How to enable TLS with port 587 with Secure Authentication on Postfix?

How to make my Postfix server send mail only on port 587, and also enable TLS with port 587 with Secure authentication (which uses system linux users)?

First of all, this question might seem too broad, but I couldn't find a single solution for this on the internet. Many articles do give a solution, but they skip some parts.

I want to force authentication and force TLS connections.

I can post the config if anyone asks me.

Thanks in advance. I am new to postfix. Also, I could take a look at http://www.postfix.org/documentation.html, but before you tell me about it, I am unable to understand it properly, hence, I am sure I would mess up a config, and make my server unusable. Also, postfix here was installed using the apt package manager. But I'm sure this is not particularly related to ubuntu. I was using Exim4 before using postfix, but there is so little support for Exim, because people mostly have it in cPanel, so I don't get vanilla Exim support.

This needs urgent help because our server's security is in danger.


Solution 1:

This will only allow secure connections:

smtpd_tls_auth_only = yes

Then you have the other needed options:

smtpd_tls_security_level = may

smtp_sasl_auth_enable = yes

smtp_use_tls = yes

To use 587, edit master.cf and uncomment the line:

submission inet n - n - - smtpd

The restart postfix.