創建憑證參考 Postfix SSL POP3 use Dovecot
將 cert.pem 與 private.pem 合併為 server.pem 並放到 /etc/postfix/目錄下
cat /etc/pki/dovecot/certs/cert.pem /etc/pki/dovecot/private/private.pem > /etc/postfix/server.pem
——————————————————————————————
vi /etc/postfix/main.cf
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/server.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_enforce_tls = yes
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
permit_tls_clientcerts, 加入此行
reject_unauth_destination
——————————————————————————————
vi /etc/postfix/master.cf (只是把以下註解 # 拿掉)
smtps inet n – n – – smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
——————————————————————————————
測試 smtp SSL/TLS 運作 (藍字部分為手動輸入)
telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 cs6.aaazzz.com ESMTP Postfix
ehlo localhost
250-cs6.aaazzz.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
starttls
220 2.0.0 Ready to start TLS 必須出現此行
——————————————————————————————
使用者郵件設定