Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
- biff = no
- # appending .domain is the MUA's job.
- append_dot_mydomain = no
- # Uncomment the next line to generate "delayed mail" warnings
- #delay_warning_time = 4h
- readme_directory = no
- # TLS parameters
- #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
- #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
- #smtpd_tls_cert_file=/etc/nginx/ssl/myserver_mail.crt
- #smtpd_tls_key_file=/etc/nginx/ssl/myserver_mail.key
- #smtpd_tls_CAfile =/etc/nginx/ssl/ca.crt
- smtp_tls_cert_file=/etc/mail/ssl/certs/certificate.crt
- smtp_tls_key_file=/etc/mail/ssl/certs/myserver.com.key
- smtpd_tls_CApath=/etc/ssl/certs
- smtp_tls_CApath=/etc/ssl/certs
- smtp_tls_CAfile=/etc/mail/ssl/certs/myserver.com.ca-bundle
- smtpd_tls_cert_file=/etc/mail/ssl/certs/certificate.crt
- smtpd_tls_key_file=/etc/mail/ssl/certs/myserver.com.key
- smtpd_tls_CAfile=/etc/mail/ssl/certs/myserver.com.ca-bundle
- smtp_sasl_auth_enable = yes
- smtp_sasl_password_maps = static:info@myserver.com:password
- smtp_sasl_security_options = noanonymous
- smtpd_tls_loglevel = 3
- smtpd_tls_received_header = yes
- smtpd_tls_session_cache_timeout = 3600s
- tls_random_source = dev:/dev/urandom
- smtp_use_tls=yes
- smtpd_use_tls=yes
- #smtp_enforce_tls=yes
- smtp_tls_security_level=encrypt
- header_size_limit = 4096000
- # Seriously - for email relaying, just get a $5 Linode and install Ubuntu + iRedmail. Works out of the box and supports relaying,
- # webmails etc (Roundcube, SoGo WorkGroup). The mx.mysmtpserver.com:587 is using iRedmail.
- relayhost = mx.mysmtpserver.com:587
- smtpd_tls_auth_only=yes
- smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
- smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
- # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
- # information on enabling SSL in the smtp client.
- smtp_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
- smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
- smtpd_tls_dh512_param_file = /etc/ssl/private/dhparams512.pem
- smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams1024.pem
- smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
- # DKIM
- # --------------------------------------
- milter_default_action = accept
- milter_protocol = 2
- smtpd_milters = inet:localhost:8891
- non_smtpd_milters = inet:localhost:8891
- mydomain = myserver.com
- myhostname = myserver.com
- alias_maps = hash:/etc/aliases
- alias_database = hash:/etc/aliases
- myorigin = /etc/mailname
- ## If here's host destination, it'll bounce all the mails that are not mapped in virtual aliases (like blaa@blaa.com)
- mydestination =
- # localhost $myhostname, myserver.com, localhost
- #relayhost =
- mynetworks = 127.0.0.0/8
- #[::ffff:127.0.0.0]/104 [::1]/128
- mailbox_size_limit = 0
- recipient_delimiter = +
- inet_interfaces = all
- inet_protocols = ipv4
- virtual_alias_maps = hash:/etc/postfix/virtual
- canonical_maps = hash:/etc/postfix/canonical
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement