Did you know LQ has a Linux Hardware Compatibility List?
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


Search this Thread
Old 04-30-2013, 11:41 AM   #1
Registered: Oct 2005
Location: Uruguay
Distribution: CentOS 5.10 Ubuntu 12.4 MacOS 10.9
Posts: 113

Rep: Reputation: 17
Enable SMTP SSL/TLS (Centos 5.9 - Postfix - Dovecot)


I followed instructions from to setup a secure mail server.
The last line talks about configuring email clients, Thunderbird in server settings "select SSL".
This is SSL/TLS, it works okay for incoming mail, port 995.
But it doesn't for SMTP.
STARTTLS on port 587 works fine but SSL/TLS on port 465 does not: "connection timeout" when trying to send an email.
I would like to know how what I am missing to send SSL/TLS mail.

Some data in reference to the steps in
Slight difference in my main.conf:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:/var/spool/postfix/postgrey/socket

Telnet on port 25 also contains AUTH PLAIN (after ssl implementation)(wiki says it shouldn't be):
250-SIZE 50480000
250 DSN

#One line from maillog:
dovecot: pop3-login: Login: user=<bob>, method=PLAIN, rip=::ffff:x.x.17.166, lip=::ffff:y.y.y.54, TLS
#Another line from maillog
dovecot: imap-login: Login: user=<bob>, method=PLAIN, rip=::ffff:, lip=::ffff:, secured
##This is from squirrelmail
#Another line from maillog
postfix/smtpd[8948]: TLS connection established from ......: SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)
##Sending mail with STARTTLS

smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
465 inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
587 inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes

Thank you
Old 05-03-2013, 12:33 PM   #2
Registered: May 2013
Posts: 75

Rep: Reputation: Disabled

Have you checked this option?


Sire Maxus
Old 05-03-2013, 03:19 PM   #3
Registered: Oct 2005
Location: Uruguay
Distribution: CentOS 5.10 Ubuntu 12.4 MacOS 10.9
Posts: 113

Original Poster
Rep: Reputation: 17
Hello Sire Maxus, thanks for your reply.

Well, forget 465
"Even in 2013, there are still services that continue to offer the deprecated SMTPS interface on port 465 in addition to (or instead of!) the RFC-compliant message submission interface on the port 587 defined by RFC 6409.[6] Service providers that maintain port 465 do so because [7] older Microsoft applications (including Entourage v10.0) do not support STARTTLS, [8] and thus not the smtp-submission standard (ESMTPS on port 587). The only way for service providers to offer those clients an encrypted connection is to maintain port 465."

Thanks again,


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
DOVECOT SSL/TLS connection problem on port 993 or 995 volga629 Linux - Server 9 12-16-2009 08:30 PM
dovecot SSL/TLS non-PAM config went awry molafish Linux - Software 1 03-19-2009 11:59 PM
Simple Mailserver with sendmail, dovecot and SSL/TLS dsh Linux - Server 0 10-16-2008 02:11 PM
Dovecot - TLS doesnt work while SSL does extasic Linux - Server 2 10-07-2008 05:57 PM
opensuse 10.3 and sending smtp via SSL/TLS newbuyer17 Linux - Server 1 02-27-2008 02:26 AM

All times are GMT -5. The time now is 04:04 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration