1. Login

Postfix: Untrusted TLS connection established

How to link the ca-certificates in your Postfix configuration.

152 views
d

By. Jacob

Edited: 2023-08-09 00:26

Untrusted TLS connection established

By randomness I discovered I had misconfigured my TLS certificate settings on my postfix server. A command you can use to check for this is: 

grep -ri "Untrusted TLS connection" /var/log/mail.log

1. To fix this issue you may need to load the CA-Certificates in Postfix configuration:

sudo postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt'
sudo postfix reload

Alternatively, open up the /etc/postfix/main.cf file and add it to the end of the file manually. E.g:

smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

2. After doing this you can try to grep for trusted TLS... in the mail.log:

grep -ri "Trusted TLS connection" /var/log/mail.log

It should output Trusted TLS connection established in the terminal, which means the ca-certs were linked successfully.

If this is not working, repeat the last step after installing the CA-Certificates:

sudo apt install ca-certificates

Share with your friends:

Tell us what you think:

  1. Blocking sender email addresses with Postfix
    How to block sender e-mail addresses and domains in Postfix to effectively eliminate marketing spam.
  2. How To Know If Postfix Was Hacked Into
    We can find out if Postfix was hacked by reading the mail and syslog files, learn what to look for in this article.
  3. How to set up SPF checking in Postfix
    Configure Postfix to check SPF records and fight e-mail spoofing.
  4. DNS SPF Records
    How to use SPF records to increase the likelihood that your e-mails will be received and not go to spam.

More in: Postfix