main.cf
inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, und alle meine Domainnamen in kommaseparierter Liste #spam-schutz ? disable_vrfy_command = yes smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_recipient_restrictions = reject_invalid_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unknown_reverse_client_hostname, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, permit #reject_non_fqdn_hostname, smtpd_error_sleep_time = 1s smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 #ggf. vorhandene Einstellungen auskommentieren
/etc/xinetd.d/pop3s
service pop3s
{
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/sbin/popper
server_args = -f /etc/qpopper-tls.conf
}
Anlegen eines Zertifikats im Verzeichnis /etc/postfix
openssl req -new -x509 -nodes -out servername.pem -keyout servername.pem -days 3650
/etc/postfix/qpopper-tls.conf
set tls-support = alternate-port set tls-version = default set tls-server-cert-file = /etc/postfix/servername.pem