main.cf

1. myhostname = mail.pleskan.co.ua
2. myorigin = mail.pleskan.co.ua
3. mynetworks = 127.0.0.0/8 91.214.114.117/32
4. mydestination = $myhostname, localhost.$mydomain, localhost
5. mailbox_size_limit = 0
6. message_size_limit = 15728640
7.  
8. inet_interfaces = all
9. inet_protocols = ipv4
10.  
11. # Текст приветственного баннера, который отображается после кода состояния 220 в SMTP
12. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
13.  
14. # Не использовать biff программу доставки новх сообщений
15.  
16. biff = no
17.  
18. # Запрет автоматического дополнения неполного доменного имени в адресе письма
19.  
20. append_dot_mydomain = no
21.  
22. # Meханизм поиска SMTP клиента.
23. # dns - через dns (умолчание)
24. # native - использование the native naming service only (nsswitch.conf, or equivalent mechanism)..
25. # dns, native - Use the native service for hosts not found in the DNS.
26.  
27. # smtp_host_lookup = native
28.  
29. # SMTP server response code when recipient or domain not found.
30. unknown_local_recipient_reject_code = 550
31.  
32. debugger_command =
33. PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
34. ddd $daemon_directory/$process_name $process_id & sleep 5
35.  
36. debug_peer_level = 2
37.  
38. # Тип почтового ящика
39.  
40. home_mailbox = Maildir/
41. recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
42.  
43. # TLS конфигурация
44.  
45. smtpd_tls_security_level = may
46. smtpd_tls_cert_file=/etc/ssl/certs/postfixcert.pem
47. smtpd_tls_key_file=/etc/postfix/certificate/smtpd.key
48. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
49. smtpd_tls_session_cache_database = btree:${data_directory}/smtp_scache
50. smtpd_tls_loglevel = 1
51. smtpd_tls_received_header = yes
52.  
53. # MySQL конфигурация
54.  
55. virtual_alias_domains =
56. virtual_alias_maps = proxy:mysql:/etc/postfix/mysqlconf/virtual_forwardings.cf, mysql:/etc/postfix/mysqlconf/virtual_email2email.cf
57. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysqlconf/virtual_domains.cf
58. virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysqlconf/virtual_mailboxes.cf
59. virtual_mailbox_base = /var/vmail
60. virtual_uid_maps = static:5000
61. virtual_gid_maps = static:5000
62.  
63. # SASL конфигурация
64.  
65. smtpd_sasl_auth_enable = yes
66. smtpd_sasl_authenticated_header = yes
67. smtpd_sasl_local_domain = $myhostname
68. smtpd_sasl_security_options = noanonymous
69. smtpd_sasl_type = dovecot
70. smtpd_sasl_path = private/auth
71. broken_sasl_auth_clients = yes
72.  
73. # Чтение карт через прокси (разделение для многих пользователей).
74. # ! Перед предикатами mysql: для разделения указывется proxy:
75. # Пример: virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysqlconf/virtual_mailboxes.cf
76.  
77. proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
78.  
79. # Доставка почты
80.  
81. virtual_transport = dovecot
82.  
83. # Алиасы
84. alias_maps = hash:/etc/aliases
85. alias_database = hash:/etc/aliases
86.  
87. # Настройка ограничений SMTPD (получить полную информацию о клиенте)
88. # потом начинать разбирать ограничения.
89.  
90. smtpd_delay_reject = yes
91.  
92. smtpd_client_restrictions =
93. permit_mynetworks,
94. permit_sasl_authenticated,
95. permit
96.  
97. smtpd_helo_restrictions =
98. permit_mynetworks,
99. permit_sasl_authenticated,
100. reject_invalid_helo_hostname,
101. reject_non_fqdn_helo_hostname,
102. reject_unknown_helo_hostname,
103. permit
104. smtpd_sender_restrictions =
105. permit_mynetworks,
106. reject_non_fqdn_sender,
107. permit_sasl_authenticated,
108. permit
109.  
110. smtpd_recipient_restrictions =
111. reject_non_fqdn_recipient,
112. reject_unknown_recipient_domain,
113. reject_unlisted_recipient,
114. permit_mynetworks,
115. permit_sasl_authenticated,
116. reject_unknown_sender_domain,
117. reject_rbl_client sbl.spamhaus.org,
118. reject_rbl_client dnsbl-1.uceprotect.net,
119. reject_rbl_client ix.dnsbl.manitu.net,
120. reject_rbl_client bl.spamcop.net,
121. reject_rbl_client access.redhawk.org,
122. reject_rbl_client bl.deadbeef.com,
123. reject_rbl_client dnsbl.cyberlogic.net,
124. reject_rbl_client dul.ru,
125. reject_rbl_client korea.services.net,
126. reject_unknown_client_hostname,
127. reject_unauth_pipelining,
128. reject_unauth_destination,
129. permit
130.  
131. smtpd_data_restrictions =
132. permit_mynetworks,
133. permit_sasl_authenticated,
134. reject_unauth_pipelining,
135. permit
136.  
137. smtpd_end_of_data_restrictions =
138. permit_mynetworks,
139. permit_sasl_authenticated,
140. reject_multi_recipient_bounce,
141. permit
142. milter_default_action = accept
143. milter_protocol = 2
144. smtpd_milters = inet:localhost:12301
145. non_smtpd_milters = inet:localhost:12301