如何为postfix设置两个smtp端口?

具有postfix,dovecot和mailx的CentOS 7服务器需要容纳通过port 465发送并通过port 25接收的邮件。 什么具体的语法和文件需要改变才能做到这一点?

这是我迄今为止的尝试:

1.)我在以下部分添加了465 inet n - - - - smtpd/etc/postfix/master.cf

 # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd 465 inet n - - - - smtpd 

2.)然后我通过inputsystemctl stop postfix然后systemctl start postfix然后systemctl status postfix来重启systemctl status postfix

3.)接下来,我将防火墙中的端口25和端口465分配给SMTP服务。 我testing了确认防火墙允许通过键入nc my.SERVER.ip.addr 465 < /dev/null到端口465到devboxterminal,并看到它通过打印220 mydomain.com ESMTP Postfix回复。 然后,我testing了防火墙允许端口25通过发送来自不同服务器的testing电子邮件来获得SMTP访问权限,并且显然通过端口25接收到这个邮件。

4.)我确认我的devbox上的Thunderbird客户端在me@mydomain.com帐户中设置了用于传出smtp的端口465,我试图使用我的devbox的Thunderbird客户端从服务器发送电子邮件。

5.)然后在服务器端inputtcpdump -n -i any tcp port 465 ,并在devboxterminal中inputtcpdump -n -i any tcp port 465

6.)所有这些设置,我试图使用Thunderbird发送一个testing电子邮件从me@mydomain.com some_other_test_account@someotherdomain.com 。 雷鸟超时没有发送电子邮件,但下面的tcpdump被打印在两台机器的terminal。

在服务器上,这导致:

 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes 15:26:40.204817 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40555: Flags [S.], seq 1955299233, ack 152228482, win 14480, options [mss 1460,sackOK,TS val 1056230222 ecr 5576928,nop,wscale 7], length 0 15:26:40.293442 IP my.DEVBOX.ip.addr.40555 > my.SERVER.ip.addr.urd: Flags [.], ack 1, win 115, options [nop,nop,TS val 5577014 ecr 1056230222], length 0 15:26:40.293926 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40555: Flags [P.], seq 1:43, ack 1, win 114, options [nop,nop,TS val 1056230312 ecr 5577014], length 42 15:26:40.298215 IP my.DEVBOX.ip.addr.40555 > my.SERVER.ip.addr.urd: Flags [F.], seq 1, ack 1, win 115, options [nop,nop,TS val 5577015 ecr 1056230222], length 0 15:26:40.298521 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40555: Flags [F.], seq 43, ack 2, win 114, options [nop,nop,TS val 1056230316 ecr 5577015], length 0 15:26:40.384890 IP my.DEVBOX.ip.addr.40555 > my.SERVER.ip.addr.urd: Flags [.], ack 43, win 115, options [nop,nop,TS val 5577104 ecr 1056230312], length 0 15:26:40.389738 IP my.DEVBOX.ip.addr.40555 > my.SERVER.ip.addr.urd: Flags [.], ack 44, win 115, options [nop,nop,TS val 5577113 ecr 1056230316], length 0 15:28:49.598741 IP my.DEVBOX.ip.addr.40557 > my.SERVER.ip.addr.urd: Flags [S], seq 1432245308, win 14600, options [mss 1460,sackOK,TS val 5706324 ecr 0,nop,wscale 7], length 0 15:28:49.598807 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40557: Flags [S.], seq 706641072, ack 1432245309, win 14480, options [mss 1460,sackOK,TS val 1056359616 ecr 5706324,nop,wscale 7], length 0 15:28:49.685239 IP my.DEVBOX.ip.addr.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 1, win 115, options [nop,nop,TS val 5706409 ecr 1056359616], length 0 15:28:49.685304 IP my.DEVBOX.ip.addr.40557 > my.SERVER.ip.addr.urd: Flags [P.], seq 1:186, ack 1, win 115, options [nop,nop,TS val 5706409 ecr 1056359616], length 185 15:28:49.685328 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40557: Flags [.], ack 186, win 122, options [nop,nop,TS val 1056359703 ecr 5706409], length 0 15:28:49.700806 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40557: Flags [P.], seq 1:43, ack 186, win 122, options [nop,nop,TS val 1056359719 ecr 5706409], length 42 15:28:49.783363 IP my.DEVBOX.ip.addr.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 43, win 115, options [nop,nop,TS val 5706510 ecr 1056359719], length 0 15:28:49.783411 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40557: Flags [P.], seq 43:154, ack 186, win 122, options [nop,nop,TS val 1056359801 ecr 5706510], length 111 15:28:49.868122 IP my.DEVBOX.ip.addr.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 154, win 115, options [nop,nop,TS val 5706592 ecr 1056359801], length 0 15:30:36.430512 IP my.DEVBOX.ip.addr.40557 > my.SERVER.ip.addr.urd: Flags [F.], seq 186, ack 154, win 115, options [nop,nop,TS val 5813157 ecr 1056359801], length 0 15:30:36.430912 IP my.SERVER.ip.addr.urd > my.DEVBOX.ip.addr.40557: Flags [F.], seq 154, ack 187, win 122, options [nop,nop,TS val 1056466449 ecr 5813157], length 0 15:30:36.513221 IP my.DEVBOX.ip.addr.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 155, win 115, options [nop,nop,TS val 5813243 ecr 1056466449], length 0 ^C 19 packets captured 20 packets received by filter 0 packets dropped by kernel 

