Error: "TLS not available due to local problem" Postfix

Hi! I’ve spent a while now attempting to setup a mail server using postfix on my droplet running ubuntu. I have pretty much finished however I constantly get weird errors every time I send an email on my mail server. The error is as follows:

Transcript of session follows.

 Out: 220 ESMTP Postfix
 In:  EHLO
 Out: 250-SIZE 10240000
 Out: 250-VRFY
 Out: 250-ETRN
 Out: 250-STARTTLS
 Out: 250-8BITMIME
 Out: 250 DSN
 Out: 454 4.7.0 TLS not available due to local problem

Session aborted, reason: lost connection

For other details, see the local mail logfile

Here is my postfix config:

myhostname =
myorigin = /etc/mailname
mydestination =,, localhost, localhost.localdomain
relayhost =
mynetworks = [::ffff:]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#smtpd_tls_protocols = !SSLv2,!TLSv1,!TLSv1.1,!SSLv3
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
smtp_tls_security_level = encrypt
#smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1

I am unsure why this is happening. If anything else is required please let me know.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.


Do these files exist?


If so, who owns the files + directory, and what are the current permissions on each?

If owned by a user other than root, we need to change that, and we can do so by running:

chown -R root:root /etc/ssl

… which will handle recursively setting ownership to root for both files and directories.

We then need to ensure proper permissions are setup. Ideally, this would be chmod 600 for files and chmod 700 for directories, though you could go as low as chmod 400 on files and chmod 500 on directories.

chmod 600 /etc/ssl/certs/mailcert.pem \
&& chmod /etc/ssl/private/mail.key


chmod 700 /etc/ssl/certs \
&& chmod 700 /etc/ssl/private/

then restart postfix

service postfix restart

Other Options

If you’d like something a little easier to setup and work with, I would recommend MailInABox. It’ll handle a huge chunk of what’s needed for you with relative ease.

I have followed the steps that you have said to do, but with no luck. I don’t really want to use MailInABox unless it is a last resort and I really cannot figure out why Postfix isn’t working. Any other ideas?