Postfix verchlüsselt?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Postfix verchlüsselt?

Timm Schneider
Hallo,


wie kann ich feststellen, ob der Transportweg verschlüsselt ist?
In meinem alten Postfix auf der alten Maschine wurde das immer im
Logfile angezeigt, jetzt allerding ist da nichts mehr zu sehen.


root@web:/home/timm# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
body_checks = pcre:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
compatibility_level = 2
header_checks = pcre:/etc/postfix/header_checks
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_exceptions = root
mydestination = $myhostname, localhost.$mydomain, listen.$mydomain
mydomain = tms-it.net
myhostname = mail.tms-it.net
mynetworks = 127.0.0.0/8 83.137.45.96/27 192.168.0.0/16
[::ffff:127.0.0.0]/104 [::1]/128
myorigin = $myhostname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = check_client_access
hash:/etc/postfix/relays, reject_rbl_client blacklist.rbl.ispa.at,
check_policy_service inet:127.0.0.1:10040 check_sender_access
hash:/etc/postfix/access, regexp:/etc/postfix/sender_regexp,
permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining,
reject_unknown_client_hostname, check_recipient_access
hash:/etc/postfix/recipient_rfc, reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauthenticated_sender_login_mismatch, reject_rbl_client
mail.de.bl.blocklist.de, reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client sbl.spamhaus.org, reject_rbl_client pbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net,
reject_unverified_recipient, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = mail
smtpd_sasl_security_options = noanonymous
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.tms-it.net/cert.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.tms-it.net/privkey.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_domains = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual


Grüße
Timm
--
TMS IT-Dienst
Hinterstadt 2
4840 Vöcklabruck(VB)
Austria
T(AT).+43.720.501 078(kostenlos per ENUM erreichbar)
T(DE).+49.89.721010 77792
T(CH).+41.32.510 9875
F.+43.720.501 078 57
Das Stammzertifikat finden Sie unter www.cacert.org/index.php?id=3


smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Postfix verchlüsselt?

Alex JOST
Am 13.10.2017 um 10:30 schrieb Timm Schneider:

> Hallo,
>
>
> wie kann ich feststellen, ob der Transportweg verschlüsselt ist?
> In meinem alten Postfix auf der alten Maschine wurde das immer im
> Logfile angezeigt, jetzt allerding ist da nichts mehr zu sehen.
>
>
> root@web:/home/timm# postconf -n
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
> biff = no
> body_checks = pcre:/etc/postfix/body_checks
> broken_sasl_auth_clients = yes
> compatibility_level = 2
> header_checks = pcre:/etc/postfix/header_checks
> inet_interfaces = all
> inet_protocols = all
> mailbox_size_limit = 0
> masquerade_classes = envelope_sender, header_sender, header_recipient
> masquerade_exceptions = root
> mydestination = $myhostname, localhost.$mydomain, listen.$mydomain
> mydomain = tms-it.net
> myhostname = mail.tms-it.net
> mynetworks = 127.0.0.0/8 83.137.45.96/27 192.168.0.0/16
> [::ffff:127.0.0.0]/104 [::1]/128
> myorigin = $myhostname
> readme_directory = no
> recipient_delimiter = +
> relayhost =
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> smtpd_recipient_restrictions = check_client_access
> hash:/etc/postfix/relays, reject_rbl_client blacklist.rbl.ispa.at,
> check_policy_service inet:127.0.0.1:10040 check_sender_access
> hash:/etc/postfix/access, regexp:/etc/postfix/sender_regexp,
> permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining,
> reject_unknown_client_hostname, check_recipient_access
> hash:/etc/postfix/recipient_rfc, reject_invalid_helo_hostname,
> reject_non_fqdn_helo_hostname, reject_non_fqdn_sender,
> reject_non_fqdn_recipient, reject_unknown_sender_domain,
> reject_unknown_recipient_domain,
> reject_unauthenticated_sender_login_mismatch, reject_rbl_client
> mail.de.bl.blocklist.de, reject_rbl_client ix.dnsbl.manitu.net,
> reject_rbl_client sbl.spamhaus.org, reject_rbl_client pbl.spamhaus.org,
> reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net,
> reject_unverified_recipient, reject_unauth_destination
> smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
> defer_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = mail
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_cert_file = /etc/letsencrypt/live/mail.tms-it.net/cert.pem
> smtpd_tls_key_file = /etc/letsencrypt/live/mail.tms-it.net/privkey.pem
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtpd_use_tls = yes
> virtual_alias_domains = hash:/etc/postfix/virtual
> virtual_alias_maps = hash:/etc/postfix/virtual

smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1

--
Alex JOST
Reply | Threaded
Open this post in threaded view
|

Re: Postfix verchlüsselt?

