main.cf

1. # See /usr/share/postfix/main.cf.dist for a commented, more complete version
2.  
3.  
4. # Debian specific:  Specifying a file name will cause the first
5. # line of that file to be used as the name.  The Debian default
6. # is /etc/mailname.
7. myorigin = /etc/mailname
8.  
9. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
10. biff = no
11.  
12. # appending .domain is the MUA's job.
13. append_dot_mydomain = no
14.  
15. # Uncomment the next line to generate "delayed mail" warnings
16. #delay_warning_time = 4h
17. policy-spf_time_limit = 3600s
18.  
19. readme_directory = /usr/share/doc/postfix
20.  
21. # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
22. # fresh installs.
23. compatibility_level = 2
24.  
25. # TLS parameters
26. smtpd_tls_cert_file=/etc/letsencrypt/live/torroristen.de/fullchain.pem
27. smtpd_tls_key_file=/etc/letsencrypt/live/torroristen.de/privkey.pem
28. smtpd_use_tls=yes
29. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
30. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
31. smtpd_tls_loglevel = 2
32. smtpd_tls_received_header = yes
33. smtpd_tls_security_level = may
34. #smtpd_tls_req_ccert = yes
35. #smtpd_tls_ccert_verifydepth = 2
36. smtpd_tls_auth_only = yes
37.  
38. smtp_tls_security_level = may
39. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
40. smtp_tls_CAfile = /etc/letsencrypt/live/torroristen.de/cert.pem
41. # optional zur Fehlersuche
42. smtp_tls_loglevel = 1
43.  
44. # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
45. # information on enabling SSL in the smtp client.
46. smtpd_sender_restrictions =  permit_sasl_authenticated
47. #smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
48.  
49. smtpd_recipient_restrictions =
50.     permit_mynetworks,
51.     permit_sasl_authenticated,
52.     reject_unauth_destination,
53. check_policy_service inet:127.0.0.1:10023,
54.  
55.  
56. #smtpd_relay_restrictions = permit_mynetworks =  permit_sasl_authenticated =  defer_unauth_destination
57.  
58. smtpd_relay_restrictions =
59.         permit_mynetworks,
60.         permit_sasl_authenticated,
61.          defer_unauth_destination,
62.  
63.  
64.  
65. myhostname = mail.ukleemann.de
66. alias_maps = hash:/etc/aliases
67. alias_database = hash:/etc/aliases
68. myorigin = /etc/mailname
69. mydestination = $myhostname, ukleemann.de, torroristen.de, bosselnet.de, localhost.localdomain, localhost
70. mynetworks = 127.0.0.0/8 mail.ukleemann.de [::ffff:127.0.0.0]/104  [::1]/128
71. mailbox_size_limit = 0
72. recipient_delimiter = +
73. inet_interfaces = all
74. inet_protocols = all
75.  
76. smtpd_delay_reject = yes
77. smtpd_helo_required = yes
78.  
79.  
80.  
81. # DKIM
82. #milter_default_action = accept
83. #milter_protocol = 6
84. #smtpd_milters = inet:localhost:12345
85. #milter_default_action = tempfail
86. #non_smtpd_milters = inet:localhost:12345
87. html_directory = /usr/share/doc/postfix/html
88. smtpd_sasl_local_domain = $myhostname
89. smtpd_sasl_auth_enable = yes
90. broken_sasl_auth_clients = yes
91. smtpd_sasl_security_options = noanonymous
92. #smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
93.  
94.  
95. virtual_transport = dovecot