Problem to config

what did you change?

I've not used that particular mail server, but the configuration in the snapshots you've uploaded don't look complete to me. Why have the IP/TCP fields been left at 0.0.0.0 ?

Please note the error is a failure to connect to win-Apiufd1njeu.searchhouselive.com
What does it resolve to?
Nslookup win-Apiufd1njeu.searchhouselive.com

Note all the certificates you are using seem to be www.searchhouselive.com

Try the following using internet explorer
HTTPS://win-Apiufd1njeu.searchhouselive.com:465 and see what you get.
Potentially there is no resolution.

Please note 0.0.0.0 in the config meAns it listens on all network adapters the system has active and all iOS the system may have on the 995, 465 .......

There absolutely no reason to put your public ip in the config for any service as it is highly unlikely that your system is directly exposed to the Internet.
Run ipconfig in a command window or properties of the network, detail.
The IP you set in the config MUST be present on the system as the setting tells the service to bind to ip port.

My comment about the 0.0.0.0 in the original picture is to provide a detailed explanation of what the configuration means.
That in no way meant that you shoukd make changes to the config.


Your issue from the error is that wherever the source of the error tries to access the hostname reported in the error.
Making sure you use the correct hostname that matches the names available in the certificate pointing to the IP you control....

The process of setting up servers is:
1) setup, configure server taking into account of hostnames.
2) test locally on the server to make sure all services are functioning as expected. Once confirmed that services and connection on the LAN ip work as intended including SSL/tls, make no further changes, alteration on the server, in this case hmailserver.
The server setup is complete if your setup, certificate relies on a single hostname, stick with this setup until the certificate expiration or

3) when working in fluent configuration, the automatic detection in many email clients are for well known domains of large organizations. You shoukd be comfortable configuring an account for an email client in a computer, or smartphone and not rely or expect the automatic detection, setup to do it.

Incoming mail server (IMAP):  
Incoming  mail server (POP3d):
Outgoing SMTP mail server:
The options you support insecure/secure for the respective services
25/465/587 standard, SSL, alternate unencrypted
143/993
110/995

The hostnames in a small environment can be pointing to a single host.
The large firms use different hosts because they have a set of server that handle specific tasks to deal with scale.
These large organizations use loadbalancer that distribute requests among servers.

I am uncertain since the first question on configuring hmailserver you keep changing server settings when you are configuring client setting.

Not sure what the source or why you are not maintaing the same referenced, or if you are trying to get the email client auto config, why you injecting new names I.e. Win-.........


In your current setup, the hostnames for all services when configuring email clients should match the certificate.
Incoming (IMAP): www.searchhouselive.com (this is the name on the certificate for SSL without getting errors)
incoming (POP3D): www.searchhouselive.com (this is the name on the certificate for SSL without getting errors)
Outgoing (SMTP): www.searchhouselive.com (this is the name on the certificate for SSL without getting errors)

Reverse your hmailserver setup to listen on all IPs for each service by using 0.0.0.0 instead of the ip you now have.

If you are not able to access your mailserver using an email client outside your network, you have to check your firewall settings to make sure you allow requests to public ip ports 25, 110, 143, 465, 587 to go to the LAN ip where these services run
25 must be open to allow inbound messages for your recipients sent from everywhere else
143,110 commonly shoukd not be allowed as the connection is unencrypted such that data is in plain text
993,995 for secure IMAP/pop3d

Why get additional certificates on a single host especially a non-standard and one clearly identifying the host for is type.

Commonly one uses generic host that about identifying to minimize/reduce attack vectors

I.e. You do not want in effect a billboard, hey Windows system here.
Or one that has or might be location info, geographic area...

A generic certificate can be exported, imported and used ......

But glad you are near completing your ...

Unfortunately your images convey info that an error exists. The scenario, setup, environment under which circumstances these errors show up is unclear.

What is the source of the error?
on the system, setup where the error shows up:
nslookup the reference
ping the ip from the response
What is the local ip of the system where the error is displayed?
What type of certificate are you getting?


Main point is you are seemingly altering your client configuration dealing what hostname the client program uses to connect to your server, post the error, get an interpretation/impression of the meaning of the error, you go out and get certificate on the new hostname.

There are different types of certificates, that include definition of functions as well as othe hostnames (SAN) the certificate might be valid for.

The error says that whatever generated it is unable to connect to the specified host
There is no way for me to know whether the issue is that the system on which this error shows up can not resolve (nslookup) the host.
If it can resolve, what port it is trying to connect to and whether that port is opened on the system (nail server)

I do not know what changes you made in relation to the client on the server.

Did you update the client settings to match the new certificate, ports you use
Instead of 25, 110, 143
To use SSL under advanced, 465, 995, 993?

The hostname does not exist
nslookup win-......

returns no information.

Please note the error references a hostname that is not housesearchlive.com

This hostname, win- was also included in images of a client config.

It looks like you made some changes that thunderbird loaded win-adi..... As a hostname and it is being accessed and fails.

Please see error that says failed to connect to <hostname> (SMTP)

If you did not intend it, why get a certificate with that hostnames?

Add the hostname on your searchhouselive.com pointing to the same ip and your error shoukd go away.

Please understand that functionally while they all are related to a single server, hmailserver, each function is seperate

Outgoing sending, check the log to see why the issue exists make sure you can open a vonnection from the server using telnet (putty, securecrt, any other terminal to any external port 25 which is the destination port for outgoing connections.
Incoming mail, port 25, 465, 587 make sure you can connect to them locally. Then check whether you can connect to them from outside, if you can not connect to any of them, while able to RDP into the system, this means you have a firewall setup restricting access from outside
To access received messages by the server make sure you gave IMAP 143,993 accessible locally, and from outside
Same for pop3d type of access, 110,995 ports.

If all works locally on the server or in the LAN, but not outside, firewall configuration related issue.

You have a firewall configuration issue, ports open are 80, 443 the rest are not accessible on your public IP.

Work your way out.
Configure server.
Make sure all services you want to access are working locally and accessible directly from the server
then check whether those same services are accessible from a system on local LAN verifying each component service, if not connected, limit adjustment changes to just that component while repeating the server, lan test after each change, periodically rescanning the others to make sure a change made on one impacted the other, i.e. if you used one cert, and then decided to use another, make sure you do not remove the one you do not intend to use for a service, but might be used in the others.

never make wholesale server configuration changes to address client access issues which seems to be why you are back at an inoperable/inaccessible.

does the system where hmailserver is setup, does it have a static IP on the LAN or does it change?

I do not know what you have, but those ports appear to be filtered and inaccessible.

Look at external port scan to see which ports are open especially whether 465, 587, 993, 995 and 25 are.

What firewall are you talking about, the one on the Windows server? And the one on which your ISP connection terminates?

Try t1shopper.com port scan tool
Specify
25,80,443,465,587,993.995
Repeat until you see all responding as open.

Check your port 80 configuration on the public ip firewall, and make sure similar rules are set for the other ports.

Please use online port scanner.

Your ISP is not blocking it, your server firewall or a firewall/router is not passing traffic on the ports used by the hmailserver.

What and where you setup rules to allow web traffic is the what and where you need to make adjustments to allow these connections.