SSL Settings
2017/06/26 |
Configure SSL settings to encrypt datas in connection. SMTPS uses 465/TCP, POP3S uses 995/TCP, IMAPS uses 993/TCP.
|
|
[1] | |
[2] | Configure Postfix and Dovecot for SSL. |
root@mail:~#
vi /etc/postfix/main.cf # add follows to the end smtpd_use_tls = yes
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_cert_file = /etc/ssl/private/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
root@mail:~#
vi /etc/postfix/master.cf # line 28-30: uncomment smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes
root@mail:~#
vi /etc/dovecot/conf.d/10-ssl.conf # line 6: change ssl = yes
# line 12,13: uncomment and specify certificate ssl_cert = < /etc/ssl/private/server.crt ssl_key = < /etc/ssl/private/server.key
systemctl restart postfix dovecot |
[3] | For Client's settings, ( Mozilla Thunderbird ) Open account's property and move to [Server Settings] on the left pane, then Select [SSL/TLS] on [Connection security] field on the right pane. |
[4] | Move to [Outgoing Server] on the left pane, then Select [SSL/TLS] on [Connection security] field. Furthermore, change port to [465] like follows. |
[5] | If your own self-signed certificates, the warning like follows are displayed, but it's no ploblem to proceed. Then it's possible to send or receive emails through SSL/TLS connection. |