Timm Schneider
Hallo Alex,


ja danke, hat funktioniert.


Ciao
Timm

Am 13.10.2017 um 10:33 schrieb Alex JOST:

> Am 13.10.2017 um 10:30 schrieb Timm Schneider:
>> Hallo,
>>
>>
>> wie kann ich feststellen, ob der Transportweg verschlüsselt ist?
>> In meinem alten Postfix auf der alten Maschine wurde das immer im
>> Logfile angezeigt, jetzt allerding ist da nichts mehr zu sehen.
>>
>>
>> root@web:/home/timm# postconf -n
>> alias_database = hash:/etc/aliases
>> alias_maps = hash:/etc/aliases
>> append_dot_mydomain = no
>> biff = no
>> body_checks = pcre:/etc/postfix/body_checks
>> broken_sasl_auth_clients = yes
>> compatibility_level = 2
>> header_checks = pcre:/etc/postfix/header_checks
>> inet_interfaces = all
>> inet_protocols = all
>> mailbox_size_limit = 0
>> masquerade_classes = envelope_sender, header_sender, header_recipient
>> masquerade_exceptions = root
>> mydestination = $myhostname, localhost.$mydomain, listen.$mydomain
>> mydomain = tms-it.net
>> myhostname = mail.tms-it.net
>> mynetworks = 127.0.0.0/8 83.137.45.96/27 192.168.0.0/16
>> [::ffff:127.0.0.0]/104 [::1]/128
>> myorigin = $myhostname
>> readme_directory = no
>> recipient_delimiter = +
>> relayhost =
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
>> smtpd_recipient_restrictions = check_client_access
>> hash:/etc/postfix/relays, reject_rbl_client blacklist.rbl.ispa.at,
>> check_policy_service inet:127.0.0.1:10040 check_sender_access
>> hash:/etc/postfix/access, regexp:/etc/postfix/sender_regexp,
>> permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining,
>> reject_unknown_client_hostname, check_recipient_access
>> hash:/etc/postfix/recipient_rfc, reject_invalid_helo_hostname,
>> reject_non_fqdn_helo_hostname, reject_non_fqdn_sender,
>> reject_non_fqdn_recipient, reject_unknown_sender_domain,
>> reject_unknown_recipient_domain,
>> reject_unauthenticated_sender_login_mismatch, reject_rbl_client
>> mail.de.bl.blocklist.de, reject_rbl_client ix.dnsbl.manitu.net,
>> reject_rbl_client sbl.spamhaus.org, reject_rbl_client pbl.spamhaus.org,
>> reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net,
>> reject_unverified_recipient, reject_unauth_destination
>> smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
>> defer_unauth_destination
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_local_domain = mail
>> smtpd_sasl_security_options = noanonymous
>> smtpd_tls_cert_file = /etc/letsencrypt/live/mail.tms-it.net/cert.pem
>> smtpd_tls_key_file = /etc/letsencrypt/live/mail.tms-it.net/privkey.pem
>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>> smtpd_use_tls = yes
>> virtual_alias_domains = hash:/etc/postfix/virtual
>> virtual_alias_maps = hash:/etc/postfix/virtual
>
> smtp_tls_loglevel = 1
> smtpd_tls_loglevel = 1
>
--
TMS IT-Dienst
Hinterstadt 2
4840 Vöcklabruck(VB)
Austria
T(AT).+43.720.501 078(kostenlos per ENUM erreichbar)
T(DE).+49.89.721010 77792
T(CH).+41.32.510 9875
F.+43.720.501 078 57
Das Stammzertifikat finden Sie unter www.cacert.org/index.php?id=3


smime.p7s (5K) Download Attachment