Thank You for Your time and answer, Rainer:

> Amazingly this thread has moved in a totally strange direction (or I overlook 
> s.th. and I make a fool of myself).  The server does not advertise STARTTLS, 
> so "command not implemented" is a correct response. You didn't have TLS 
> enabled in the config you posted. You need to put "smtpd_tls_security_level = 
> may" (or =encrypt) in main.cf or in the smtpd service definition in 

For smtpd_tls_security_level = encrypt I have:

* Connecting to SMTP server: abc.com ...
[17:32:38] SMTP< 220 The ABC Center ESMTP Service
[17:32:38] ESMTP> EHLO localhost
[17:32:40] ESMTP< 250-abc.com
[17:32:40] ESMTP< 250-PIPELINING
[17:32:40] ESMTP< 250-SIZE 30720000
[17:32:40] ESMTP< 250-VRFY
[17:32:40] ESMTP< 250-ETRN
[17:32:40] ESMTP< 250-STARTTLS
[17:32:40] ESMTP< 250-ENHANCEDSTATUSCODES
[17:32:40] ESMTP< 250-8BITMIME
[17:32:40] ESMTP< 250 DSN
[17:32:40] ESMTP> STARTTLS
[17:32:42] ESMTP< 454 4.7.0 TLS not available due to local problem
** error occurred on SMTP session
*** Error occurred while sending the message:
454 4.7.0 TLS not available due to local problem

For smtpd_tls_security_level = may I have:

* Connecting to SMTP server: abc.com ...
[17:33:45] SMTP< 220 The ABC Center ESMTP Service
[17:33:45] ESMTP> EHLO localhost
[17:33:46] ESMTP< 250-abc.com
[17:33:46] ESMTP< 250-PIPELINING
[17:33:46] ESMTP< 250-SIZE 30720000
[17:33:46] ESMTP< 250-VRFY
[17:33:46] ESMTP< 250-ETRN
[17:33:46] ESMTP< 250-STARTTLS
[17:33:46] ESMTP< 250-AUTH PLAIN LOGIN
[17:33:46] ESMTP< 250-AUTH=PLAIN LOGIN
[17:33:46] ESMTP< 250-ENHANCEDSTATUSCODES
[17:33:46] ESMTP< 250-8BITMIME
[17:33:46] ESMTP< 250 DSN
[17:33:46] ESMTP> STARTTLS
[17:33:47] ESMTP< 454 4.7.0 TLS not available due to local problem
** error occurred on SMTP session
*** Error occurred while sending the message:
454 4.7.0 TLS not available due to local problem

And what is the local problem? Some permissions?
I'm new to email servers, so, any simple/foolish problem can have a place.

> master.cf. You also need to configure the certificate and key files. See 
> TLS_README in the postfix documentation.

Well. I have those already:

# postconf -n | grep tls

smtpd_tls_CAfile = /etc/ssl/ca.crt
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key

Reply via email to