I have an issue regarding SSL/TLS. I have configured my certificates and STARTTLS works fine. Out of curosity, I wanted to get SSL over tcp/465 working.
I uncommented the following line in master.cf: smtps inet n - n - - smtpd And netsat shows the server is now listening on tcp/465. However when I configure my client (Thunderbird) use use SSL, it comes back with the following error: "Sending of message failed. The message could not be sent because the connection to SMTP server mail timed out." The following, rather unhelpfully, is listed in maillog: Jan 18 21:58:48 mail postfix/smtpd[2551]: initializing the server-side TLS engine Jan 18 21:58:49 mail postfix/smtpd[2551]: connect from pc[172.x.x.x] Jan 18 21:59:19 mail postfix/smtpd[2551]: lost connection after UNKNOWN from pc[172.x.x.x] Jan 18 21:59:19 mail postfix/smtpd[2551]: disconnect from pc[172.x.x.x] Does anyone have any thoughts on what I'm missing? Output from postconf -n: body_checks = regexp:/usr/pkg/etc/postfix/body_checks command_directory = /usr/pkg/sbin config_directory = /usr/pkg/etc/postfix daemon_directory = /usr/pkg/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 header_checks = regexp:/usr/pkg/etc/postfix/header_checks html_directory = no inet_protocols = ipv4 mail_owner = postfix mail_spool_directory = /var/mail mailbox_size_limit = 0 mailq_path = /usr/pkg/bin/mailq manpage_directory = /usr/pkg/man message_size_limit = 0 mydestination = localhost, localhost.$mydomain, $myhostname, $mydomain mydomain = xxx.xx.com myhostname = mail.xxx.xx.com mynetworks = x.x.x.x, x.x.x.x, 127.0.0.0/8 mynetworks_style = subnet myorigin = $mydomain newaliases_path = /usr/pkg/bin/newaliases proxy_interfaces = x.x.x.x queue_directory = /var/spool/postfix readme_directory = /usr/pkg/share/examples/postfix sample_directory = /usr/pkg/share/examples/postfix sendmail_path = /usr/pkg/sbin/sendmail setgid_group = maildrop smtp_tls_CAfile = /etc/openssl/certs/DigiCertCA.crt smtp_tls_loglevel = 1 smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may smtpd_banner = $myhostname ESMTP smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = check_helo_access hash:/usr/pkg/etc/postfix/helo_access, reject_non_fqdn_hostname, reject_invalid_hostname, reject_unknown_hostname, permit smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_sender_access hash:/usr/pkg/etc/postfix/sender_access, reject_unauth_pipelining, reject_non_fqdn_$ smtpd_sasl_auth_enable = yes smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, check_sender_access hash:/usr/pkg/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender$ smtpd_tls_CAfile = /etc/openssl/certs/DigiCertCA.crt smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/openssl/certs/mail.xxx.xxx.xx.crt smtpd_tls_key_file = /etc/openssl/private/mail.xxx.xxx.xx.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s unknown_local_recipient_reject_code = 550