Connect only via TLS,for send and fetch mail

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Connect only via TLS,for send and fetch mail

nima chavooshi
Hi
I want to users can access only via TLS to our MTA system,both for sending mail and fetching mail. Of course I have configured TLS in main.cf and users can connect via TLS,but if users do not set "TLS" option in own mail client,also they can connect to system.
For pop3 server I have setup dovecot.
Which option should I set in postfix and dovecot for this purpose ?

Thanks in advanceĀ 
Reply | Threaded
Open this post in threaded view
|

Re: Connect only via TLS,for send and fetch mail

Noel Jones-2
On 10/27/2011 6:15 AM, nima chavooshi wrote:

> Hi
> I want to users can access only via TLS to our MTA system,both for
> sending mail and fetching mail. Of course I have configured TLS in
> main.cf <http://main.cf> and users can connect via TLS,but if users
> do not set "TLS" option in own mail client,also they can connect to
> system.
> For pop3 server I have setup dovecot.
> Which option should I set in postfix and dovecot for this purpose ?
>
> Thanks in advance


You can set postfix to require TLS encryption by setting main.cf:
smtpd_tls_security_level = encrypt

Note this setting must not be used on a public MX server, but is
suitable for a mail submission server used exclusively by your own
users.
http://www.postfix.org/TLS_README.html#server_enable

If this is a public MX, you can require your users to submit mail
via the submission port, and require encryption there.

Check with the dovecot users list to find settings to require TLS
with that software.



  -- Noel Jones