Daer Viktor, I´ve followed your instructions and setup the submission port in master.cf as you said:
Mail client ---STARTTLS ---- Postfix listening on Port TCP/587 - Internet SMTP servers But when I execute from a client 172.1.1.1 to the Postfix server 10.1.1.1: $ mailx -v -r "f...@mycompany.com" -s "TLS test" -S smtp="10.1.1.1:587" -S smtp-use-starttls -S ssl-verify=ignore any_u...@gmail.com the command never ends in the shell and the Postfix log just says: Mar 13 19:41:56 MITLPSMT01 postfix/smtpd[20302]: initializing the server-side TLS engine Mar 13 19:41:56 MITLPSMT01 postfix/smtpd[20302]: connect from unknown[172.1.1.1] Mar 13 19:41:56 MITLPSMT01 postfix/smtpd[20302]: setting up TLS connection from unknown[172.1.1.1] Mar 13 19:41:56 MITLPSMT01 postfix/smtpd[20302]: unknown[172.1.1.1]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH" Mar 13 19:41:56 MITLPSMT01 postfix/smtpd[20302]: SSL_accept:before/accept initialization The mail doesn't go out from Postfix. What can be the reason I can't send a mail using STARTTLS through the Postfix server ??? On Mon, Mar 13, 2017 at 5:18 PM, Viktor Dukhovni <postfix-us...@dukhovni.org > wrote: > On Mon, Mar 13, 2017 at 04:49:23PM -0300, Jeronimo L. Cabral wrote: > > > At the moment, the mail relay is reached just from inside our company and > > several applications use it to send mail through Internet. > > If the submission port is only reachable from internal trusted > networks, then authentication is optional. You'll need to make > sure that Postfix will not be listening for port 587 on any public > IP addresses. > > > Using mailx is in this manner: > > My first encounter with "heirloom-mailx", with SMTP and TLS bolted > in mailx, my is the world getting fancy... > > > $ mailx -v -r "f...@mycompany.com" -s "TLS test" -S smtp="10.10.12.5:587" > -S > > smtp-use-starttls -S ssl-verify=ignore u...@gmail.com > > This is fine, provided that 10.10.12.5 is not reachable from outside via > NAT, and no other IP address reaches the same port 587 service. > > -- > Viktor. >
