Browse - Computer Tips - How can I make Postfix support secure SMTP (SMTPS)
Q. How can I make Postfix support secure SMTP (SMTPS)
(This uses SSL and runs on port 465)
A. I prefer TLS on port 25 -- there is another article about that.
If you want a way for valid remote users to be able to post from from
their mail clients see this article.
If you still want to setup an SMTPS service read on.
With RedHat/Fedora/CentOS its pretty easy.
Make a self-signed certificate like this:
Add these options to /etc/postfix/main.cf:
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Uncomment and modify these lines in /etc/postfix/master.cf
smtps inet n - n - - smtps
On the first line above we changed smtpd to smtps
This means you get "smtps" in the log which is useful.
To make that work, create this symbolic link:
ln -s /usr/libexec/postfix/smtpd /usr/libexec/postfix/smtps
systemctl restart postfix
Finally you need to open port 465 in your firewall.
Run system-config-security-level and add smtps:tcp
or directly edit /etc/sysconfig/iptables