on a Virtualmin setup?:

Jun 19 14:03:13 ded postfix/smtp[10262]: certificate verification failed for mail.sendingservername.com[222.198.333.55]:25: untrusted issuer /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root


Jun 19 14:03:33 ded postfix/smtp[10262]: F368A56C0496: to=<btv1==073a91275a3==kenneth@sendingservername.com>, relay=mail.sendingservername.com[222.198.333.55]:25, delay=40, delays=0.05/0.01/20/20, dsn=5.0.0, status=bounced (host mail.sendingservername.com[222.198.333.55] said: 550 " (in reply to RCPT TO command))

Thanking you.


Thu, 06/20/2019 - 06:11

Have a read of the following articles...might help you on your way researching for solutions.






And take a look at this virtualmin forum post...it could be the solution for you...


Finally, why not just use Let's Encrypt SSL? (Instead of Comodo) they are free and it's built right into virtualmin...works with the click of a mouse button!

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin


Thu, 06/20/2019 - 13:06

Aha! So, it is an SSL issue. I should have suspected. I have had boatloads of issues with SSL on my Virtualmin system:



I paid to have an expert from the forum set up the server, and email has never worked. :-( I am now convinced that my only recourse seems to be to talk to my ISP about setting up cPanel. It's a shame, as VirtualMin works in all other regards.

However… Adam, thanks to your help, I believe I have cleared this hurdle. I searched at the BASH line for ca-bundle.crt, and subsequently linked the Postfix to that file by including smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt in the main.cf config file. The log now reads:

Jun 20 12:23:57 ded postfix/qmgr[5094]: 23CA956C04BA: from=<btv1==0746f062ff8==kenneth@ sendingservername.com >, size=6387, nrcpt=1 (queue active)

Now, there's an error in the pipe (Feed to program); but that is a separate issue, and one that I can deal with.

Thank you for your help!

Topic locked