How to encrypt email via PMTA+mailwizz?

KYI

Member
Hi,

I'm using PMTA + mailwizz for self hosted.

Everything seems be working good however I saw the email i sent out
wasn't encrypted. May I know how to encrypt email?
 

twisted1919

Administrator
Staff member
@KYI - I think you are reffering to the content of the emails, where some emails are base64 encoded while others are not?
If so, then this is just the encoding type of the email and mailwizz does not use base64 encode but quoted-printable.
 

KYI

Member
@KYI - I think you are reffering to the content of the emails, where some emails are base64 encoded while others are not?
If so, then this is just the encoding type of the email and mailwizz does not use base64 encode but quoted-printable.


the red lock and the message saying "yourdomain.com did not encrypt this message"


@KYI
Do u want to Encrypt Connection of PMTA to GMAIL/YAHOO etc???

yes. I want to do the encrypt connection of PMTA with gmail, yahoo and hotmail. Do you know how to do it?
 

Attachments

  • Screen Shot 2016-07-29 at 5.17.17 PM.png
    Screen Shot 2016-07-29 at 5.17.17 PM.png
    206.3 KB · Views: 82

duffhome

Active Member
Hey @KYI , To make powermta send email through an encrypted connection you must:
first, create a self-assigned certification on PMTA server to your hostname. I'm using Centos so from the terminal I run this commands:

Code:
# openssl req -new -x509 -days 3650 -nodes -out "/etc/ssl/private/pmta.example.com.cert" -keyout "/etc/ssl/private/pmta.example.com.key"

then
Code:
# cat /etc/ssl/private/pmta.example.com.cert /etc/ssl/private/pmta.example.com.key > pmta.example.com.pem

Then add this line to powermta config:

Code:
#SSL
smtp-server-tls-certificate /etc/ssl/private/pmta.example.com.pem


Make sure you're listening to TLS connection:
Code:
smtp-listener 0.0.0.0:2525  tls= yes

and:
Code:
<domain *>
.....
.....
.....
    use-starttls yes
</domain>


and on the smtp sources add:

Code:
<source 127.0.0.1>
.....
.....
.....
    allow-starttls yes
</source>


You may have to add them on all your sources not just the localhost source.

Let me know when you get it working.
Cheers,
Iss.
 

duffhome

Active Member
here is an other alternative - which is effective.
smtp-listener 0/0:2524
.
.
.
<domain *>
...
...
type smtp
use-starttls yes
require-starttls no
...
...
</domain>

Meaning pmta will not require TLS (if the receiver mail server does not support encryption email will be sent without TLS, if the receiver mail server accept TLS pmta will send email with TLS. no matter if the receive Mail server require it or no.)

On our lovely app mailwizz. when adding SMTP details. choose Encryption to none.

This is easier to implement. You dont need to create a self hosted certification.

Hope it helps. Have a lovely day
 
Top