Currently client email is submitted via ssmtp (port 465). This has been deprecated for years. The correct way to submit email is via submission (port 587). This patch adds port 587 as a second and the default way of submitting email for delivery. Port 465 remains open for backwards compatibility with existing clients.

8 years ago · 166c57f045
--- a/roles/mailserver/files/etc_postfix_master.cf
+++ b/roles/mailserver/files/etc_postfix_master.cf
@@ -13,12 +13,13 @@ smtp       inet  n       -       -       -       1       postscreen
 
				
				 smtpd      pass  -       -       -       -       -       smtpd
			
 
				
				 dnsblog    unix  -       -       -       -       0       dnsblog
			
 
				
				 tlsproxy   unix  -       -       -       -       0       tlsproxy
			
 
				
				-#submission inet  n       -       -       -       -       smtpd
			
 
				
				-#  -o syslog_name=postfix/submission
			
 
				
				-#  -o smtpd_tls_security_level=encrypt
			
 
				
				-#  -o smtpd_etrn_restrictions=reject
			
 
				
				-#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
			
 
				
				-#  -o milter_macro_daemon_name=ORIGINATING
			
 
				
				+submission inet  n       -       -       -       -       smtpd
			
 
				
				+  -o syslog_name=postfix/submission
			
 
				
				+  -o smtpd_tls_security_level=encrypt
			
 
				
				+  -o smtpd_etrn_restrictions=reject
			
 
				
				+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
			
 
				
				+  -o smtpd_sasl_security_options=noanonymous,noplaintext
			
 
				
				+  -o smtpd_sasl_tls_security_options=noanonymous
			
 
				
				 
			
 
				
				 # SMTP over SSL/TLS on port 465.
			
 
				
				 smtps     inet  n       -       -       -       -       smtpd
			
--- a/roles/mailserver/tasks/postfix.yml
+++ b/roles/mailserver/tasks/postfix.yml
@@ -63,4 +63,5 @@
 
				
				   with_items:
			
 
				
				     - smtp
			
 
				
				     - ssmtp
			
 
				
				+    - submission
			
 
				
				   tags: ufw
			
--- a/roles/mailserver/templates/var_www_autoconfig_mail_config-v1.1.j2
+++ b/roles/mailserver/templates/var_www_autoconfig_mail_config-v1.1.j2
@@ -20,8 +20,8 @@
 
				
				         </incomingServer>
			
 
				
				         <outgoingServer type="smtp">
			
 
				
				             <hostname>{{ mail_server_hostname }}</hostname>
			
 
				
				-            <port>465</port>
			
 
				
				-            <socketType>SSL</socketType>
			
 
				
				+            <port>587</port>
			
 
				
				+            <socketType>STARTTLS</socketType>
			
 
				
				             <authentication>password-cleartext</authentication>
			
 
				
				             <username>%EMAILADDRESS%</username>
			
 
				
				         </outgoingServer>