In this guide, I will show you a quick and easy way to enable TLS encryption on your Postfix server. The reason why you would want to enable this is that some email servers automatically mark incoming emails as spam if they are not encrypted with TLS as well as this helps prevent people from intercepting email traffic from your server.
You can see if TLS is already enabled by sending a test email to a Gmail account and checking if you see a similar result as the screenshot below.
To enable TLS you simply need to edit your postfix configuration file by running the following commands.
echo "smtp_tls_security_level = encrypt" >> /etc/postfix/main.cf echo "smtp_enforce_tls=yes" >> /etc/postfix/main.cf
If you have not done any configurations yet then you will also want to set your hostname as well.
echo "myhostname = yourdomain.com" >> /etc/postfix/main.cf
The last step is reloading postfix, you can do that with the following command. This command will work regardless of which distribution or release you are using.
systemctl reload postfix || /etc/init.d/postfix reload
Now to verify that you have enabled TLS encryption, send another test email to your Gmail account and see if the status has changed. You should see a result similar to the screenshot below.
I hope this guide has helped, if you have any comments or questions please feel free to comment. Please don’t forget to share using the social media buttons below, thank you!