Advertenties

Enable postfix SSL support

If you are using postfix and have OpenSSL installed it is fairly easy to enable SSL connections by editing two configuration files. First open the main.cf file in the postfix folder and add the following:

smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/ssl/domain.nl.key
smtpd_tls_cert_file = /etc/postfix/ssl/domain.nl.pem
#optional:
#smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

When go to the second file master.cf and uncomment the following lines:

submission inet n       -       -       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Make sure you dont mess up the spaces/tabs in this file or nothing will work anymore.

If you restart postfix everything should be up and running. Check the mail.warn log for more information.

“no SASL authentication mechanisms”
If you get this message in the logfile this means you are missing some dependancies. So run the folling:

apt-get install install cyrus-sasl-plain
Advertenties

Geef een reactie

%d bloggers liken dit: