SMTP stopped working in gmail, after recent mail server domain change and new ssl cert

3x5 · June 15, 2018, 6:44pm

I’m running a site, gulfbreeze.com. This used to be yourmail.pensacola.com, and the mail server was mailboxes.pensacola.com.

I removed the certs for this and created certs for gulfbreeze.com, and the mail server, mail.gulfbreeze.com. There are other domains that have email on this server, like test@fight.tv. If I set up an outgoing email account, in Thunderbird, using test@fight.tv, server mail.gulfbreeze.com, port 587, user test@fight.tv, STARTTLS, I can send email from the mail server, no problem.

However, these settings do not work when trying to use this account to send mail in gmail. I used to be able to send fine, before changing the domain and cert. But now, if I use the exact same settings as I have in Thunderbird, gmail just says “Couldn’t reach server. Please double-check the server and port number.”

Once, it said the provider was taking too long. Every other time it says the server can’t be reached. I don’t know why this would work in Thunderbird but not in gmail.

My domain is: gulfbreeze.com

I ran this command:
Added outgoing mail in gmail: test@fight.tv, server mail.gulfbreeze.com, port 587, TLS

It produced this output:
“Couldn’t reach server. Please double-check the server and port number.”

My web server is (include version):
Postfix 3.1.0 / Dovecot

The operating system my web server runs on is (include version):
Ubuntu 16.04

My hosting provider, if applicable, is:
Linode

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

schoen · June 15, 2018, 6:56pm

Hi @3x5,

Your site is advertising both an IPv4 and an IPv6 address, but the IPv6 address doesn’t work. You might not notice this in your own tests if you don’t have IPv6 connectivity, but Google will use the IPv6 address for its connections.

sahsanu · June 15, 2018, 7:06pm

Hi @3x5,

In addition to what @schoen has said.

Checking how your server is configured, if you want to use port 587 you must select STARTTLS in your gmail mail app or use SSL/TLS option but with port 465.

Cheers,
sahsanu

3x5 · June 15, 2018, 7:33pm

Thanks for the reply. I removed the AAAA records for that ipv6 address. Do you think this is enough to resolve the problem?

3x5 · June 15, 2018, 7:36pm

Thanks, but I had these settings before, and they worked. Gmail only offers ports 25, 587, or 465, and if you select 587, gmail selects TLS. Are you saying this is wrong? How would I enable my mail server to accept TLS on port 587?

sahsanu · June 15, 2018, 8:03pm

You need to go to gmail settings, select you account, select output settings or whatever is the name (I don’t have gmail in english) and there in Security Type select STARTTLS instead of SSL/TLS.

3x5 · June 15, 2018, 8:41pm

Thanks for the lead. Maybe there’s someone here who has gmail in English and can help me find the setting you’re mentioning. If I go to settings, then Accounts and Import, I see ‘send mail as’ but not ‘output settings’ or anything similar. And when I go to the ‘send mail’ settings, the only options for secured connection are SSL or TLS.

Also, @schoen, what do I run to determine whether I’m still advertising an IPv6 address?

schoen · June 15, 2018, 9:04pm

dig or nslookup for AAAA records (but you're not anymore).

sahsanu · June 15, 2018, 9:24pm

Just in case it is useful to you:

But if for whatever reason you can't see starttls you can use SSL/TLS but change port from 587 to 465.

Cheers,
sahsanu

system · July 15, 2018, 9:24pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.