I have an interesting problem with communication via standard SSL ports.
Fresh installed Ubuntu 14.04 server + Postfix + Dovecot, SASL authentication provided by Dovecot, self-signed certificate generated trough the Dovecot script mkcert.sh. Redirected ports on ZyWALL USG 200.
I can send and receive e-mails from outside with standard ports 25 and 110, but not over 587.
I am connecting to my server from machine with Windows 8.1 + VMWare Player + Ubuntu 14.04 Desktop + ssh. On Windows host I have installed Avast! antivirus.
When I am trying to telnet from virtual machine to server over 587, it refused connection. But when I turn on Avast! it let me in to message Connected to... Same with nmap. When Avast! is turned on it is show me all SSL ports. When I turned it off, only standard ports appeared. OpenSSL shows me CONNECTED(00000003).
But outside virtual machine directly in Windows 8.1 using nmap with zenmap there are not opened SSL ports in both Avast! states.
From other external linux machines are problems with touching SSL ports same - refused.
I have turned on submission in master.cf and 587 port is correctly listening on 0.0.0.0 in process master.pid which belongs to Postfix. I can telnet, or nmap over port 587 to my domain directly from server. Other ports like 995, 993 are OK on localhost, too.
It is true, that I can't send emails via 587 anyway (Avast! turned on/off), but I can see ports opened.
It is possible, that I have simply bad certificate and Avast! has right one, so with turned it on I can see opened ports?
EDIT:
To be more clear, I can't see or using port 587 everywhere from outside (tried Thunderbird, telnet, openssl, nmap, putty, swaks; both from Linux or Windows machines) and that is my problem. It was only by chance that I saw opened ports when Avast! is turned on.