DevHeads.net

Encrypt outgoing emails.

All,

We are not getting our emails stuck in the spam folders of gmail but they are saying our emails are not encrypted.

The emails received show a "red padlock" and when you click on the pad lock it says we are not encrypting our emails.

I thought I have the correct settings to encrypt our outgoing emails, but I see the following errors in my log files.

::::::::::::::
Error
::::::::::::::

Oct 4 10:03:05 posta postfix/smtpd[29824]: [ID 947731 mail.crit] fatal: unexpected command-line argument: !SSLv3,
Oct 4 10:03:06 posta postfix/master[27581]: [ID 947731 mail.warning] warning: process /usr/local/tools/postfix/libexec/smtpd pid 29814 exit status 1
Oct 4 10:03:06 posta postfix/master[27581]: [ID 947731 mail.warning] warning: /usr/local/tools/postfix/libexec/smtpd: bad command startup -- throttling
Oct 4 10:03:06 posta postfix/master[27581]: [ID 947731 mail.warning] warning: process /usr/local/tools/postfix/libexec/smtpd pid 29815 exit status 1
Oct 4 10:03:06 posta postfix/master[27581]: [ID 947731 mail.warning] warning: process /usr/local/tools/postfix/libexec/smtpd pid 29824 exit status 1

I do not understand why !SSLv3 is an "unexpected command-line argument".

Below is the postconf -nf and postconf -Mf output.

What am I doing incorrectly or missing to encrypt our outgoing emails.?

::::::::::::::
postconf-nf
::::::::::::::

alias_database = dbm:/postfix/etc/aliases
alias_maps = dbm:/postfix/etc/aliases
command_directory = /usr/local/tools/postfix/bin
config_directory = /usr/local/tools/postfix/etc
daemon_directory = /usr/local/tools/postfix/libexec
data_directory = /usr/local/tools/postfix/lib
debug_peer_level = 1
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_size_limit = 524288000
mailq_path = /usr/local/tools/postfix/bin/mailq
manpage_directory = /usr/local/tools/postfix/man
masquerade_domains = $mydomain
message_size_limit = 20971520
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = example.com
myhostname = email_server.example.com
mynetworks = $config_directory/mynetworks
myorigin = $mydomain
newaliases_path = /usr/local/tools/postfix/bin/newaliases
queue_directory = /usr/local/tools/postfix/mqueue
readme_directory = no
remote_header_rewrite_domain = $mydomain
sample_directory = /usr/local/tools/postfix/etc
sendmail_path = /usr/local/tools/postfix/bin/sendmail
setgid_group = postdrop
smtp_tls_CAfile = /dovecot/certs/2020/ov_networksolutionsovserverca2.crt
smtp_tls_cert_file =
/usr/local/tools/dovecot/certs/2020/email_server.example.com.crt
smtp_tls_exclude_ciphers = RC4, aNULL, DES, 3DES
smtp_tls_key_file =
/usr/local/tools/dovecot/certs/2020/2020.email_server.example.com.key
smtp_tls_loglevel = 1
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_banner = OUTPUT SERVICES INC.
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated
reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net,
reject_unauth_destination, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_non_fqdn_recipient,
reject_unknown_recipient_domain, reject_unauth_pipelining,
reject_unknown_client, reject_unknown_client_hostname,
reject_invalid_hostname, reject_non_fqdn_hostname
smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks,
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = /usr/local/tools/postfix/mqueue/private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks,
defer_unauth_destination
smtpd_tls_CAfile = /dovecot/certs/2020/ov_networksolutionsovserverca2.crt
smtpd_tls_auth_only = yes
smtpd_tls_cert_file =
/usr/local/tools/dovecot/certs/2020/email_server.example.com.crt
smtpd_tls_exclude_ciphers = RC4, aNULL, DES, 3DES
smtpd_tls_key_file =
/usr/local/tools/dovecot/certs/2020/2020.email_server.example.com.key
smtpd_tls_loglevel = 1
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550

::::::::::::::
postconf-Mf
::::::::::::::

smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o smtpd_tls_security_level=may
-o smtp_tls_security_level=may
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSv1.1
-o smtpd_sasl_security_options=noanonymous
-o broken_sasl_auth_clients=yes
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache