1 |
Grant wrote: |
2 |
> I uncommented the above line and added the following to main.cf: |
3 |
> |
4 |
> smtpd_tls_security_level = may |
5 |
> |
6 |
> as instructed here: |
7 |
> |
8 |
> http://www.postfix.org/TLS_README.html#server_enable |
9 |
> |
10 |
> and restarted postfix, but I still can't send. In claws-mail, I tried |
11 |
> specifying 587 and I'm specifying Use SSL for SSMTP. I'm guessing TLS |
12 |
> isn't set up properly? |
13 |
|
14 |
You need more than that. My /etc/postfix/main.cf looks like this and |
15 |
you'll need to create the actual certs listed below as well. I recommend |
16 |
smtpd_tls_auth_only so that anyone trying to smtp auth is required to do |
17 |
it over an encrypted session. |
18 |
|
19 |
# TLS stuff |
20 |
smtpd_tls_security_level = may |
21 |
smtpd_tls_auth_only = yes |
22 |
smtpd_tls_key_file = /etc/postfix/newkey.pem |
23 |
smtpd_tls_cert_file = /etc/postfix/newcert.pem |
24 |
smtpd_tls_CAfile = /etc/postfix/cacert.pem |
25 |
#smtpd_tls_loglevel = 3 |
26 |
#smtpd_tls_received_header = yes |
27 |
smtpd_tls_session_cache_timeout = 3600s |
28 |
tls_random_source = dev:/dev/urandom |
29 |
|
30 |
Additionally check to see what port Postfix is listening on. It's on |
31 |
port 465 on my server and you'll need to set your mail client to SSL |
32 |
rather than TLS. |
33 |
|
34 |
kashani |
35 |
-- |
36 |
gentoo-user@l.g.o mailing list |