On 10/27/2011 6:15 AM, nima chavooshi wrote: > Hi > I want to users can access only via TLS to our MTA system,both for > sending mail and fetching mail. Of course I have configured TLS in > main.cf <http://main.cf> and users can connect via TLS,but if users > do not set "TLS" option in own mail client,also they can connect to > system. > For pop3 server I have setup dovecot. > Which option should I set in postfix and dovecot for this purpose ? > > Thanks in advance
You can set postfix to require TLS encryption by setting main.cf: smtpd_tls_security_level = encrypt Note this setting must not be used on a public MX server, but is suitable for a mail submission server used exclusively by your own users. http://www.postfix.org/TLS_README.html#server_enable If this is a public MX, you can require your users to submit mail via the submission port, and require encryption there. Check with the dovecot users list to find settings to require TLS with that software. -- Noel Jones
