CentOS 6
Sponsored Link

Configure SSL
2014/08/22
 
Configure SSL to encrypt connections. SMTPS uses 465/TCP, POP3S uses 995/TCP, IMAPS uses 993/TCP.
[1]
[2] Configure Postfix and Dovecot for SSL.
[root@mail ~]#
vi /etc/postfix/main.cf
# add follows to the end

smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
smtpd_tls_key_file = /etc/pki/tls/certs/server.key
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
[root@mail ~]#
vi /etc/postfix/master.cf
# line 17-18: uncomment

smtps       inet   n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
[root@mail ~]#
vi /etc/dovecot/conf.d/10-ssl.conf
# line 6: uncomment

ssl = yes
# line 12,13: specify certificates

ssl_cert = <
/etc/pki/tls/certs/server.crt

ssl_key = <
/etc/pki/tls/certs/server.key
[root@mail ~]#
/etc/rc.d/init.d/postfix restart

Shutting down postfix:
[ OK ]

Starting postfix:
[ OK ]

[root@mail ~]#
/etc/rc.d/init.d/dovecot restart

Stopping Dovecot Imap:
[ OK ]

Starting Dovecot Imap:
[ OK ]

[3] If IPTables is running, allow SMTPS/POP3S/IMAPS port. SMTPS uses 465/TCP, POP3S uses 995/TCP, IMAPS uses 993/TCP. For "-I INPUT 5" section below, Replace it to your own environment.
[root@dlp ~]#
iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT

[root@dlp ~]#
iptables -I INPUT 6 -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT

[root@dlp ~]#
iptables -I INPUT 7 -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT

[4] For Email Client's settings, (Windows Live Mail)
Open the property of an account and change settings like following example. (if you use PO3S, input '995 for incoming mail)
[5] Click syncronize on Windows Live Mail, then following warning is shown because certificates is own created on your server. It's no ploblem. Click 'Yes' to proceed, then it's possible to send/receive emails through SSL connection.
 
Tweet