Fix PostFix TLS is required, but our TLS engine is unavailable Error

In this guide we are going to show how to fix postfix “Delivery temporarily suspended: TLS is required, but our TLS engine is unavailable” error message.

When you received this error, now your server can’t send emails, this is because the invalid postfix configuration file. With a simple reconfiguration, we can fix this issue.

Most of the time, we configure Gmail or similar external SMTP mail service with our servers  PostFix MTA. It makes more reliable email delivery and security. This error occurs, there’s an error in an origin certificate or it’s not properly defined in your configuration file.

 

 

Ensure that the CA certificate file correct.

In this step we have to ensure that our system public root certificates correctly defined. In my situation this is the reason for “Delivery temporarily suspended: TLS is required, but our TLS engine is unavailable” error message.

 

email service

Ubuntu and Debian systems, public root certificates available in at /etc/ssl/certs/ca-certificates.crt directory. So make sure that your “main.cf” file correctly defined that certificate as bellow.

Then ensure that following setting also availale on postfix main.cf file, if it’s not in there, you can add.


Now restart postfix.


Send a test email via SSH terminal.

echo "Test Email from the new server" | mail -s "Test Subject" [email protected]

If the above step not worked for you, you can try the following steps.

 

Run Reconfiguration.

First, we have to ensure that our main configuration file doesn’t have any errors. So we can run following command line in SSH terminals.


The next prompt, select following options.

General type of mail configuration?: choose Internet.

System mail name: This is the base domain used to construct a valid email address. You can use your domain name for this.

Root and postmaster mail recipient: In our situation we set up external SMTP for mail servers, so you already added /etc/aliases to your root user external email address. If you are not added it in there, now type the email address that you need to deliver your emails.

Force synchronous updates on mail queue?: Select No option here.

Local networks: The default should work for most of the situation. So leave as its.

Mailbox size limit: Default it set as “0”. Which means it disables any size restriction.

Local address extension character: No need to change anything in here.

Internet protocols to use: Select “All” or any other suitable protocol.

 

Then add the following setting to your main.mc file (this example I used gmail SMTP setting, you can you your mail provider SMTP setting..


Now postfix automatically saves the above changes in “main. CF” file. Now run the following command to restart postfix.

Send a test email via SSH terminal.
echo "Test Email from the new server" | mail -s "Test Subject" [email protected]