티스토리 뷰

OpenSUSE 11 MAIL Server SSL Settings


SSL Settings

 

Configure SSL to encrypt connections. SMTPS uses 465/TCP, POP3S uses 995/TCP, IMAPS uses 993/TCP.



1. Create Certificates first, Refer to here.


2. Configure Postfix and Cyrus-IMAP for SSL.


mail:~ # cp /etc/ssl/private/server.* /etc/sasl2/ 

mail:~ # chown cyrus:mail /etc/ssl/private/server.* 


mail:~ # vi /etc/cyrus.conf

# line 15,17: uncomment

imaps         cmd="imapd -s" listen="imaps" prefork=0

pop3s         cmd="pop3d -s" listen="pop3s" prefork=0


mail:~ # vi /etc/services

# line 116: add

 smtps              465/tcp      # Secure Mail Transfer

smtps              465/udp      # Secure Mail Transfer


mail:~ # vi /etc/postfix/main.cf

# line 702: change

smtpd_use_tls = yes


# add to the end

smtpd_tls_cert_file = /etc/sasl2/server.crt

smtpd_tls_key_file = /etc/sasl2/server.key

smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache


mail:~ # vi /etc/postfix/master.cf

# line 13-14: uncomment

smtps     inet n     -     n     -     -     smtpd -o smtpd_tls_wrappermode=yes

    -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

# line 23: uncomment

tlsmgr     unix     -     -     n     1000?     1     tlsmgr


mail:~ # vi /etc/imapd.conf

# add to the end

tls_cert_file: /etc/sasl2/server.crt

tls_key_file: /etc/sasl2/server.key


mail:~ # /etc/init.d/postfix restart 

mail:~ # /etc/init.d/cyrus restart 

저작자 표시 비영리 변경 금지
신고
댓글