Installation


Upgrades


DTC-Xen Installation


DTC-Xen / Dom0 Howtos

DTC-Xen / DomU Howtos

FAQ


DTC Howtos


Manuals


Features


Roadmap


Devel docs


Wiki - i18n


Wiki - Meta


Setup Postfix TLS

This procedure assumes you will be using a self signed certificate with postfix. You can replace the cert.pem with one from someone like cacert.org. Note that Debian Lenny does this setup by default, so there's not much you should do now (appart maybe activating/forcing TLS).

1. Create a folder for your certs

mkdir -p /etc/postfix/ssl
cd /etc/postfix/ssl

2. Generate the cert with OpenSSL

openssl req -new -x509 -nodes -out cert.pem

3. Edit Postfix's main.cf to include your cert

Add the following to /etc/postfix/main.cf (and /var/lib/dtc/etc/postfix_config_snippets):

smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/privkey.pem
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
tls_daemon_random_source = dev:/dev/urandom

NOTE: Please do not leave any leading spaces to any of the lines above, otherwise postfix will not start correctly.

4. Edit Postfix's master.cf to enable SSL

Uncomment out the smtps lines (4 lines by default) in /etc/postfix/master.cf

5. Reload postfix

postfix reload

or

/etc/init.d/postfix restart


Editing this page means accepting its license.

Page last modified on May 28, 2010, at 07:50 PM EST