Solved How do I setup TLS on a Postfix relay
-
So, I do lot let any of my systems send email directly to the world. Everything has to filter through a Postfix relay, so I can have only a single point that send SMTP to the world. It gives me one place to monitor, etc.
Now that I have SSL enabled on pretty much everything thanks to LetsEncrypt, I want to tackle setting up TLS on my Postfix relay.
The domain itself is on O365, but the email is going out direct. I am not relaying through O365.
I will hit the googles, later when I begin to work on this, but I was wondering if anyone has any direct experience with this already.
-
Extremely simple.
Place this at the end of your
/etc/postfix/main.cf# Enable opportunistic outbound TLS. System always try TLS first. smtp_tls_security_level = may
-
Watching... I've run into this in the past with Postfix
-
Extremely simple.
Place this at the end of your
/etc/postfix/main.cf# Enable opportunistic outbound TLS. System always try TLS first. smtp_tls_security_level = may -
Did you have to change these settings to point to your Let's Encrypt certificate?
# TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes -
@NashBrydges said in How do I setup TLS on a Postfix relay:
Did you have to change these settings to point to your Let's Encrypt certificate?
# TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yesNo, because I am not receiving mail. For outbound TLS, you only need to enable it.
-
@JaredBusch Awesome. Tks Jared. Tested and works beautifully!
