1 |
Hi |
2 |
|
3 |
I'm trying to configure my postfix server to use TLS, which should be |
4 |
quite straightforward according to the different guides I have found |
5 |
using Google. |
6 |
|
7 |
When I telnet into my postfix installation I get this: |
8 |
|
9 |
# telnet localhost 25 |
10 |
Trying 127.0.0.1... |
11 |
Connected to localhost. |
12 |
Escape character is '^]'. |
13 |
220 mail.example.com ESMTP Postfix |
14 |
EHLO mail.example.com |
15 |
250-mail.example.com |
16 |
250-PIPELINING |
17 |
250-SIZE 10240000 |
18 |
250-VRFY |
19 |
250-ETRN |
20 |
250-STARTTLS |
21 |
250-AUTH PLAIN LOGIN |
22 |
250-AUTH=PLAIN LOGIN |
23 |
250-ENHANCEDSTATUSCODES |
24 |
250-8BITMIME |
25 |
250 DSN |
26 |
|
27 |
According to the guides this should be the desired output and TLS should |
28 |
work, but all my mail clients (Thunderbird, mail(mac)) chokes when I try |
29 |
to send a mail. |
30 |
|
31 |
This is my main.cf file for postfix: |
32 |
|
33 |
#################### main.cf ###################### |
34 |
soft_bounce = yes |
35 |
queue_directory = /var/spool/postfix |
36 |
command_directory = /usr/sbin |
37 |
daemon_directory = /usr/lib/postfix |
38 |
mail_owner = postfix |
39 |
myhostname = mail.example.com |
40 |
mydomain = example.com |
41 |
myorigin = $mydomain |
42 |
inet_interfaces = all |
43 |
mydestination = $myhostname, localhost.$mydomain |
44 |
unknown_local_recipient_reject_code = 550 |
45 |
mynetworks = 127.0.0.0/8 |
46 |
home_mailbox = .maildir/ |
47 |
debug_peer_level = 2 |
48 |
debugger_command = |
49 |
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin |
50 |
xxgdb $daemon_directory/$process_name $process_id & sleep 5 |
51 |
sendmail_path = /usr/sbin/sendmail |
52 |
newaliases_path = /usr/bin/newaliases |
53 |
mailq_path = /usr/bin/mailq |
54 |
setgid_group = postdrop |
55 |
html_directory = /usr/share/doc/postfix-2.3.6/html |
56 |
manpage_directory = /usr/share/man |
57 |
sample_directory = /etc/postfix |
58 |
readme_directory = /usr/share/doc/postfix-2.3.6/readme |
59 |
|
60 |
# |
61 |
TLS |
62 |
|
63 |
smtp_use_tls = yes |
64 |
smtp_tls_note_starttls_offer = yes |
65 |
smtpd_use_tls = yes |
66 |
#smtpd_tls_auth_only = |
67 |
yes |
68 |
|
69 |
smtpd_tls_key_file = /etc/postfix/newreq.pem |
70 |
smtpd_tls_cert_file = /etc/postfix/newcert.pem |
71 |
smtpd_tls_CAfile = /etc/postfix/cacert.pem |
72 |
smtpd_tls_loglevel = 3 |
73 |
smtpd_tls_received_header = yes |
74 |
smtpd_tls_session_cache_timeout = 3600s |
75 |
tls_random_source = dev:/dev/urandom |
76 |
|
77 |
# |
78 |
SASL |
79 |
|
80 |
smtpd_sasl_auth_enable = yes |
81 |
smtpd_sasl_security_options = noanonymous |
82 |
#smtpd_sasl_local_domain = |
83 |
$myhostname |
84 |
|
85 |
smtpd_sasl_local_domain = |
86 |
broken_sasl_auth_clients = yes |
87 |
relay_domains = $mydestination |
88 |
smtpd_recipient_restrictions = |
89 |
permit_sasl_authenticated, |
90 |
permit_mynetworks, |
91 |
check_relay_domains, |
92 |
reject_unauth_destination |
93 |
|
94 |
# |
95 |
Mailman |
96 |
|
97 |
owner_request_special = no |
98 |
recipient_delimiter = + |
99 |
alias_maps = hash:/usr/local/mailman/data/aliases, hash:/etc/mail/aliases |
100 |
|
101 |
############### END ################## |
102 |
|
103 |
|
104 |
Any help or comments would be truly appreciated. |
105 |
|
106 |
Best regards, |
107 |
jules |
108 |
|
109 |
|
110 |
|
111 |
-- |
112 |
gentoo-user@l.g.o mailing list |