|
SSL Settings
2015/12/06 |
|
Configure SSL to encrypt connections. SMTPS uses 465/TCP, POP3S uses 995/TCP, IMAPS uses 993/TCP.
|
|
| [1] | |
| [2] | Configure Postfix and Cyrus-IMAP for SSL. |
|
mail:~ # cp /etc/ssl/private/server.* /etc/sasl2/ mail:~ # chown cyrus:mail /etc/ssl/private/server.*
mail:~ #
vi /etc/cyrus.conf # line 15,17: uncomment imaps cmd="imapd -s" listen="imaps" prefork=0 pop3s cmd="pop3d -s" listen="pop3s" prefork=0
mail:~ #
vi /etc/services # line 116: add smtps 465/tcp # Secure Mail Transfer smtps 465/udp # Secure Mail Transfer
mail:~ #
vi /etc/postfix/main.cf # line 702: change smtpd_use_tls = yes
# add to the end smtpd_tls_cert_file = /etc/sasl2/server.crt smtpd_tls_key_file = /etc/sasl2/server.key smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
mail:~ #
vi /etc/postfix/master.cf # line 13-14: uncomment smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes # line 23: uncomment tlsmgr unix - - n 1000? 1 tlsmgr
mail:~ #
vi /etc/imapd.conf # add to the end tls_cert_file: /etc/sasl2/server.crt tls_key_file: /etc/sasl2/server.key /etc/init.d/postfix restart mail:~ # /etc/init.d/cyrus restart |
| [3] | For Email Client's settings, (Windows Live Mail) Open the property of an account and change settings like following example. (if you use PO3S, input '995 for incoming mail) |
|
| [4] | Click sync button on Windows Live Mail, then following warning is shown because certificates is own created on your server. It's no ploblem. Click 'Yes' to proceed, then it's possible to send/receive emails through SSL connection. |
|