My problem is I can't send mail/connect to port 465. I purchased a SSL certificate and I have my private key, domain certificate and ca certificate file in pem format.
I have opened 465 port in iptables and commented out the following lines in master.cf
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
I added the following lines in main.cf
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/private_key.pem
smtpd_tls_cert_file = /etc/postfix/cert.pem
smtpd_tls_CAfile = /etc/postfix/ca.pem
smtpd_tls_loglevel = 3
smtpd_tls_security_level = encrypt
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_relay_restrictions = permit_mynetworks permit_tls_clientcerts reject_unauth_destination
There is no error in /var/log/maillog
But when run this command:
openssl s_client -connect mydomain.com:465
I see it stated connected and all my certificate verify = 1. but at the end it show:
Start Time: 1444920545
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
read:errno=0
Is there anything that I need/do in order to use port 465?