Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # See /usr/share/postfix/main.cf.dist for a commented, more complete version
- # Debian specific: Specifying a file name will cause the first
- # line of that file to be used as the name. The Debian default
- # is /etc/mailname.
- # myorigin = /etc/mailname
- mail_name = elitemail.hu Daemon
- smtpd_banner = $mail_name. All Spam Is Reported. ESMTP
- ### Default user to deliver mail to (NEVER ENABLE)
- luser_relay =
- ### The myorigin parameter specifies the domain that appears in mail that is posted on/through this machine.
- append_dot_mydomain = no
- append_at_myorigin = yes
- ### Who delivers the mail (never root for security).
- mail_owner = postfix
- setgid_group = postdrop
- ### How much of the message in bytes will be bounced back to the sender.
- bounce_size_limit = 1000
- ### Message Restrictions
- header_checks = regexp:/etc/postfix/header_checks
- # Uncomment the next line to generate "delayed mail" warnings
- ### How long do messages stay in the queue before being sent back to the sender. (in days)
- ### By default, postfix attempts to resend the message every (1000 secs)x(# attempts)x(days).
- bounce_queue_lifetime = 4h
- maximal_queue_lifetime = 4h
- delay_warning_time = 1h
- ### Parallel delivery force (local=2 and dest=20 are aggressive)
- local_destination_concurrency_limit = 2
- default_destination_concurrency_limit = 20
- ### Max flow rate (1 sec delay per 50 emails/sec over the number of emails delivered/sec)
- in_flow_delay = 1s
- ### Require strict RFC 821-style envelope addresses
- strict_rfc821_envelopes = yes
- ### Limit the info given to outside servers
- show_user_unknown_table_name = no
- ### no one needs to ask our server who is on it
- disable_vrfy_command = yes
- ### clients must send a HELO (or EHLO) command at the beginning of an SMTP session.
- smtpd_helo_required = yes
- ### Notification and delimiter
- biff = no
- recipient_delimiter = +
- #### user%domain != user@domain
- allow_percent_hack = no
- #### user!domain != user@domain
- swap_bangpath = no
- ### Tarpit until RCPT TO: to reject the email for nagios compatability
- smtpd_delay_reject = no
- ### Tarpit those bots/clients/spammers who send errors or scan for accounts
- smtpd_error_sleep_time = 20
- smtpd_soft_error_limit = 1
- smtpd_hard_error_limit = 3
- smtpd_junk_command_limit = 2
- ### Reject codes
- access_map_reject_code = 554
- invalid_hostname_reject_code = 554
- maps_rbl_reject_code = 554
- multi_recipient_bounce_reject_code = 554
- non_fqdn_reject_code = 554
- plaintext_reject_code = 554
- reject_code = 554
- relay_domains_reject_code = 554
- unknown_address_reject_code = 554
- unknown_client_reject_code = 450
- unknown_hostname_reject_code = 450
- unknown_local_recipient_reject_code = 554
- unknown_relay_recipient_reject_code = 554
- unknown_virtual_alias_reject_code = 554
- unknown_virtual_mailbox_reject_code = 554
- unverified_recipient_reject_code = 554
- unverified_sender_reject_code = 554
- readme_directory = /usr/share/doc/postfix
- # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
- # information on enabling SSL in the smtp client.
