SHOW:
|
|
- or go back to the newest paste.
1 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version | |
2 | ||
3 | ||
4 | # Debian specific: Specifying a file name will cause the first | |
5 | # line of that file to be used as the name. The Debian default | |
6 | # is /etc/mailname. | |
7 | #myorigin = /etc/mailname | |
8 | ||
9 | smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) | |
10 | biff = no | |
11 | ||
12 | # appending .domain is the MUA's job. | |
13 | append_dot_mydomain = no | |
14 | ||
15 | # Uncomment the next line to generate "delayed mail" warnings | |
16 | #delay_warning_time = 4h | |
17 | ||
18 | readme_directory = no | |
19 | ||
20 | # TLS parameters | |
21 | #smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem | |
22 | #smtpd_tls_key_file = /etc/ssl/private/iRedMail.key | |
23 | smtpd_tls_cert_file = /etc/ssl/certs/example.com-combined.crt | |
24 | smtpd_tls_key_file = /etc/ssl/private/example.com.key | |
25 | ||
26 | smtpd_use_tls=yes | |
27 | smtpd_tls_always_issue_session_ids = no | |
28 | smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | |
29 | smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |
30 | ||
31 | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | |
32 | # information on enabling SSL in the smtp client. | |
33 | ||
34 | myhostname = email2.example.com | |
35 | alias_maps = hash:/etc/postfix/aliases | |
36 | alias_database = hash:/etc/postfix/aliases | |
37 | myorigin = email2.example.com | |
38 | mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname | |
39 | relayhost = | |
40 | - | # mailsrv.socdem.cz / 62.168.37.42/32 muze posilat maily jako my |
40 | + | mynetworks = 127.0.0.0/8 |
41 | - | mynetworks = 127.0.0.0/8 82.113.47.192/29 62.168.37.42/32 194.213.194.163/32 |
41 | + | |
42 | recipient_delimiter = + | |
43 | inet_interfaces = all | |
44 | inet_protocols = ipv4 | |
45 | virtual_alias_domains = | |
46 | allow_percent_hack = no | |
47 | swap_bangpath = no | |
48 | mydomain = example.com | |
49 | mynetworks_style = subnet | |
50 | smtpd_data_restrictions = reject_unauth_pipelining | |
51 | smtpd_reject_unlisted_recipient = yes | |
52 | smtpd_reject_unlisted_sender = yes | |
53 | smtpd_sender_restrictions = permit_mynetworks, reject_authenticated_sender_login_mismatch, permit_sasl_authenticated | |
54 | delay_warning_time = 0h | |
55 | maximal_queue_lifetime = 4h | |
56 | bounce_queue_lifetime = 4h | |
57 | proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions | |
58 | smtp_data_init_timeout = 240s | |
59 | smtp_data_xfer_timeout = 600s | |
60 | smtpd_helo_required = yes | |
61 | smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre | |
62 | queue_run_delay = 300s | |
63 | minimal_backoff_time = 300s | |
64 | maximal_backoff_time = 4000s | |
65 | enable_original_recipient = no | |
66 | disable_vrfy_command = yes | |
67 | home_mailbox = Maildir/ | |
68 | allow_min_user = no | |
69 | message_size_limit = 15728640 | |
70 | virtual_minimum_uid = 2000 | |
71 | virtual_uid_maps = static:2000 | |
72 | virtual_gid_maps = static:2000 | |
73 | virtual_mailbox_base = /home/vmail | |
74 | transport_maps = proxy:pgsql:/etc/postfix/pgsql/transport_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/transport_maps_domain.cf | |
75 | virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.cf | |
76 | virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf | |
77 | virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_maps.cf, proxy:pgsql:/etc/postfix/pgsql/catchall_maps.cf, proxy:pgsql:/etc/postfix/pgsql/domain_alias_catchall_maps.cf | |
78 | sender_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/sender_bcc_maps_domain.cf | |
79 | recipient_bcc_maps = proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_user.cf, proxy:pgsql:/etc/postfix/pgsql/recipient_bcc_maps_domain.cf | |
80 | relay_domains = $mydestination, proxy:pgsql:/etc/postfix/pgsql/relay_domains.cf | |
81 | smtpd_sender_login_maps = proxy:pgsql:/etc/postfix/pgsql/sender_login_maps.cf | |
82 | smtpd_sasl_auth_enable = yes | |
83 | smtpd_sasl_local_domain = | |
84 | broken_sasl_auth_clients = yes | |
85 | smtpd_sasl_security_options = noanonymous | |
86 | smtpd_sasl_authenticated_header = no | |
87 | smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_sasl_authenticated, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_mynetworks, reject_unauth_destination | |
88 | smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031 | |
89 | smtpd_tls_security_level = may | |
90 | smtpd_tls_loglevel = 0 | |
91 | smtpd_tls_CAfile = /etc/ssl/certs/iRedMail_CA.pem | |
92 | tls_random_source = dev:/dev/urandom | |
93 | mailbox_command = /usr/lib/dovecot/deliver | |
94 | virtual_transport = dovecot | |
95 | dovecot_destination_recipient_limit = 1 | |
96 | smtpd_sasl_type = dovecot | |
97 | smtpd_sasl_path = ./dovecot-auth | |
98 | content_filter = smtp-amavis:[127.0.0.1]:10024 | |
99 | smtp-amavis_destination_recipient_limit = 1 |