If you want to retrieve mails into Gmail via secure POP3 connection from a VestaCP mail server, set Dovecot ssl_cert config in /etc/dovecot/conf.d/10-ssl.conf to the full chain cert.
So if you're using Letsencrypt it looks like this:
Code: Select all
ssl_cert = </etc/letsencrypt/live/server-domain.com/fullchain.pem
ssl_key = </etc/letsencrypt/live/server-domain.com/privkey.pem
This is important, because as described here Google is strict about the certs:
We do not accept self-signed certificates. For a certificate to be valid it needs to chain up to a valid CA, like one in the Mozilla CA list.
In Gmail POP3 account settings you should use the following settings:
- Email address & Username: email@example.com
- Password: user-password
- POP server: server-domain.com (use the server's TLD, not the mail account's domain and do not add mail. before, unless your cert contains the subdomain)
- Port: 995
- Always use secure connection... checked
Hope I can spare a few days for someone trying to get this working.