在DEVBOX,这导致:

 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes 12:32:00.232924 IP my.SERVER.ip.addr.urd > 10.0.0.2.40557: Flags [S.], seq 706641072, ack 1432245309, win 14480, options [mss 1460,sackOK,TS val 1056359616 ecr 5706324,nop,wscale 7], length 0 12:32:00.232992 IP 10.0.0.2.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 1, win 115, options [nop,nop,TS val 5706409 ecr 1056359616], length 0 12:32:00.233212 IP 10.0.0.2.40557 > my.SERVER.ip.addr.urd: Flags [P.], seq 1:186, ack 1, win 115, options [nop,nop,TS val 5706409 ecr 1056359616], length 185 12:32:00.319025 IP my.SERVER.ip.addr.urd > 10.0.0.2.40557: Flags [.], ack 186, win 122, options [nop,nop,TS val 1056359703 ecr 5706409], length 0 12:32:00.334311 IP my.SERVER.ip.addr.urd > 10.0.0.2.40557: Flags [P.], seq 1:43, ack 186, win 122, options [nop,nop,TS val 1056359719 ecr 5706409], length 42 12:32:00.334359 IP 10.0.0.2.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 43, win 115, options [nop,nop,TS val 5706510 ecr 1056359719], length 0 12:32:00.415529 IP my.SERVER.ip.addr.urd > 10.0.0.2.40557: Flags [P.], seq 43:154, ack 186, win 122, options [nop,nop,TS val 1056359801 ecr 5706510], length 111 12:32:00.415586 IP 10.0.0.2.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 154, win 115, options [nop,nop,TS val 5706592 ecr 1056359801], length 0 12:33:46.981077 IP 10.0.0.2.40557 > my.SERVER.ip.addr.urd: Flags [F.], seq 186, ack 154, win 115, options [nop,nop,TS val 5813157 ecr 1056359801], length 0 12:33:47.066884 IP my.SERVER.ip.addr.urd > 10.0.0.2.40557: Flags [F.], seq 154, ack 187, win 122, options [nop,nop,TS val 1056466449 ecr 5813157], length 0 12:33:47.066946 IP 10.0.0.2.40557 > my.SERVER.ip.addr.urd: Flags [.], ack 155, win 115, options [nop,nop,TS val 5813243 ecr 1056466449], length 0 ^C 11 packets captured 12 packets received by filter 0 packets dropped by kernel 

请注意,服务器输出中的前7个项目出现在以前的testing中,但tcpdump -n -i any tcp port 465命令(服务器和devbox)同时运行。

请注意,在服务器上键入postconf -n导致:

 alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 home_mailbox = Maildir/ html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES sample_directory = /usr/share/doc/postfix-2.10.1/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop unknown_local_recipient_reject_code = 550 

另外,在服务器上键入postconf -M将导致:

 smtp inet n - n - - smtpd 465 inet n - - - - smtpd pickup unix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - nn - - local virtual unix - nn - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache 

/var/log/maillog在那段时间的内容是:

