Re: Replacing Postfix

[IT geek 31 <itgeek31%googlemail.com@localhost>]

Thanks for this.  I have added all this, but nothing happens.  I do not get
250-STARTTLS in a telnet session with ehlo, and Thunderbird reports the
following:

An error occurred sending mail: Unable to establish a secure link with SMTP
server 192.168.1.1 using STARTTLS since it doesn't advertise that feature.
Switch off STARTTLS for that server or contact your service provider.

I believe Postfix does supports TLS as I have run:

ldd /usr/libexec/postfix/smtpd:
     <snip>
     -lssl.6 => /usr/lib/libssl.so.6
     <snip>

Does anyone have any ideas what I might be missing?


-Mark


On 17 December 2010 22:52, Matthias Scheler <tron%zhadum.org.uk@localhost> 
wrote:

> On Fri, Dec 17, 2010 at 04:11:38PM +0000, IT geek 31 wrote:
> > I have an excellent Postfix installed and configured exactly how I need
> it.
> > The only thing it lacks is TLS and SASL support.
>
> Postfix in NetBSD supports both TLS and SASL. Turning on TLS just
> needs a few config lines like this in "/etc/postfix/main.cf":
>
>        # TLS: client side
>        smtp_use_tls = yes
>        smtp_tls_loglevel = 1
>        smtp_tls_note_starttls_offer = yes
>        smtp_tls_CAfile = /etc/postfix/certs/my-cacert.pem
>
>        # TLS: server side
>        smtpd_use_tls = yes
>        smtpd_tls_key_file = /etc/postfix/certs/my-key.pem
>        smtpd_tls_cert_file = /etc/postfix/certs/my-cert.pem
>        smtpd_tls_CAfile = /etc/postfix/certs/my-cacert.pem
>        smtpd_tls_loglevel = 1
>        smtpd_tls_received_header = yes
>
> For SASL support you configure Postfix to talk to Dovecot (which is
> available under "pkgsrc/mail/dovecot"). The Dovecot Wiki has
> excellent documentation for configuring this:
>
>        http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL
>
> I'm using such a setup on my own mail server and it works like a charm.
>
>        Kind regards
>
> --
> Matthias Scheler                                  http://zhadum.org.uk/