Postfix: SSL relayhost


Here is a quick workaround to make postfix use a remote server as a relay (aka “relayhost“) using SSL on port 465.

The idea is to setup a stunnel daemon on a random local port which will operates as an SSL TCP proxy to your real server.

Then, edit /etc/stunnel/stunnel.conf, comment the “cert = /etc/stunnel/mail.pem” line an any built-in proxy ([pop3s], [imaps]…).

Add a new section:

Enable stunnel daemon by setting ENABLED=1 in /etc/default/stunnel4.

Restart stunnel:

Add the following settings in /etc/postfix/

And restart the service:

You should now see something like this in your log file: