How do I encrypt emails sent from my server?

Posted September 15, 2017 24.3k views
UbuntuApacheEmailLet's EncryptUbuntu 16.04

The past days I have been working on setting up Email on my server, I have manged to send emails (without them going to the spam folder) but the emails are still not being encrypted.

The server is Ubuntu 16.04 with Apache2 (LAMP stack) - and right now I am sending emails without SMTP (i think) I’m using PHPMailer to send emails.

Here’s the tutorials I have followed:

For encryption I tried these tutorials, but they didn’t help.

Can anyone point me in the right direction? Thanks.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
3 answers

I seemed to find a solution for this at—-testing-the-smtp-server in the comment section by the user kevinruffus

He’s comment that solved my problem:

In addition to the instructions above, create your own self-signed certs, use LetsEncrypt, or use purchased certificates/keys (make sure you use wildcard or certificates specific to your hostname/FQDN), and edit to include:

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/fullchain.pem (change to suit your system)
smtpd_tls_key_file=/etc/ssl/private/privkey.pem (change to suit your system)
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpdtlsCAfile=(if your cert and CAfile aren’t rolled into a single file)
It cleared the warnings from the emails for me, and shows TLS was used.

Edit: Corrected to show smtpusetls=yes, not smtpdusetls=yes

by finid
Postfix is a *mail transfer agent* (MTA), an application used to send and receive email. In this tutorial, we will install and configure Postfix so that it can be used to send emails by local applications only — that is, those installed on the same server that Postfix is installed on.
  • Struggled with this for a week. Thank you so much for this comment.

    Anyone having an issue with TLS, the issue is “smtpd use tls” should be “smtp use tls” take notice to the “smtpd” vs “smtp

  • Wanted to add something to this. Your comment is the right way to configure encrypted emails to be sent from postfix on ubuntu but I wanted to add this for people who are wondering about the certificates.

    Most likely you used letsencrypt to make an SSL for your domain, these are stored in /etc/letsencrypt/live/

    So the lines above would be changed to

    I wanted to mention this because by default there will be a /etc/ssl/certs/ and /private directory but these aren’t setup if you followed the guides above and are using letsencrypt for your web server.

    Google will absolutely mark your email as spam if you don’t have SPF, DKIM, and encryption setup on outgoing emails.

Same thing here, had to change from




Don’t forget to

service postfix restart

Thx @andersdk ! I was having problems with smtpdusetls=yes ! and it was smtpusetls=yes as you correctly highlighted. Best regards.