main.cf:
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_auth_only=yes
smtpd_tls_security_level=may
master.cf:
submission inet n - - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_tls_wrappermode=no -o smtpd_tls_security_level=encrypt -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o syslog_name=postfix/submission -o milter_macro_daemon_name=ORIGINATING
systemctl restart postfix
firewall-cmd –add-port=587/tcp –permanent; firewall-cmd –reload