1,234
edits
Changes
→Postfix + TLS
We'll be generating our own, mostly in order to avoid paying for the certificate. We won't have too much time to get into the details of what all the following commands do. They are from [https://www.e-rave.nl/create-a-self-signed-ssl-key-for-postfix this blog post]. If you don't understand what he's talking about on that page but would like to understand - I'll again recommend the book Crypto by Steven Levy for reading outside this course.
Let's start with the "sending" SMTP server we have on VM2. Run the following, replacing andrewsmith.org with your own domain name:
Those commands will create a certificate, a certificate signing request, a certificate authority, and a sign your certificate with your certificate authority. Same as in the real world except there you would contact a real CA, here you're making up your own.
Currently your Thunderbird is set up to use vm2.yoursenecaid.org for an SMTP server, with no security. Change that to use STARTTLS instead (you can change it under account settings --> Outgoing Server). We haven't set up any user authentication, just an encrypted channel - so leave the authentication method at none.