1996 6 years ago

For debian based distributions, edit /etc/postfix/master.cf to uncomment the block of lines starting with smtps

Main advantage: connection on port 465 will automatically use SSL, as was done a long time ago.

If you do not have one yet, get a certificate from letsencrypt for your mx. It will also be an option on port 25 (keyword: may) with STARTTLS.

postconf -e 'smtpd_tls_cert_file = /etc/letsencrypt/live/YOURDOMAIN/fullchain.pem'

postconf -e 'smtpd_tls_key_file = /etc/letsencrypt/live/YOURDOMAIN/privkey.pem'

postconf -e 'smtp_tls_security_level = may'

postconf -e 'smtpd_tls_security_level = may'

postconf -e 'smtp_tls_note_starttls_offer = yes'

postconf -e 'smtpd_tls_loglevel = 1'

postconf -e 'smtpd_tls_received_header = yes'