Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # see /usr/share/postfix/main.cf.dist for a commented, fuller
- # version of this file.
- # Do not change these directory settings - they are critical to Postfix
- # operation.
- command_directory = /usr/sbin
- daemon_directory = /usr/lib/postfix
- #program_directory = /usr/lib/postfix
- disable_vrfy_command = yes
- myhostname = hobbiton.<domain>.no
- mydestination = $myhostname
- mynetworks = 192.168.9.0/24, 192.168.99.0/24, 127.0.0.0/8, 192.168.100.0/24
- smtpd_banner = $myhostname ESMTP
- #smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
- setgid_group = postdrop
- biff = no
- # appending .domain is the MUA's job.
- append_dot_mydomain = no
- alias_maps = hash:/etc/aliases
- alias_database = hash:/etc/aliases
- virtual_mailbox_base = /var/spool/mail/virtual/
- virtual_uid_maps = static:102
- virtual_gid_maps = static:103
- # removed
- transport_maps = mysql:/etc/postfix/mysql_transport_maps.cf
- #virtual_maps = mysql:/etc/postfix/virtual.cf
- #virtual_mailbox_maps = proxy:mysql:/etc/postfix/mailbox.cf
- # added in the convertion from regular stupid db stuff to postfix admin
- # if anything breaks, comment out this and uncomment the previous paragraph
- virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
- virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
- virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
- virtual_transport = virtual
- #alias_maps = hash:/var/lib/mailman/data/aliases
- #virtual_maps = hash:/var/lib/mailman/data/virtual-mailman
- #owner_request_special = no
- # sasl related
- smtpd_sasl_type = dovecot
- smtpd_sasl_path = private/auth
- smtpd_sasl_auth_enable = yes
- smtpd_sasl_authenticated_header = yes
- broken_sasl_auth_clients = yes
- # tls
- smtp_use_tls = yes
- smtp_tls_loglevel = 1
- smtp_bind_address6 = 2a00:e08:xxxx:xxxx:xxxx:xxxx
- smtpd_use_tls = yes
- smtpd_tls_key_file = /etc/letsencrypt/live/mail.<domain>.no/privkey.pem
- smtpd_tls_cert_file = /etc/letsencrypt/live/mail.<domain>.no/cert.pem
- smtpd_tls_CAfile = /etc/letsencrypt/live/mail.<domain>.no/chain.pem
- smtpd_tls_loglevel = 1
- smtpd_tls_received_header = yes
- smtpd_tls_session_cache_timeout = 3600s
- smtpd_tls_security_level = may
- smtpd_tls_ciphers = high
- smtpd_tls_exclude_ciphers = aNULL, MD5, DES, 3DES, DES-CBC3-SHA, RC4-SHA, AES256-SHA, AES128-SHA
- tls_random_source = dev:/dev/urandom
- home_mailbox = Maildir/
- soft_bounce = no
- message_size_limit = 102400000
- virtual_mailbox_limit = 102400001
- mailbox_size_limit = 102400001
- # restrictions
- smtpd_recipient_restrictions =
- reject_unknown_sender_domain,
- reject_unknown_recipient_domain,
- permit_sasl_authenticated,
- permit_mynetworks,
- reject_invalid_helo_hostname,
- reject_unauth_destination,
- check_policy_service inet:127.0.0.1:10040,
- check_policy_service unix:private/policy-spf,
- permit
- smtpd_restriction_classes = check_postgrey
- check_postgrey = check_policy_service inet:127.0.0.1:60000
- smtpd_data_restrictions =
- reject_unauth_pipelining,
- permit
- content_filter = amavis:[127.0.0.1]:10024
- receive_override_options = no_address_mappings
- #transport_maps = mysql:/etc/postfix/transport.cf
- smtpd_helo_required = yes
- #inet_protocols = ipv4
- inet_protocols = all
- policy-spf_time_limit = 3600s
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
