1

Topic: SMTPS force

==== Required information ====
- iRedMail version: 0.8.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version:  CentOS 6.4
- Related log if you're reporting an issue:  n/a
====

Hi,

I run iredmail for long and I noticed one thing:

1. if client send mail without TLS enabled (no security enabled) then mail is delivered to destination also without using tls. (server to server communication also without security)

2. I tried to force server to server to use tls if posible but every time I change something it afects both client to smtp server and server to server setings.

So I want unsecured client mails that come to my server to be delivered securly (server to server)

I tried changin values of:

smtp_tls_security_level

setting it to encript is not good idea as if destination server does not support tls mail wont be delivered but in any other way I was unable to force unsecurly recieved mail to be delivered securly.

Is it posible at all?

and if yes that I miss?

2

Re: SMTPS force

No idea yet, sorry.

3

Re: SMTPS force

Hello,
I had the same problem - incomming (smtpd) TLS is working, OK. But when I send emails to TLS enabled recipients, there was no TLS used.

This settings fixed this issue for me through:
smtp_tls_security_level = may
smtp_tls_loglevel = 0
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Is there any reason why is this disbled by default in iRedMail?

4

Re: SMTPS force

Hi vlastikcz,

iRedMail doesn't enable it by default. But as you suggested, we should enable it by default. Will try to fix it in next release.

5

Re: SMTPS force

UPDATE:

Enabled 'smtp_tls_security_level = may' in Postfix by default:
https://bitbucket.org/zhb/iredmail/comm … 4bd5182470