postfix configuration: local email forwarding with smtps




I have issues configuring postfix to send the server's local emails to an external mail server.

My (small-)server (hostname: is located at my house and has therefore a dynamic IP. I want to get informed what is happening on it, so I want it to send/forward the/all local emails/logs (smartd, cron, ...) to an external mail server (, email to log(at) The email should therefore be sent to the server via SMTP with SSL (like sending email using thunderbird...).
(please correct me, when I'm wrong...)

My current non-working postfix configuration:
--  /etc/postfix/
relayhost = []
smtp_generic_maps = hash:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noplaintext, noanonymous
smtp_sasl_tls_security_options = $smtp_sasl_security_options
smtp_tls_security_level = encrypt
-- /etc/postfix/generic:
(at)    log(at)
-- /etc/postfix/sasl_passwd:
[]    usr:password

After postfix restart, I try:
echo MyTestMail | mail -s Test log(at)
and receive no mail but the /var/log/maillog says:
certificate verification failed for[IP]:25: untrusted issuer /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=PositiveSSL CA
warning: SASL authentication failure: No worthy mechs found

I interpret this as follows:
(1) postifx is missing the CA's certificate
(2) compared (wireshark) to sending an email using thunderbird, postfix tries to connect to port 25. should't it be 465 instead?

to (1)
I found the following URL, but I'm not sure which one's the right file (URL tags not yet allowed, thus using CODE...):

Supposed I have downloaded the right file to /etc/postfix/certs/ which postfix parameters do I need to change, and how? (sth. like smtp_tls_CAfile?)

Thanks for any help,
-- grabowski

Members online

Latest posts