SHARE
TWEET

main.cf

ericroot Aug 13th, 2013 35 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Global Postfix configuration file.  This file lists only a small subset
  2. # of all parameters.  For the syntax, and for a complete parameter list,
  3. # see the postconf(5) manual page.  For a commented and more complete
  4. # version of this file see /etc/postfix/main.cf.dist
  5.  
  6. #mailbox_command = /usr/bin/procmail -a $DOMAIN -d $LOGNAME
  7.  
  8. mailbox_command = /usr/libexec/dovecot/deliver
  9.  
  10. virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
  11. virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
  12. virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
  13.  
  14. virtual_uid_maps = static:501
  15. virtual_gid_maps = static:501
  16. virtual_transport = dovecot
  17.  
  18. mynetworks = 127.0.0.1 xxx.xxx.xxx.xxx/32 10.0.0.33/32
  19. mailbox_size_limit = 51200000
  20. message_size_limit = 20480000
  21.  
  22. ### TLS
  23. # Настройки TLS для приема почты сервером от клиентов
  24.  
  25. smtpd_tls_cert_file = /var/lib/ssl/certs/postfix.pem
  26. smtpd_tls_key_file = /var/lib/ssl/private/postfix.pem
  27. smtpd_use_tls = no
  28. smtpd_tls_loglevel = 1
  29. smtpd_tls_auth_only = no
  30. smtpd_tls_received_header = yes
  31. smtpd_tls_session_cache_timeout = 3600s
  32.  
  33. smtpd_sasl_type = dovecot
  34. smtpd_sasl_path = private/auth
  35. smtpd_sasl_auth_enable = yes
  36. smtpd_sasl_authenticated_header = yes
  37.  
  38. smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
  39.  
  40. # Откладываем принятие решений о письме до стадии RCPT TO, чтобы получить всю информацию о письме (кому, от кого, и т.д.)
  41. smtpd_delay_reject = yes
  42.  
  43. # Требуем HELO в начале SMTP сессии
  44. smtpd_helo_required = yes
  45. smtpd_sender_login_maps = mysql:/etc/postfix/mysql-check-sender.cf
  46.  
  47. # Настройки TLS для отправки почты сервером на другие сервера
  48.  
  49. smtp_tls_cert_file = /var/lib/ssl/certs/postfix.pem
  50. smtp_tls_key_file = /var/lib/ssl/private/postfix.pem
  51. smtp_use_tls = no
  52. smtp_tls_loglevel = 1
  53. smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache
  54.  
  55. tls_random_source = dev:/dev/urandom
  56. inet_interfaces = all
  57. strict_rfc821_envelopes = yes
  58. disable_vrfy_command = yes
  59.  
  60. smtpd_client_restrictions =
  61.             permit_sasl_authenticated
  62.             permit_mynetworks
  63.             reject_unknown_reverse_client_hostname
  64.             permit
  65.  
  66. smtpd_helo_restrictions =
  67.             permit_sasl_authenticated
  68.             permit_mynetworks
  69. #           check_helo_access pcre:/etc/postfix/checks/helo_checks.pcre
  70.             reject_invalid_helo_hostname
  71.             reject_non_fqdn_helo_hostname
  72.             reject_unknown_helo_hostname
  73.             permit
  74.  
  75. smtpd_sender_restrictions =
  76. #           reject_sender_login_mismatch
  77. #           reject_unauthenticated_sender_login_mismatch
  78.             reject_authenticated_sender_login_mismatch
  79.             permit_sasl_authenticated
  80.             permit_mynetworks
  81.             reject_non_fqdn_sender
  82.             reject_unknown_sender_domain
  83.  
  84. smtpd_recipient_restrictions =
  85.             permit_mynetworks,
  86.             permit_sasl_authenticated,
  87.             reject_unauth_destination,
  88.             reject_unauth_pipelining,
  89.             reject_invalid_hostname,
  90.             reject_non_fqdn_hostname,
  91.             reject_non_fqdn_recipient,
  92.             reject_unknown_recipient_domain,
  93.             reject_unlisted_recipient,
  94.             reject_rbl_client dnsbl.sorbs.net
  95. #            check_recipient_access pcre:/etc/postfix/dspam_incoming
  96.             permit
  97. #           check_policy_service inet:127.0.0.1:10023
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top