As you may have been informed, gmail has this new feature which indicates whether an emailr was encrypted or not.
"In Gmail on your computer, you can check that a message you’ve received was sent over TLS by clicking the small down arrow at the top-left of the email and reading the message details.
If you see a red open padlock icon on a message you’ve received, or on one you’re about to send, it means that the message may not be encrypted."
My problem is, that my sent and received emails have this indicator. I use ssl in case of all my sites and I use tls(Secured connection on port 587 using TLS) when I send my emails from gmail though my server.
What should I do in order to remove this red indicator? is it possible to force dovecot and postfix to use only tls? Would it solve the problem?
postfix -> SMTP Client Options -> Use TLS for SMTP connections -> yes
Do you know if there is any issue enabling that? Does it work without out mail server having a SSL? Thanks
I haven’t got any issues since I enabled it, although you need to have checked the SSL website option in case of your domains so virtualmin generates ssl certificates for them. Afterwards you can send the certificate to dovecot or postfix if you haven’t done it yet.
Great! Depending on your postfix version, you may want to not actually use smtp_use_tls, as it was made obsolete in Postfix 2.3 and higher. The correct setting in later postfix for opportunistic TLS is:
smtp_tls_security_level = may
(Read for more info: http://www.postfix.org/postconf.5.html#smtp_tls_security_level)
The commands to add TLS you can find here:
Actually, in the console, just type:
sudo postconf -e ‘smtp_tls_security_level = may’
sudo postconf -e ‘smtpd_tls_security_level = may’
sudo postconf -e ‘smtp_tls_note_starttls_offer = yes’
Because the certs you already installed by Virtualmin.
This will remove the Gmail´s red padlock.