Advertisement
DragonHawk

main.cf fragment: relay to smart host

Dec 2nd, 2023 (edited)
976
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
SSH Config 1.76 KB | Software | 0 0
  1. ######################################################################
  2. # identification of this mail system
  3.  
  4. myorigin = server42.corp.contoso.com
  5. mydomain = corp.contoso.com
  6.  
  7. ######################################################################
  8. # relay control
  9.  
  10. # Controls are relaxed for members of $mynetworks (can relay mail, no rate
  11. # limits, can use some exploitable SMTP features, etc.).
  12. mynetworks =
  13.     127.0.0.0/8
  14.     [::1]/128
  15.     10.0.0.0/8
  16.     192.168.0.0/16
  17.  
  18. # Clients/remotes/scenarios to relay mail *for*.
  19. smtpd_relay_restrictions =
  20.     permit_mynetworks
  21.     reject_unauth_destination
  22.  
  23. ######################################################################
  24. # smart host - outgoing mail
  25.  
  26. # Send all outbound mail to this mail server (smart host)
  27. # Use "mail submission" protocol (TCP port 587)
  28. relayhost = [smtp.office365.com]:submission
  29.  
  30. # When talking to our smart host, use this name to identify ourselves.
  31. # Some mail hosts want a valid DNS name.
  32. #smtp_helo_name = outgoing.contoso.com
  33.  
  34. # We have to authenticate ourselves to our smart host using SASL
  35. smtp_sasl_auth_enable = yes
  36. smtp_sasl_type = cyrus
  37.  
  38. # Don't allow plaintext passwords if connection lacks SSL/TLS/encryption
  39. # If connection is encrypted, allow plain text passwords.
  40. # "noanonymous" is equiv to Sendmail "y" mailer flag.
  41. smtp_sasl_security_options     = noanonymous noplaintext
  42. smtp_sasl_tls_security_options = noanonymous
  43.  
  44. # Credentials to use for outgoing SMTP connections (when Postfix is
  45. # acting as an SMTP client).
  46. smtp_sasl_password_maps = cdb:/etc/postfix/outgoing_passwd
  47.  
  48. # Force SSL/TLS outbound, since we should only be talking to our smart host.
  49. # Further, require that the server's certificate verify against the CA root.
  50. smtp_tls_security_level  = verify
  51.  
  52. # END
  53.  
Tags: postfix
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement