MTA: Postfix

SSL configuration

by ross at 08:40:48 on October 30, 2011

Create keys as described here: OpenSSL certificates

Add to main.cf:

smtpd_tls_CAfile = /etc/certs/server.crt
smtpd_tls_cert_file = /etc/certs/server.crt
smtpd_tls_key_file = /etc/certs/server.unencrypted.key
smtpd_tls_received_header = yes
smtpd_tls_security_level = may

If you want to accept AUTH data over encrypted channel only, add to main.cf:

smtpd_tls_auth_only = yes

Reload postfix:

# postfix reload

 

Comments