This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Ubuntu: How to setup TLS on postfix and dovecot
#1
Ubuntu: How to setup TLS on postfix and dovecot
NOTICE: This is an old guide, but may still work. You can skip to Step 3 and use your panel certificates.
Update the certificate paths to point to your panel certificates:
Example: /var/sentora/hostdata/zadmin/ssl/sencrypt/letsencrypt/panel.domain.com/

How to setup TLS on Postfix and dovecot

1: first make a folder in postfix call ssl
Code:
mkdir /etc/postfix/ssl

2: Run openssl and follow the screen
Code:
openssl req -new -x509 -days 365 -nodes -out /etc/postfix/ssl/mail.domain.tld.crt -keyout /etc/postfix/ssl/mail.domain.tld.key
And
Code:
openssl req -new -x509 -extensions v3_ca -keyout /etc/postfix/ssl/cakey.pem -out /etc/postfix/ssl/cacert.pem -days 3650

Code:
Country Name (2 letter code) [AU]:DK
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:City name
Organization Name (eg, company) [Internet Widgits Pty Ltd]:company
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:mail.domain.tld
Email Address []:e-mail

3: Configure Postfix

Code:
nano /etc/postfix/main.cf

4: find # tls config and add
Code:
# tls config


smtp_use_tls = no
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtpd_tls_key_file = /etc/postfix/ssl/mail.domain.tld.key
smtpd_tls_cert_file = /etc/postfix/ssl/mail.domain.tld.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
remove any things else under # tls config
and save and close

5: edit master.cf

Code:
nano /etc/postfix/master.cf

add after " smtp      inet  n       -       n       -       -       smtpd "
Code:
  
 submission   inet  n       -       n       -       -       smtpd

6: configure Dovecot

Code:
nano /etc/dovecot/dovecot.conf

and change

Code:
ssl = no to ssl = yes
add
ssl_cert = </etc/postfix/ssl/mail.domain.tld.crt
ssl_key = </etc/postfix/ssl/mail.domain.tld.key
ssl_ca = </etc/postfix/ssl/cacert.pem
and save and close

7: now we need to restart postfix and dovecot

Code:
service postfix restart
service dovecot restart

now you can use TLS

[Image: KLnN9f9.png]
Sentora 1.0.3 on [Image: DO_Logo_Horizontal_Blue-3db19536.png]

-= Github =-  -= My Repo =-

My Modules
Reply
Thanks given by:


Messages In This Thread
Ubuntu: How to setup TLS on postfix and dovecot - by Diablo925 - 07-24-2014, 08:50 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
Proper CRON setup TGates 9 37 ,014 05-15-2018, 01:07 AM
Last Post: johnk42

Forum Jump:


Users browsing this thread: 4 Guest(s)