> On Jan 12, 2018, at 3:55 PM, Sean Son <linuxmailinglistsem...@gmail.com> > wrote: > > By default, TLS is disabled in the Postfix SMTP server, so no difference to > plain Postfix is visible. Explicitly switch it on with > "smtpd_tls_security_level = may". > > Example: > > /etc/postfix/main.cf > : > > smtpd_tls_security_level > = may > > With this, the Postfix SMTP server announces STARTTLS support to remote SMTP > clients, but does not require that clients use TLS encryption. > > I think this is the correct solution? Would this require an SSL cert?
Yes, of course. See: http://www.postfix.org/TLS_README.html#quick-start and if your Postfix release is older than Postfix 3.1, in particular: http://www.postfix.org/TLS_README.html#self-signed -- Viktor.
