Home / Security / How do I enable SSL/TLS in Dovecot mail server?

How do I enable SSL/TLS in Dovecot mail server?

Dovecot logoDovecot is a popular POP3/IMAP server for Unix-like operating systems. It is available through most distributions, including RHEL, CentOS, and Fedora. To enable secure mail transactions, you will need to edit your /etc/dovecot.conf file as root.

Uncomment the following lines:

# Disable SSL/TLS support?
ssl_disable = no

# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf

ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
ssl_key_file = /etc/pki/dovecot/private/dovecot.pem

You can also optionally disable non-secure logins:

disable_plaintext_auth = yes

Finally, you need to restart dovecot:

service dovecot restart

Check Also

physical servers security

Colocation sever security

Collocation is the movement of the servers from an in house location usually to a …