- mydomain = $myhostname
- myhostname = mail.elitemail.hu
- alias_maps = hash:/etc/aliases
- alias_database = hash:/etc/aliases
- myorigin = $myhostname
- mydestination = $myhostname, localhost.$mydomain $mydomain, localhost
- mynetworks_style = host
- relayhost =
- mynetworks = 127.0.0.0/8
- ### SMTP Auth
- smtp_tls_security_level = may
- smtpd_tls_security_level = may
- smtpd_tls_auth_only = yes
- smtpd_use_tls = yes
- smtpd_sasl_local_domain = $myhostname
- smtpd_sasl_auth_enable = yes
- smtpd_sasl_type = cyrus
- local_recipient_maps =
- smtp_tls_loglevel = 1
- smtp_use_tls = yes
- smtp_tls_auth_only = yes
- smtp_tls_note_starttls_offer = yes
- smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
- smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
- smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
- smtpd_tls_loglevel = 1
- smtpd_tls_received_header = yes
- smtpd_tls_session_cache_timeout = 3600s
- tls_random_source = dev:/dev/urandom
- smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
- smtpd_sasl_security_options = noanonymous
- broken_sasl_auth_clients = yes
- smtpd_sasl_authenticated_header = yes
- smtpd_sasl_application_name = smtpd
- smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
- ### DK - DKIM - SPF
- milter_default_action = accept
- milter_protocol = 2
- smtpd_milters = inet:localhost:12345,inet:localhost:12346
- non_smtpd_milters = inet:localhost:12345,inet:localhost:12346
- spf-policyd_time_limit = 3600s
- ### SMTP Restrictions
- smtpd_client_restrictions = permit_mynetworks,
- reject_invalid_hostname,
- reject_rbl_client zen.spamhaus.org,
- reject_rbl_client sbl.spamhaus.org,
- reject_rbl_client blackholes.easynet.nl,
- reject_rbl_client dnsbl.njabl.org,
- check_client_access hash:/etc/postfix/helo_client_exceptions,
- reject_unknown_client
- smtpd_helo_restrictions = permit_mynetworks,
- check_helo_access hash:/etc/postfix/helo_access,
- check_helo_access regexp:/etc/postfix/helo.regexp,
- reject_unauth_pipelining,
- reject_invalid_hostname,
- reject_unknown_hostname,
- warn_if_reject reject_unknown_helo_hostname
- ### When changing sender_checks, this file must be regenerated using postmap <file>, to generate a Berkeley DB
- smtpd_recipient_restrictions = permit_mynetworks,
- permit_sasl_authenticated,
- reject_unauth_destination,
- check_policy_service unix:private/policy-spf,
- check_policy_service inet:127.0.0.1:60000,
- check_sender_access hash:/etc/postfix/sender_checks,
- check_client_access hash:/etc/postfix/helo_client_exceptions,
- check_client_access hash:/etc/postfix/rbl_client_exceptions,
- reject_non_fqdn_recipient,
- reject_invalid_hostname,
- reject_unauth_pipelining,
- reject_unknown_recipient_domain,
- reject_unknown_client,
- reject_unknown_sender_domain,
- reject_rbl_client cbl.abuseat.org,
- reject_rbl_client sbl-xbl.spamhaus.org,
- reject_rbl_client bl.spamcop.net,
- reject_rhsbl_sender dsn.rfc-ignorant.org
- ### When changing rbl_clinet_exeptions, this file must be regenerated using postmap <file>, to generate a Berkeley DB
- smtpd_sender_restrictions = permit_mynetworks,
- permit_sasl_authenticated,
- reject_unknown_sender_domain,
- reject_unauth_pipelining
- smtpd_etrn_restrictions = permit_mynetworks,
- reject
- smtpd_data_restrictions = reject_unauth_pipelining,
- reject_multi_recipient_bounce
- ### 1GB
- mailbox_size_limit = 1073741824
- mailbox_command = procmail -a "$EXTENSION"
- inet_interfaces = all
- inet_protocols = all
- virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
- virtual_gid_maps = static:5000
- virtual_mailbox_base = /home/virtual
- virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
- virtual_mailbox_limit = 0
- virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
- virtual_minimum_uid = 5000
- virtual_transport = virtual
- virtual_uid_maps = static:5000
- virtual_create_maildirsize = yes
- virtual_mailbox_extended = yes
- virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
- virtual_mailbox_limit_override = yes
- virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later. A felhasznalo postafiokja megtelt, probalja meg kesobb elkuldeni a levelet.
- virtual_maildir_extended = yes
- virtual_overquota_bounce = yes
- virtual_alias_domains =
- transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
- proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
- content_filter = amavis:[127.0.0.1]:10024
- receive_override_options = no_address_mappings
- html_directory = no
Advertisement
Add Comment
Please, Sign In to add comment
