Postfix and TLS

Sun, 22 Jan 2012 07:14:37 -0800 

Hi all,

I'm facing a problem when TLS encryption is activated. When connecting via TLS 
encrypted connection my email-client is telling me that my server doesn't 
support STARTTLS. Where is my fault?
Thanks in advance

/var/log/mail.log:
-------------------
...
Jan 22 15:57:48 ABC postfix/smtpd[3681]: initializing the server-side TLS engine
Jan 22 15:57:48 ABC postfix/smtpd[3681]: connect from unknown[AAA.BBB.CCC.DDD]
Jan 22 15:57:48 ABC postfix/smtpd[3681]: lost connection after EHLO from 
unknown[AAA.BBB.CCC.DDD]
Jan 22 15:57:48 ABC postfix/smtpd[3681]: disconnect from 
unknown[AAA.BBB.CCC.DDD]

telnet session:
-----------------

telnet example.org 25
Trying 85.214.80.232...
Connected to example.org.
Escape character is '^]'.
220 **********
ehlo example.org
250-mail
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-XXXXXXXA
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.

main.cf:
---------

##################
# Default settings
##################
biff = no
append_dot_mydomain = no
delay_warning_time = 4h
readme_directory = no
smtpd_banner = $myhostname ESMTP

################
# TLS parameters
################
smtpd_tls_security_level = encrypt
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 4

#################
# SASL parameters
#################
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous

###############################
# Sender / Receipent parameters
###############################
smtpd_helo_required = yes
smtpd_sender_restrictions =
        permit_sasl_authenticated
        permit_mynetworks
smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated
        reject_unauth_destination
        reject_invalid_hostname
        reject_non_fqdn_sender
        reject_unknown_sender_domain
        reject_non_fqdn_recipient
        reject_unknown_recipient_domain
        reject_rbl_client relays.ordb.org
        reject_rbl_client cbl.abuseat.org

###############
# Main settings
###############
myhostname = mail
mydomain = example.org
mydestination = $mydomain localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mynetworks = AAA.BBB.CCC.DDD/32 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

Reply via email to