postfix with TLS - ReadList.com

6 msg	KDE4 overlay
2 msg	x11-drm fails to emerge
2 msg	gentoo-dev
7 msg	Gentoo LiveUSB
3 msg	External ISDN modem
6 msg	Ebuilds for additional campaigns for games-stra...
162 msg	Is GWN dead?
16 msg	Routing problem ?
3 msg	Enigmail in Thunderbird 2.0.0.9
5 msg	VMware Server Tools
2 msg	[OT] stable non-anonymous free http proxy
13 msg	Update After A Year
14 msg	Kernel setting for frame buffer (2.6.23-r5)
18 msg	What's with this hald thing and why can't I rip...
11 msg	package.provided
3 msg	digraph error while trying to emerge
11 msg	FreeAgent extn. Drive setup ideas
14 msg	Incredibly slow disk access
11 msg	emerge of ksh93 erroring out.. who can interpret

postfix with TLS
\ Jules Colding (7 Jan 2008)
. \ Arnau Bria (7 Jan 2008)
. \ kashani (7 Jan 2008)

Subject:	postfix with TLS
Group:	Gentoo-user
From:	Jules Colding
Date:	7 Jan 2008

Hi

I'm trying to configure my postfix server to use TLS, which should be
quite straightforward according to the different guides I have found
using Google.

When I telnet into my postfix installation I get this:

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.example.com ESMTP Postfix
EHLO mail.example.com
250-mail.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

According to the guides this should be the desired output and TLS should
work, but all my mail clients (Thunderbird, mail(mac)) chokes when I try
to send a mail.

This is my main.cf file for postfix:

#################### main.cf ######################
soft_bounce = yes
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
myhostname = mail.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8
home_mailbox = .maildir/
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = /usr/share/doc/postfix-2.3.6/html
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = /usr/share/doc/postfix-2.3.6/readme

#
TLS

smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_use_tls = yes
#smtpd_tls_auth_only =
yes

smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

#
SASL

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
#smtpd_sasl_local_domain =
$myhostname

smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
relay_domains = $mydestination
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
check_relay_domains,
reject_unauth_destination

#
Mailman

owner_request_special = no
recipient_delimiter = +
alias_maps = hash:/usr/local/mailman/data/aliases, hash:/etc/mail/aliases

############### END ##################

Any help or comments would be truly appreciated.

Best regards,
jules

--
gentoo-user mailing list