Virtualmin Postfix SSL - How to configure or setup SMTPS or SMTPD or SSL or port 465 for SMTP?

| 2 1 2
Asked on 9/14/15, 11:09 AM

In Client make sure to use the following ports for TLS Port 587 or SSL Port 465.

TLS - Incoming Server Port = 995 Outgoing Server Port = 587

SSL - Incoming Server Port = 995 Outgoing Server Port = 465

Firstly, go into Edit Virtual Server, go into Enabled Features, and check "SSL website enabled", then hit save.

That'll generate an SSL cert that is put into Apache.

The next step would be to get that cert into your mail setup.

To do that, go into Server Configuration -> Manage SSL Certificate, and click "Copy to Postfix".

That'll setup Postfix with that new SSL cert you just created.

I don't recall if that actually restarts Postfix... if not, you may need to manually restart it with "/etc/init.d/postfix restart".

And then, verify after restarting it that you aren't seeing any error messages.

Then > You can determine that by running:

netstat -an | grep :465

If that doesn't show any results, all you'd need to do to enable SMTPS is to edit /etc/postfix/,

and uncomment the 3-4 lines starting with "smtps" (with several lines beginning with "-o" under it).

After uncommenting those, restart Postfix with:

/etc/init.d/postfix restart

Maybe below warning appears:

postconf: warning: /etc/postfix/ undefined parameter: mua_sender_restrictions
postconf: warning: /etc/postfix/ undefined parameter: mua_client_restrictions
postconf: warning: /etc/postfix/ undefined parameter: mua_helo_restrictions

Another Option:

You need to do three things to use SSL with Postfix. First, edit /etc/postfix/master.cfand remove the comments ("#") from the "smtps" line and following -o lines. Then, upload your certificate and key to a location of your choice, in this example/etc/postfix/mycert. Then, edit /etc/postfix/ and add/uncomment these lines:

smtpd_tls_cert_file = /etc/postfix/mycert.crt smtpd_tls_key_file = /etc/postfix/mycert.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

Requiring SMTPS is not a good idea, because remote mailservers will always try to deliver non-SSL on port 25 when they have mail for you. Except you run a mailserver only for your local users to send out mail. In that case, it'd be easiest to block access to port 25.


| 2 1 2
Answered on 9/14/15, 1:27 PM

Your answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

Ask a Question

Keep Informed

About This Forum

This forum is for HiTechnologia Employees & just Odoo general knowledge purpose only.

Read Guidelines

Question tools

3 follower(s)


Asked: 9/14/15, 11:09 AM
Seen: 7269 times
Last updated: 9/14/15, 1:42 PM