/etc/postfix/main.cf

1. # These are all default Postfix settings that we won't change
2. alias_maps = hash:/etc/aliases
3. alias_database = hash:/etc/aliases
4. append_dot_mydomain = no
5. biff = no
6. broken_sasl_auth_clients = yes
7. inet_interfaces = all
8. mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}"
9. mailbox_size_limit = 0
10. myorigin = /etc/mailname
11. readme_directory = no
12. recipient_delimiter = +
13. relayhost =
14. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
15. smtpd_sasl_auth_enable = yes
16. smtpd_sasl_authenticated_header = yes
17. smtpd_sasl_path = private/dovecot-auth
18. smtpd_sasl_security_options = noanonymous
19. smtpd_sasl_local_domain = $myhostname
20. smtpd_sasl_type = dovecot
21. smtpd_tls_auth_only = yes
22. smtpd_tls_received_header = yes
23. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
24. tls_random_source = dev:/dev/urandom
25.  
26. ## Settings below this line are things we're modifying or adding
27.  
28. ## Your mail server identity options
29. myhostname = mail.example.com
30. mydestination =  mail.example.com, example.com, localhost.de, localhost
31. mynetworks = 127.0.0.0/8 192.168.91.0/24 [::ffff:127.0.0.0]/104 [::1]/128
32.  
33. ## Customized smtpd paramters
34. smtpd_banner = $myhostname ESMTP
35. smtpd_helo_required = yes
36. smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, permit
37. smtpd_recipient_restrictions = reject_unknown_client_hostname, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_sender
38. smtpd_sender_restrictions = reject_unknown_sender_domain, reject_sender_login_mismatch
39. smtpd_sender_login_maps = $virtual_mailbox_maps
40.  
41. ## Dealing with rejection: use permanent 550 errors to stop retries
42. unknown_address_reject_code = 550
43. unknown_hostname_reject_code = 550
44. unknown_client_reject_code = 550
45.  
46. ## customized TLS parameters
47. smtpd_tls_ask_ccert = yes
48. smtpd_tls_cert_file = /etc/ssl/certs/ssl_main.crt
49. smtpd_tls_key_file = /etc/ssl/private/ssh_main_insecure
50. smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
51. smtpd_tls_ciphers = high
52. smtpd_tls_loglevel = 1
53. smtpd_tls_security_level = may
54. smtpd_tls_session_cache_timeout = 3600s
55.  
56. ## Customized Dovecot and virtual user-specific settings
57. canonical_maps = hash:/etc/postfix/canonical
58. home_mailbox = Maildir/
59. message_size_limit = 104857600
60. virtual_alias_maps = hash:/etc/postfix/virtual
61. virtual_mailbox_domains = hash:/etc/postfix/virtual-mailbox-domains
62. virtual_mailbox_maps = hash:/etc/postfix/virtual-mailbox-users
63. virtual_transport = dovecot
64.  
65. ## This setting will generate an error if you restart Postfix before
66. ## adding the appropriate service definition in master.cf, so make
67. ## sure to get that taken care of!
68. dovecot_destination_recipient_limit = 1
69.  
70. # Customized milter settings
71. milter_default_action = accept
72. milter_connect_macros = j {daemon_name} v {if_name} _
73. non_smtpd_milters = $smtpd_milters
74. smtpd_milters = unix:/spamass/spamass.sock unix:/clamav/clamav-milter.ctl unix:/opendkim/opendkim.sock
75.  
76. ## Other customized mail server settings
77. default_destination_concurrency_limit = 5
78. disable_vrfy_command = yes
79. relay_destination_concurrency_limit = 1
80. smtp_tls_note_starttls_offer = yes
81. smtp_tls_security_level = may
82.  
83. # addeded by marcel 10.10.2014
84. virtual_minimum_uid = 100
85. virtual_uid_maps = static:5000
86. virtual_gid_maps = static:5000