Error: "TLS not available due to local problem" Postfix

Posted January 14, 2017 36.5k views

Hi! I’ve spent a while now attempting to setup a mail server using postfix on my droplet running ubuntu. I have pretty much finished however I constantly get weird errors every time I send an email on my mail server. The error is as follows:

Transcript of session follows.

 Out: 220 ESMTP Postfix
 In:  EHLO
 Out: 250-SIZE 10240000
 Out: 250-VRFY
 Out: 250-ETRN
 Out: 250-STARTTLS
 Out: 250-8BITMIME
 Out: 250 DSN
 Out: 454 4.7.0 TLS not available due to local problem

Session aborted, reason: lost connection

For other details, see the local mail logfile

Here is my postfix config:

myhostname =
myorigin = /etc/mailname
mydestination =,, localhost, localhost.localdomain
relayhost =
mynetworks = [::ffff:]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#smtpd_tls_protocols = !SSLv2,!TLSv1,!TLSv1.1,!SSLv3
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
smtp_tls_security_level = encrypt
#smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1

I am unsure why this is happening. If anything else is required please let me know.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers


Do these files exist?


If so, who owns the files + directory, and what are the current permissions on each?

If owned by a user other than root, we need to change that, and we can do so by running:

chown -R root:root /etc/ssl

.. which will handle recursively setting ownership to root for both files and directories.

We then need to ensure proper permissions are setup. Ideally, this would be chmod 600 for files and chmod 700 for directories, though you could go as low as chmod 400 on files and chmod 500 on directories.

chmod 600 /etc/ssl/certs/mailcert.pem \
&& chmod /etc/ssl/private/mail.key


chmod 700 /etc/ssl/certs \
&& chmod 700 /etc/ssl/private/

then restart postfix

service postfix restart

Other Options

If you’d like something a little easier to setup and work with, I would recommend MailInABox. It’ll handle a huge chunk of what’s needed for you with relative ease.

  • This is extremely helpful, thank you. I have been struggling on and off for three years to set up a mail server. If Hillary can do it it can’t be that hard, right?

    Well no. You have to set these terms in POSTFIX in order to have DOVECOT work!

    Who woulda thunk…

    But I would not have found it but for

     that printed out the offending result that led me here:
         "TLS not available due to local problem"

    Thank you, thank you, thank you, from the bottom of my heart…



I have followed the steps that you have said to do, but with no luck. I don’t really want to use MailInABox unless it is a last resort and I really cannot figure out why Postfix isn’t working. Any other ideas?