How to Enable TLS(Transport Layer Security) Encryption in Postfix Mail Server
How to Enable TLS encryption in Postfix Mail Server:
Although Postfix (and the SMTP protocol in general) can function without any kind of encryption, enabling TLS it can be a good idea in terms of both security and privacy, so let’s look at how it can be easily done.
Step:01 SSL Certificate Generate by https://manage.sslforfree.com/
There has two files:
certificate.crt
private.key
–Put your certificate and key in /etc/postfix (for instance)
Step:02. Postfix configuration
Again, I’ll be assuming your non-TLS Postfix is already working fine.
In /etc/postfix/main.cf, add the following lines at end of the file:
————————————————————
# TLS configuration starts here
tls_random_source = dev:/dev/urandom
# openssl_path=/usr/local/libressl/bin/openssl
# uncomment and edit the above if you’re using a different “openssl” than the system’s
# (in this case, LibreSSL)
# SMTP from your server to others
smtp_tls_key_file = /etc/postfix/private.key
smtp_tls_cert_file = /etc/postfix/certificate.crt
smtp_tls_CAfile = /etc/postfix/certificate.crt
smtp_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtp_tls_mandatory_protocols=!SSLv2,!SSLv3
smtp_tls_protocols=!SSLv2,!SSLv3
smtp_tls_loglevel = 1
smtp_tls_session_cache_database =
btree:/var/lib/postfix/smtp_tls_session_cache
# SMTP from other servers to yours
smtpd_tls_key_file = /etc/postfix/private.key
smtpd_tls_cert_file = /etc/postfix/certificate.crt
smtpd_tls_CAfile = /etc/postfix/certificate.crt
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
smtpd_tls_protocols=!SSLv2,!SSLv3
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database =
btree:/var/lib/postfix/smtpd_tls_session_cache
# TLS configuration ends here
———————————————————
Step:03
systemctl restart postfix
by SAJIB NANDI
linux smtp server
I am not sure if this is in English or another language.
Your tutorial is very good. It is better to do Bangla tutorial