How to Configure Mail Server SSL/TLS on Linux Debian
Basic Mail SSL
- #apt-get install postfix dovecot-imapd Internet Site System mail name: wsc17.cloud Root and postmaster mail recipient: (blank) Force synchronous updates on mail queue? Local networks: 172.16.0.0/16 10.0.0.0/8 Use procmail for local delivery? Mailbox size limit (bytes): 0 Local address extension character: + Internet protocols to user: all
- #maildirmake.dovecot /etc/skel/Maildir
- #pico /etc/postfix/main.cf home_mailbox = Maildir/
- #/etc/init.d/posfix restart
- #adduser test1
- #adduser test2
- #pico /etc/dovecot/conf.d/10-mail.conf
#mail_location = mbox:
/mail:INBOX=/var/mail/%u mail_location = maildir:/Maildir - #pico /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login #/etc/init.d/posfix restart 9. #/etc/init.d/dovecot restart
POSTFIX STARTLS smtpd_use_tls = yes smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_tls_cert_file = /etc/postfix/smtpd.cert
/etc/init.d/postfix restart
Enable SMTP submission (TLS tcp/587).
-
pico /etc/postfix/master.cf submission inet n - - - - smtpd -o syslog_name=postfix/submission ..... -o smtpd_tls_security_level... #smtpd_sasl_auth_enable=yes
-
netstat -tulpn | grep 587
POSTFIX TLS 465 and IMAPS 993
- cp wsc17cloud.cert.pem /etc/ssl/private/
- cp wsc17cloud.key.pem /etc/ssl/private/
- pico /etc/postfix/main.cf
Edit tls parameter to /etc/ssl/private/wsc17cloud.cert.pem wsc17cloud.key.pem cukup seperti dibawah ini ini ada kaitannya sama diatas "POSTFIX STARTLS" - pico /etc/postfix/master.cf smtps ... until wrappermode
/etc/init.d/postfix restart
install cacert.pem in the client
- pico /etc/dovecot 10-ssl.conf (port 993)
ssl = yes ssl_cert = </etc/ssl/private/wsc17cloud.cert.pem ssl_key = </etc/ssl/private/wsc17cloud.key.pem
- /etc/init.d/dovecot restart
- openssl s_client -showcerts -connect localhost:993 -CAfile /ca/cacert.pem