 Mar 3 15:22:05 mydomain postfix/postfix-script[8565]: starting the Postfix mail system Mar 3 15:22:05 mydomain postfix/master[8567]: daemon started -- version 2.10.1, configuration /etc/postfix Mar 3 15:23:40 mydomain postfix/smtpd[8572]: connect from unknown[my.DEVBOX.ip.addr] Mar 3 15:25:26 mydomain postfix/smtpd[8572]: lost connection after UNKNOWN from unknown[my.DEVBOX.ip.addr] Mar 3 15:25:26 mydomain postfix/smtpd[8572]: disconnect from unknown[my.DEVBOX.ip.addr] Mar 3 15:26:40 mydomain postfix/smtpd[8572]: connect from unknown[my.DEVBOX.ip.addr] Mar 3 15:26:40 mydomain postfix/smtpd[8572]: lost connection after CONNECT from unknown[my.DEVBOX.ip.addr] Mar 3 15:26:40 mydomain postfix/smtpd[8572]: disconnect from unknown[my.DEVBOX.ip.addr] Mar 3 15:28:49 mydomain postfix/smtpd[8578]: connect from unknown[my.DEVBOX.ip.addr] Mar 3 15:30:36 mydomain postfix/smtpd[8578]: lost connection after UNKNOWN from unknown[my.DEVBOX.ip.addr] Mar 3 15:30:36 mydomain postfix/smtpd[8578]: disconnect from unknown[my.DEVBOX.ip.addr] Mar 3 15:33:40 mydomain postfix/anvil[8574]: statistics: max connection rate 1/60s for (465:my.DEVBOX.ip.addr) at Mar 3 15:23:40 Mar 3 15:33:40 mydomain postfix/anvil[8574]: statistics: max connection count 1 for (465:my.DEVBOX.ip.addr) at Mar 3 15:23:40 Mar 3 15:33:40 mydomain postfix/anvil[8574]: statistics: max cache size 1 at Mar 3 15:23:40 

Thunderbird中的传出服务器设置是:

 Description: <Not Specified> Server Name: mydomain.com Port: 465 User Name: me Authentication Method: Normal Password Connection Security: SSL/TLS 

我解释这意味着封锁是在后缀。 那么为了让postfix允许远程客户端通过port 465发出,同时仍然允许通过port 25从其他服务器接收邮件,我该怎么改变呢?


编辑:


根据@sebix给出的链接中的说明,我尝试了以下内容:

/etc/postfix/main.cf我取消注释下面的行:

 smtpd_tls_security_level = may 

/etc/postfix/master.cf ,我取消注释了以下两行:

 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes 

但是,当我试图发送testing邮件时,Thunderbird回复了以下错误对话框:

 Sending of message failed. The message could not be sent because the connection to SMTP server mydomain.com was lost in the middle of the transaction. Try again or contact your network administrator. 

编辑#2


根据Esa Jokinen的build议,我尝试了以下几个命令。

在DEVBOX上,我inputtelnet mydomain.com 587并得到以下回复。 请注意,即使terminal中没有# ,我添加input的两行在它们前面都有# 。 我添加#为重点/清晰度:

 Trying my.Server.ip.addr... Connected to mydomain.com. Escape character is '^]'. 220 mydomain.com ESMTP Postfix # EHLO mydomain.com 250-mydomain.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN # STARTTLS 454 4.7.0 TLS not available due to local problem 

接下来,在SERVER上,我inputopenssl s_client -host localhost -port 587 -starttls smtp 。 这导致了以下输出:

 CONNECTED(00000003) 140634999289760:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:769: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 244 bytes and written 284 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- 

在服务器上,我再次键入postconf -n ,现在得到以下输出:

 alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 home_mailbox = Maildir/ html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES sample_directory = /usr/share/doc/postfix-2.10.1/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_cert_file = </etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = </etc/pki/dovecot/private/dovecot.pem smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes unknown_local_recipient_reject_code = 550 

在服务器上,我再次键入postconf -M并得到以下回报:

 smtp inet n - n - - smtpd 587 inet n - - - - smtpd submission inet n - - - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_login_maps=hash:/etc/postfix/virtual -o smtpd_sender_restrictions=reject_sender_login_mismatch -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject pickup unix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - nn - - local virtual unix - nn - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache 

接下来,我尝试使用远程devbox上的Thunderbird客户端通过服务器发送电子邮件。 在这个testing之后,在SERVER中inputnano /var/log/maillog会给出:

 Mar 4 11:57:19 mydomain postfix/smtpd[11029]: error: open database /etc/postfix/virtual.db: No such file or directory Mar 4 11:57:19 mydomain postfix/smtpd[11029]: warning: cannot get RSA certificate from file </etc/pki/dovecot/certs/dovecot.pem: disabling TLS support Mar 4 11:57:19 mydomain postfix/smtpd[11029]: warning: TLS library problem: 11029:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fope$ Mar 4 11:57:19 mydomain postfix/smtpd[11029]: warning: TLS library problem: 11029:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: Mar 4 11:57:19 mydomain postfix/smtpd[11029]: warning: TLS library problem: 11029:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa$ Mar 4 11:57:19 mydomain postfix/smtpd[11029]: connect from unknown[98.244.12.133] Mar 4 11:57:20 mydomain postfix/cleanup[11032]: 1FD8680B3BCE: message-id=<20150304165720.1FD8680B3BCE@mydomain.com> Mar 4 11:57:20 mydomain postfix/qmgr[10139]: 1FD8680B3BCE: from=<double-bounce@mydomain.com>, size=873, nrcpt=1 (queue active) Mar 4 11:57:20 mydomain postfix/smtpd[11029]: disconnect from unknown[98.244.12.133] Mar 4 11:57:20 mydomain postfix/local[11034]: 1FD8680B3BCE: to=<root@mydomain.com>, orig_to=<postmaster>, relay=local, delay=0.07, delays=0.04/0.01/0/0.0$ Mar 4 11:57:20 mydomain postfix/qmgr[10139]: 1FD8680B3BCE: removed 

