Postfix Enable SSL/TLS with your certificate

Create Cert & Key:


openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl


Postfix SSL config

Edit /etc/postfix/main.cf:

#SSL stuff
smtpd_tls_cert_file = /etc/mailssl/server.crt
smtpd_tls_key_file = /etc/mailssl/server.key


To make smtps work on port 465 which it should, then you have to edit /etc/postfix/master.cf:

Uncomment the following near the top (note it is the stanza which starts with smtps and NOT smtp)

smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

The above didn't work,I had to comment the two lines about sasl_auth and client_restrictons to make it work.

smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_enforce_tls=yes
  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
 


Tags:

postfix, enable, ssl, tls, certificatecreate, cert, openssl, req, nodes, server, crt, keyout, mkdir, etc, mailssl, chmod, cp, config, edit, cf, smtpd_tls_cert_file, smtpd_tls_key_file, smtps, uncomment, stanza, smtp, inet, smtpd, smtpd_tls_wrappermode, smtpd_sasl_auth_enable, smtpd_client_restrictions, permit_sasl_authenticated, reject, didn, sasl_auth, client_restrictons, smtpd_enforce_tls,

Latest Articles

  • Centos 7 how to save iptables rules like Centos 6
  • nfs tuning maximum amount of connections
  • qemu-kvm error "Could not initialize SDL(No available video device) - exiting"
  • Centos 7 tftpd will not work with selinux enabled
  • Debian Ubuntu Mint Howto Create Bridge (br0)
  • How To Control Interface that dhcpd server listens to on Debian based Linux like Mint and Ubuntu
  • LUKS unable to type password to unlock during boot on Debian, Ubuntu and Mint
  • Debian Ubuntu and Linux Mint Broken Kernel After Date - New Extra Module Naming Convention
  • Wordpress overwrites and wipes out custom htaccess rules and changes soluton
  • Apache htaccess and mod_rewrite how to redirect and force all URLs and visitors to the SSL / HTTPS version
  • python 3 pip cannot install mysql module
  • QEMU-KVM won't boot Windows 2016 or 2019 server on an Intel Core i3
  • Virtualbox vbox not starting
  • Bind / named not responding to queries solution
  • Linux Mint How To Set Desktop Background Image From Bash Prompt CLI
  • ImageMagick Convert PDF Not Authorized
  • ImageMagick Converted PDF to JPEG some files have a black background solution
  • Linux Mint Mate Customize the Lock screen messages and hide username and real name
  • Ubuntu/Gnome/Mint/Centos How To Take a partial screenshot
  • ssh how to verify your host key / avoid MIM attacks