We'll start by generating the SSL certificates required for TLS:
# mkdir /etc/postfix/ssl # cd /etc/postfix/ssl/ # openssl genrsa -aes256 -rand /var/log/messages -out smtpd.key 2048 # chmod 600 smtpd.key # openssl req -new -key smtpd.key -out smtpd.csr # openssl x509 -req -days 9999 -in smtpd.csr -signkey smtpd.key -out smtpd.crt # openssl rsa -in smtpd.key -out smtpd.key.unencrypted # mv -f smtpd.key.unencrypted smtpd.key # openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 9999
