Hi! I’ve spent a while now attempting to setup a mail server using postfix on my droplet running ubuntu. I have pretty much finished however I constantly get weird errors every time I send an email on my mail server. The error is as follows:
Transcript of session follows.
Out: 220 mail.pikadude.me ESMTP Postfix
In: EHLO mail-wm0-f47.google.com
Out: 250-dc-87ba2609-mail.pikadude.me
Out: 250-PIPELINING
Out: 250-SIZE 10240000
Out: 250-VRFY
Out: 250-ETRN
Out: 250-STARTTLS
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250 DSN
In: STARTTLS
Out: 454 4.7.0 TLS not available due to local problem
Session aborted, reason: lost connection
For other details, see the local mail logfile
Here is my postfix config:
myhostname = mail.pikadude.me
myorigin = /etc/mailname
mydestination = mail.pikadude.me, pikadude.me, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtpd_tls_cert_file=/etc/ssl/certs/mailcert.pem
smtpd_tls_key_file=/etc/ssl/private/mail.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
#smtpd_tls_protocols = !SSLv2,!TLSv1,!TLSv1.1,!SSLv3
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
smtp_tls_security_level = encrypt
#smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
I am unsure why this is happening. If anything else is required please let me know.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
I have followed the steps that you have said to do, but with no luck. I don’t really want to use MailInABox unless it is a last resort and I really cannot figure out why Postfix isn’t working. Any other ideas?
Do these files exist?
smtpd_tls_cert_file=/etc/ssl/certs/mailcert.pem
smtpd_tls_key_file=/etc/ssl/private/mail.key
If so, who owns the files + directory, and what are the current permissions on each?
If owned by a user other than root, we need to change that, and we can do so by running:
chown -R root:root /etc/ssl
… which will handle recursively setting ownership to root for both files and directories.
We then need to ensure proper permissions are setup. Ideally, this would be chmod 600 for files and chmod 700 for directories, though you could go as low as chmod 400 on files and chmod 500 on directories.
chmod 600 /etc/ssl/certs/mailcert.pem \
&& chmod /etc/ssl/private/mail.key
and
chmod 700 /etc/ssl/certs \
&& chmod 700 /etc/ssl/private/
then restart postfix
service postfix restart
Other Options
If you’d like something a little easier to setup and work with, I would recommend MailInABox. It’ll handle a huge chunk of what’s needed for you with relative ease.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.