On Fri, Jan 12, 2018 at 3:48 PM, Philip Paeps <phi...@trouble.is> wrote:
> On 2018-01-12 15:45:33 (-0500), Sean Son wrote: > >> How does one configure an internet facing Postfix SMTP mail relay server, >> to offer STARTTLS? I have been googling around and seeing various >> different articles and blog entries, but I cannot figure out what is the >> quickest and easiest way to do so. I am running postfix on RHEL 7. Any >> help is greatly appreciated! >> > > I'm surprised Google couldn't find http://www.postfix.org/TLS_README.html > > DuckDuckGo returns it as the first hit for "Postfix TLS". > > Philip > > -- > Philip Paeps > Senior Reality Engineer > Ministry of Information > Hello Philip Thank you for the response. I did see that documentation but it was too confusing for me to figure it out. But upon further research I found this: By default, TLS is disabled in the Postfix SMTP server, so no difference to plain Postfix is visible. Explicitly switch it on with " smtpd_tls_security_level <http://www.postfix.org/postconf.5.html#smtpd_tls_security_level> = may". Example: /etc/postfix/main.cf <http://www.postfix.org/postconf.5.html>: smtpd_tls_security_level <http://www.postfix.org/postconf.5.html#smtpd_tls_security_level> = may With this, the Postfix SMTP server announces STARTTLS support to remote SMTP clients, but does not require that clients use TLS encryption. I think this is the correct solution? Would this require an SSL cert? Thanks
