How to enable TLS with port 587 with Secure Authentication on Postfix?

postfix

How to make my Postfix server send mail only on port 587, and also enable TLS with port 587 with Secure authentication (which uses system linux users)?

First of all, this question might seem too broad, but I couldn't find a single solution for this on the internet. Many articles do give a solution, but they skip some parts.

I want to force authentication and force TLS connections.

I can post the config if anyone asks me.

Thanks in advance. I am new to postfix. Also, I could take a look at http://www.postfix.org/documentation.html, but before you tell me about it, I am unable to understand it properly, hence, I am sure I would mess up a config, and make my server unusable. Also, postfix here was installed using the apt package manager. But I'm sure this is not particularly related to ubuntu. I was using Exim4 before using postfix, but there is so little support for Exim, because people mostly have it in cPanel, so I don't get vanilla Exim support.

This needs urgent help because our server's security is in danger.


Solution 1:

This will only allow secure connections:

smtpd_tls_auth_only = yes

Then you have the other needed options:

smtpd_tls_security_level = may

smtp_sasl_auth_enable = yes

smtp_use_tls = yes

To use 587, edit master.cf and uncomment the line:

submission inet n - n - - smtpd

The restart postfix.

Related

How do you detect if the file is in deferred state?
Delay TCP SYN retransmission on Linux
Reset ASMB8 BMC Credentials
I need help finding my USB connected devices
How to install Pantheon Desktop on Ubuntu 15.04?
Installation blocked by bitlocker
Persistant File System vs Installation onto USB stick
Ubuntu 13.04 and Reliance Netconnect USB Modem
XPS 9370 thermal throttling ubuntu 18.04
NetworkManager - if-down.d script does not execute
Installing missing package that provides Xm/Xm.h
Udev not running scripts