Copyright © 2008-2018, dave - Code samples on Dave's Brain is licensed under the Creative Commons Attribution 2.5 License. However other material, including English text has all rights reserved.
Date: 2008jul9 OS: Linux Product: postfix Q. How can I make Postfix support secure SMTP (SMTPS) (This uses SSL and runs on port 465) A. I prefer TLS on port 25 -- there is another article about that. http://www.davekb.com/search.php?target=postfix+TLS If you want a way for valid remote users to be able to post from from their mail clients see this article. http://www.davekb.com/search.php?target=postfix+submission If you still want to setup an SMTPS service read on. With RedHat/Fedora/CentOS its pretty easy. Make a self-signed certificate like this:cd /etc/pki/tls/certs make postfix.pemAdd these options to /etc/postfix/main.cf:smtpd_tls_auth_only = no smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/pki/tls/certs/postfix.pem smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandomUncomment and modify these lines in /etc/postfix/master.cfsmtps inet n - n - - smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yesOn the first line above we changed smtpd to smtps This means you get "smtps" in the log which is useful. To make that work, create this symbolic link:ln -s /usr/libexec/postfix/smtpd /usr/libexec/postfix/smtpsRestart Postfix:systemctl restart postfixFinally you need to open port 465 in your firewall. Run system-config-security-level and add smtps:tcp or directly edit /etc/sysconfig/iptables
Add a commentSign in to add a comment