Specifically I am studying for the LFCE exam and am having trouble remembering all the TLS options I need to add to the postfix/main.cf file which are:

smtpd_tls_key_file = /etc/pki/tls/certs/server.key
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
smtpd_sasl_tls_security_options = noanonymous
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
tls_random_source = dev:/dev/urandom
smtpd_tls_auth_only = yes

Storing all that in my head is quite difficult, is there anywhere on the system where I can easily find these options for reference?

I've hunted around for a README in the /usr/shars/docs/* folder but to no avail.

2 Answers

In Ubuntu 14.04.1 LTS run in terminal;

cat /usr/share/postfix/main.cf.tls

This should give you the contents of /usr/share/postfix/main.cf.tls which is;

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

to check contents of of /usr/share/doc/postfix/TLS_README.gz run;

zcat /usr/share/doc/postfix/TLS_README.gz | less 

or

zcat /usr/share/doc/postfix/TLS_README.gz | grep -i smtpd_tls

Also you can grep for 'tls_random_source' separately...

to grep specific parts of the readme file as per your interest

#Additionally you can run;
postconf -d | grep -i smtpd_tls

0

You can look at the manpage: man 5 postconf.

0

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy