{"id":4175,"date":"2020-10-30T20:02:00","date_gmt":"2020-10-30T19:02:00","guid":{"rendered":"https:\/\/webhosting.de\/postfix-certificate-verification-failed-for-gmail-smtp-in-l-google-com\/"},"modified":"2021-07-15T13:06:04","modified_gmt":"2021-07-15T12:06:04","slug":"postfix-certificate-verification-failed-for-gmail-smtp-in-l-google-com","status":"publish","type":"post","link":"https:\/\/webhosting.de\/en\/postfix-certificate-verification-failed-for-gmail-smtp-in-l-google-com\/","title":{"rendered":"postfix: outgoing eMails encrypted"},"content":{"rendered":"

It always makes sense to encrypt e-mail communication, especially when you are on the move and you are accessing or writing e-mails in WLAN environments. Because there is usually an unknown person lurking here, who records the communication in plain text.<\/p>\n

With simple settings in the email program or smartphone you can activate the encrypted connection. So the connection from the email program to the email server is encrypted and secure.<\/p>\n

However, the connections between the mail servers of the sender and recipient are then problematic. These are usually transmitted unencrypted, since they are servers in a secure environment. Of course it is then possible to copy and eavesdrop on the e-mail traffic.<\/p>\n

You should give your Postfix<\/a> mail servers at least give the possibility to use the Data<\/a> if possible encrypted.<\/p>\n

If you find entries in your maillog like:<\/p>\n

certificate verification failed for gmail-smtp-in.l.google.com<\/h2>\n

Then your Postfix is not able to Certificate<\/a> in order to encrypt the data.<\/p>\n

With a small change in the main.cf file you can activate this.<\/p>\n

For this purpose, the ca-certificates must be installed on the server. For redhat and centos this is described in the package ca-certificates
\nThe bundled files can be found here: \/etc\/pki\/ca-trust\/extracted\/pem\/tls-ca-bundle.pem at centos7 You should have your own certificate and save it in \/etc\/postfix\/postfix_default.pem together with the key and root crt.<\/p>\n

Now enter these commands:<\/p>\n

\npostconf -e smtp_tls_security_level=may\npostconf -e smtp_tls_cert_file=\/etc\/postfix\/postfix_default.pem\npostconf -e smtp_tls_key_file=\/etc\/postfix\/postfix_default.pem\npostconf -e smtp_tls_CAfile = \/etc\/pki\/ca-trust\/extracted\/pem\/tls-ca-bundle.pem\npostconf -e smtp_tls_mandatory_exclude_ciphers='aNULL, DES, RC4, MD5'.\n\npostconf -e smtpd_tls_security_level=may\npostconf -e smtpd_tls_key_file=\/etc\/postfix\/postfix_default.pem\npostconf -e smtpd_tls_cert_file=\/etc\/postfix\/postfix_default.pem\npostconf -e smtpd_tls_mandatory_protocols='!SSLv2, !SSLv3'\npostconf -e smtpd_tls_protocols='!SSLv2, !SSLv3'\npostconf -e smtpd_tls_mandatory_ciphers=high\npostconf -e smtpd_tls_mandatory_exclude_ciphers='aNULL, DES, RC4, MD5'.\npostconf -e tls_high_cipherlist='EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'\n<\/pre>\n
From now on postfix encrypts to other servers that offer this.<\/p>\n
But make sure that the options: <\/p>\n
This option is advertised by some providers in TV commercials as a secure e-mail delivery. Please note that this is of course only a transport encryption, i.e. the path between the two mail servers. The email itself is again stored in plain text on the email server of the recipient.<\/p>","protected":false},"excerpt":{"rendered":"
Es ist immer sinnvoll die eMail Kommunikation zu verschl\u00fcsseln, gerade wenn man auch mobil unterwegs ist und in wlan Umgebungen eMails abruft oder schreibt. Denn hier lauert meist ein unbekannter, der die Kommunikation im Klartext mitschneidet. Mit simplen Einstellungen im eMailprogramm oder Smartphone kann man die Verschl\u00fcsselte Verbindung aktivieren. Somit ist die Verbindung vom eMailprogramm […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_crdt_document":"","inline_featured_image":false,"footnotes":""},"categories":[780,700,791,995,792],"tags":[],"class_list":["post-4175","post","type-post","status-publish","format-standard","hentry","category-administration-anleitungen","category-anleitungen","category-emailserver-administration-anleitungen","category-hilfe","category-postfix-emailserver-administration-anleitungen"],"acf":[],"_wp_attached_file":null,"_wp_attachment_metadata":null,"litespeed-optimize-size":null,"litespeed-optimize-set":null,"_elementor_source_image_hash":null,"_wp_attachment_image_alt":null,"stockpack_author_name":null,"stockpack_author_url":null,"stockpack_provider":null,"stockpack_image_url":null,"stockpack_license":null,"stockpack_license_url":null,"stockpack_modification":null,"color":null,"original_id":null,"original_url":null,"original_link":null,"unsplash_location":null,"unsplash_sponsor":null,"unsplash_exif":null,"unsplash_attachment_metadata":null,"_elementor_is_screenshot":null,"surfer_file_name":null,"surfer_file_original_url":null,"envato_tk_source_kit":null,"envato_tk_source_index":null,"envato_tk_manifest":null,"envato_tk_folder_name":null,"envato_tk_builder":null,"envato_elements_download_event":null,"_menu_item_type":null,"_menu_item_menu_item_parent":null,"_menu_item_object_id":null,"_menu_item_object":null,"_menu_item_target":null,"_menu_item_classes":null,"_menu_item_xfn":null,"_menu_item_url":null,"_trp_menu_languages":null,"rank_math_primary_category":null,"rank_math_title":null,"inline_featured_image":null,"_yoast_wpseo_primary_category":null,"rank_math_schema_blogposting":null,"rank_math_schema_videoobject":null,"_oembed_049c719bc4a9f89deaead66a7da9fddc":null,"_oembed_time_049c719bc4a9f89deaead66a7da9fddc":null,"_yoast_wpseo_focuskw":"","_yoast_wpseo_linkdex":null,"_oembed_27e3473bf8bec795fbeb3a9d38489348":null,"_oembed_c3b0f6959478faf92a1f343d8f96b19e":null,"_trp_translated_slug_en_us":null,"_wp_desired_post_slug":null,"_yoast_wpseo_title":null,"tldname":null,"tldpreis":null,"tldrubrik":null,"tldpolicylink":null,"tldsize":null,"tldregistrierungsdauer":null,"tldtransfer":null,"tldwhoisprivacy":null,"tldregistrarchange":null,"tldregistrantchange":null,"tldwhoisupdate":null,"tldnameserverupdate":null,"tlddeletesofort":null,"tlddeleteexpire":null,"tldumlaute":null,"tldrestore":null,"tldsubcategory":null,"tldbildname":null,"tldbildurl":null,"tldclean":null,"tldcategory":null,"tldpolicy":null,"tldbesonderheiten":null,"tld_bedeutung":null,"_oembed_d167040d816d8f94c072940c8009f5f8":null,"_oembed_b0a0fa59ef14f8870da2c63f2027d064":null,"_oembed_4792fa4dfb2a8f09ab950a73b7f313ba":null,"_oembed_33ceb1fe54a8ab775d9410abf699878d":null,"_oembed_fd7014d14d919b45ec004937c0db9335":null,"_oembed_21a029d076783ec3e8042698c351bd7e":null,"_oembed_be5ea8a0c7b18e658f08cc571a909452":null,"_oembed_a9ca7a298b19f9b48ec5914e010294d2":null,"_oembed_f8db6b27d08a2bb1f920e7647808899a":null,"_oembed_168ebde5096e77d8a89326519af9e022":null,"_oembed_cdb76f1b345b42743edfe25481b6f98f":null,"_oembed_87b0613611ae54e86e8864265404b0a1":null,"_oembed_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_oembed_time_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_tldname":null,"_tldclean":null,"_tldpreis":null,"_tldcategory":null,"_tldsubcategory":null,"_tldpolicy":null,"_tldpolicylink":null,"_tldsize":null,"_tldregistrierungsdauer":null,"_tldtransfer":null,"_tldwhoisprivacy":null,"_tldregistrarchange":null,"_tldregistrantchange":null,"_tldwhoisupdate":null,"_tldnameserverupdate":null,"_tlddeletesofort":null,"_tlddeleteexpire":null,"_tldumlaute":null,"_tldrestore":null,"_tldbildname":null,"_tldbildurl":null,"_tld_bedeutung":null,"_tldbesonderheiten":null,"_oembed_ad96e4112edb9f8ffa35731d4098bc6b":null,"_oembed_8357e2b8a2575c74ed5978f262a10126":null,"_oembed_3d5fea5103dd0d22ec5d6a33eff7f863":null,"_eael_widget_elements":null,"_oembed_0d8a206f09633e3d62b95a15a4dd0487":null,"_oembed_time_0d8a206f09633e3d62b95a15a4dd0487":null,"_aioseo_description":null,"_eb_attr":null,"_eb_data_table":null,"_oembed_819a879e7da16dd629cfd15a97334c8a":null,"_oembed_time_819a879e7da16dd629cfd15a97334c8a":null,"_acf_changed":null,"_wpcode_auto_insert":null,"_edit_last":null,"_edit_lock":null,"_oembed_e7b913c6c84084ed9702cb4feb012ddd":null,"_oembed_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_time_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_03514b67990db061d7c4672de26dc514":null,"_oembed_time_03514b67990db061d7c4672de26dc514":null,"rank_math_news_sitemap_robots":"index","rank_math_robots":["index"],"_eael_post_view_count":"4777","_trp_automatically_translated_slug_ru_ru":null,"_trp_automatically_translated_slug_et":"postfix-certificate-verification-failed-for-gmail-smtp-in-l-google-com","_trp_automatically_translated_slug_lv":"postfix-certificate-verification-failed-for-gmail-smtp-in-l-google-com","_trp_automatically_translated_slug_fr_fr":null,"_trp_automatically_translated_slug_en_us":null,"_wp_old_slug":null,"_trp_automatically_translated_slug_da_dk":null,"_trp_automatically_translated_slug_pl_pl":null,"_trp_automatically_translated_slug_es_es":null,"_trp_automatically_translated_slug_hu_hu":null,"_trp_automatically_translated_slug_fi":"postfix-certificate-verification-failed-for-gmail-smtp-in-l-google-com","_trp_automatically_translated_slug_ja":"gmail-smtp-in-l-google-com-%e3%81%ae%e3%81%9f%e3%82%81%e3%81%ae-postfix-certificat-verification-%e3%81%ae%e5%a4%b1%e6%95%97","_trp_automatically_translated_slug_lt_lt":null,"_elementor_edit_mode":null,"_elementor_template_type":null,"_elementor_version":null,"_elementor_pro_version":null,"_wp_page_template":"default","_elementor_page_settings":null,"_elementor_data":null,"_elementor_css":null,"_elementor_conditions":null,"_happyaddons_elements_cache":null,"_oembed_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_time_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_time_3efb2c3e76a18143e7207993a2a6939a":null,"_oembed_59808117857ddf57e478a31d79f76e4d":null,"_oembed_time_59808117857ddf57e478a31d79f76e4d":null,"_oembed_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_time_965c5b49aa8d22ce37dfb3bde0268600":null,"_oembed_81002f7ee3604f645db4ebcfd1912acf":null,"_oembed_time_81002f7ee3604f645db4ebcfd1912acf":null,"_elementor_screenshot":null,"_oembed_7ea3429961cf98fa85da9747683af827":null,"_oembed_time_7ea3429961cf98fa85da9747683af827":null,"_elementor_controls_usage":null,"_elementor_page_assets":[],"_elementor_screenshot_failed":null,"theplus_transient_widgets":["tp-video-player"],"_eael_custom_js":null,"_wp_old_date":null,"_trp_automatically_translated_slug_it_it":null,"_trp_automatically_translated_slug_pt_pt":null,"_trp_automatically_translated_slug_zh_cn":null,"_trp_automatically_translated_slug_nl_nl":null,"_trp_automatically_translated_slug_pt_br":null,"_trp_automatically_translated_slug_sv_se":null,"rank_math_analytic_object_id":"1059","rank_math_internal_links_processed":null,"_trp_automatically_translated_slug_ro_ro":null,"_trp_automatically_translated_slug_sk_sk":null,"_trp_automatically_translated_slug_bg_bg":null,"_trp_automatically_translated_slug_sl_si":null,"litespeed_vpi_list":["webhostinglogo.png"],"litespeed_vpi_list_mobile":["webhostinglogo.png"],"rank_math_seo_score":null,"rank_math_contentai_score":null,"ilj_limitincominglinks":null,"ilj_maxincominglinks":null,"ilj_limitoutgoinglinks":null,"ilj_maxoutgoinglinks":null,"ilj_limitlinksperparagraph":null,"ilj_linksperparagraph":null,"ilj_blacklistdefinition":null,"ilj_linkdefinition":["postfix: ausgehende emails verschl\u00fcsselt \u00fcbertragen"],"_eb_reusable_block_ids":null,"rank_math_focus_keyword":null,"rank_math_og_content_image":null,"_yoast_wpseo_metadesc":"","_yoast_wpseo_content_score":null,"_yoast_wpseo_focuskeywords":null,"_yoast_wpseo_keywordsynonyms":null,"_yoast_wpseo_estimated-reading-time-minutes":null,"rank_math_description":null,"surfer_last_post_update":null,"surfer_last_post_update_direction":null,"surfer_keywords":null,"surfer_location":null,"surfer_draft_id":null,"surfer_permalink_hash":null,"surfer_scrape_ready":null,"_thumbnail_id":null,"footnotes":null,"_links":{"self":[{"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/posts\/4175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/comments?post=4175"}],"version-history":[{"count":0,"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/posts\/4175\/revisions"}],"wp:attachment":[{"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/media?parent=4175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/categories?post=4175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhosting.de\/en\/wp-json\/wp\/v2\/tags?post=4175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}