这些读数表明问题出在证书上。 请注意,我使用了/etc/dovecot/conf.d/10-ssl.conf中指定的证书。 在使用nano之后,我只是剪下并粘贴了两个证书/密钥文件的url,以确认每个文件都存在并包含encryption代码。 而且还要确保把钥匙指向钥匙并将证书指向证书。

我做得对吗?


编辑#3


我改变了密钥文件的URL引用

 smtpd_tls_cert_file = </etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = </etc/pki/dovecot/private/dovecot.pem 

 smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem 

我还删除了/etc/dovecot/conf.d/10-ssl.conf的两个<符号。 (这个testing开始之前的那两个符号)接下来,我inputsudo nano来打开证书和密钥的bpth,以确保它们在给定的位置是可访问的,而且它们是。 然后,我尝试使用我的devbox上的Thunderbird客户端通过服务器发送另一封电子邮件。 这导致了Thunderbird的一个请求,为我添加一个未知证书的exception。 当我接受未知的证书时,Thunderbird给我一个连接超时的对话框,但没有发送邮件,而下面的内容写到/var/log/maillog

 Mar 4 14:08:28 mydomain postfix/postfix-script[11361]: stopping the Postfix mail system Mar 4 14:08:28 mydomain postfix/master[11293]: terminating on signal 15 Mar 4 14:08:33 mydomain postfix/postfix-script[11444]: starting the Postfix mail system Mar 4 14:08:33 mydomain postfix/master[11446]: daemon started -- version 2.10.1, configuration /etc/postfix Mar 4 14:08:44 mydomain postfix/smtpd[11451]: error: open database /etc/postfix/virtual.db: No such file or directory Mar 4 14:08:44 mydomain postfix/smtpd[11451]: connect from unknown[my.DEVBOX.ip.addr] Mar 4 14:08:44 mydomain postfix/smtpd[11451]: warning: SASL: Connect to private/auth failed: No such file or directory Mar 4 14:08:44 mydomain postfix/smtpd[11451]: fatal: no SASL authentication mechanisms Mar 4 14:08:45 mydomain postfix/master[11446]: warning: process /usr/libexec/postfix/smtpd pid 11451 exit status 1 Mar 4 14:08:45 mydomain postfix/master[11446]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling 

注意:

/etc/dovecot/conf.d/10-ssl.conf删除< from </etc/pki/dovecot/certs/dovecot.pem</etc/pki/dovecot/private/dovecot.pem ,导致JavaMail imap从运行在服务器上的应用程序的连接停止工作。 但是把问题解决了。 这可能涉及链接的文件夹。

  • Postfix允许经过SASLauthentication的用户从任何IP地址发送
  • 我可否安全地从CentOS移除所有邮件服务?
  • 这些“单点”smtp连接失败来自哪里?
  • 如何使用SMTP从Tripwire发送邮件?
  • 多个PTRlogging
  • 在什么情况下(如果有的话)MXlogging指向本地主机?
  • One Solution collect form web for “如何为postfix设置两个smtp端口?”

    看来你没有在端口465上启用SSL,也没有为你的smtp提交服务器使用不同的设置。 这意味着您可能在端口465上的设置与在端口25上的设置相同。Thunderbird然后尝试build立SMTPS连接,但以纯文本的方式回答。 提交是一个从普通的SMTP完全不同的设置,当然也需要一个身份validation。

    这对master.cf应该启用安全的提交(SMTP与TLS身份validation)端口587上:

     submission inet n - - - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_login_maps=hash:/etc/postfix/virtual -o smtpd_sender_restrictions=reject_sender_login_mismatch -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject 

    如果不需要,只需删除smtpd_sender_login_maps。 Dovecot特定线路并不完全是Dovecot特定的。 相反,Postfix使用Dovecot进行SASLauthentication,你真的应该设置。

    对于TLS,您还需要在main.cf中添加这些参数(也许可以用您自己的证书pathreplacesnakeoil):

     # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 

    通过这些修改,它可能也适用于SMTPS(465):

     smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot ... 

    我认为这些可能对你继续有用:

    http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL

    https://www.vultr.com/docs/simple-mailserver-postfix-dovecot-sieve-centos-7

    服务器问题集锦,包括 Linux(Ubuntu, Centos,Debian等)和Windows Server服务器.