Le 24/02/2012 17:28, Kaleb Hosie a écrit : > I'm trying to enable postfix to use an SSL certificate for sending email but > when I enable SMTP on my outlook client, > I get this message: > "Send test e-mail message: Your server does not support the connection > encryption type you have specified. Try changing the encryption method. > Contact your mail server administrator or Interenet service provider (ISP) > for additional assistance." > > If I use TLS as an encryption method rather than SSL, it works.
there are two ways to implement ssl/tls in smtp: - the non-standard way: smtp over ssl (smtps). in postfix, this is called "wrapper mode tls". this is what old version of outluck suuport. you can use this by enabling "smtps" in your master.cf. your client needs to use the smtps port instead of the smtp port. - the standard is STARTTLS. this uses the standard smtp port (25). mail user agents may have different "names" for these mode. sometimes they use "ssl" for the first and "tls" for the second. this is a MUA UI choice. you'll need to figure out what your MUA is trying to say. if you can't, ask your vendor. > > Here is the configuration in my main.cf: > smtpd_use_tls = yes > smtpd_tls_security_level = may > smtpd_tls_cert_file = /etc/pki/tls/certs/stopspam.nicanada.com.crt > smtpd_tls_key_file = /etc/pki/tls/certs/stopspam.nicanada.com.key > > I have also added the following in my master.cf file as well: > smtps inet n - n - - smtpd > -o smtpd_tls_wrappermode=yes > -o smtpd_sasl_auth_enable=yes > -o smtpd_client_restrictions=permit_sasl_authenticated,reject > > Any ideas why it is not working? >
