Got it working. The error (TLS handshake failed: The TLS connection was non-properly terminated) seems to be caused by [ msmtp ] not supporting EC certificates.

Right, now I got then

...

service lmtp { unix_listener lmtp { #mode = 0666 }

  inet_listener lmtp { address = 172.24.109.6 port = 24 } } and [ msmtp ] is connecting indeed. Does TLS/STARTTLS need to be added to [ inet_listener lmtp ] in order to facilitate [ lmptps ]? If so what is the syntax?

Right now this error comes up:

...

msmtp: TLS handshake failed: The TLS connection was non-properly terminated. So what should be listening on port 262? Unix sockets are not tcp ports. You have lmtp as unix socket configured but want to access from remote via tcp socket? I think you need inet_listener instead of unix_ listener

...

looked into the [ dovecot wiki ] but a search for [ lmtps ] came up empty and thus hoping to get some assistance here.

I am trying to relay with [ msmtp ] via [ lmtps ] from a lan host other than [ dovecot ] is running on.

[ dovecot config ]

...

service lmtp { unix_listener lmtp { #mode = 0666 } [ ss -wxl | grep lmtp ] u_strLISTEN 0      100    /var/run/dovecot/lmtp 68262   * 0 So far so good. Now from the other lan host -> [ msmtp --serverinfo --tls --tls-certcheck=off --host=172.24.109.6 --protocol=lmtp --port=262 ] produces:

...

msmtp: cannot connect to 172.24.109.6, port 262: Connection refused