Thank You for Your time and answer, Rainer: > Amazingly this thread has moved in a totally strange direction (or I overlook > s.th. and I make a fool of myself). The server does not advertise STARTTLS, > so "command not implemented" is a correct response. You didn't have TLS > enabled in the config you posted. You need to put "smtpd_tls_security_level = > may" (or =encrypt) in main.cf or in the smtpd service definition in
For smtpd_tls_security_level = encrypt I have: * Connecting to SMTP server: abc.com ... [17:32:38] SMTP< 220 The ABC Center ESMTP Service [17:32:38] ESMTP> EHLO localhost [17:32:40] ESMTP< 250-abc.com [17:32:40] ESMTP< 250-PIPELINING [17:32:40] ESMTP< 250-SIZE 30720000 [17:32:40] ESMTP< 250-VRFY [17:32:40] ESMTP< 250-ETRN [17:32:40] ESMTP< 250-STARTTLS [17:32:40] ESMTP< 250-ENHANCEDSTATUSCODES [17:32:40] ESMTP< 250-8BITMIME [17:32:40] ESMTP< 250 DSN [17:32:40] ESMTP> STARTTLS [17:32:42] ESMTP< 454 4.7.0 TLS not available due to local problem ** error occurred on SMTP session *** Error occurred while sending the message: 454 4.7.0 TLS not available due to local problem For smtpd_tls_security_level = may I have: * Connecting to SMTP server: abc.com ... [17:33:45] SMTP< 220 The ABC Center ESMTP Service [17:33:45] ESMTP> EHLO localhost [17:33:46] ESMTP< 250-abc.com [17:33:46] ESMTP< 250-PIPELINING [17:33:46] ESMTP< 250-SIZE 30720000 [17:33:46] ESMTP< 250-VRFY [17:33:46] ESMTP< 250-ETRN [17:33:46] ESMTP< 250-STARTTLS [17:33:46] ESMTP< 250-AUTH PLAIN LOGIN [17:33:46] ESMTP< 250-AUTH=PLAIN LOGIN [17:33:46] ESMTP< 250-ENHANCEDSTATUSCODES [17:33:46] ESMTP< 250-8BITMIME [17:33:46] ESMTP< 250 DSN [17:33:46] ESMTP> STARTTLS [17:33:47] ESMTP< 454 4.7.0 TLS not available due to local problem ** error occurred on SMTP session *** Error occurred while sending the message: 454 4.7.0 TLS not available due to local problem And what is the local problem? Some permissions? I'm new to email servers, so, any simple/foolish problem can have a place. > master.cf. You also need to configure the certificate and key files. See > TLS_README in the postfix documentation. Well. I have those already: # postconf -n | grep tls smtpd_tls_CAfile = /etc/ssl/ca.crt smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key