Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- alias_maps = hash:/etc/mail/aliases
- append_dot_mydomain = no
- biff = no
- broken_sasl_auth_clients = yes
- command_directory = /usr/local/sbin
- compatibility_level = 2
- daemon_directory = /usr/local/libexec/postfix
- data_directory = /var/db/postfix
- disable_vrfy_command = yes
- dovecot_destination_recipient_limit = 1
- enable_original_recipient = yes
- header_checks = regexp:/usr/local/etc/postfix/custom_original_outgoing_header, regexp:/usr/local/etc/postfix/header_checks
- html_directory = no
- inet_interfaces = 127.0.0.1, MY.EXTERNAL.IP
- inet_protocols = ipv4
- mail_owner = postfix
- mailbox_size_limit = 0
- mailq_path = /usr/local/bin/mailq
- manpage_directory = /usr/local/man
- maximal_backoff_time = 8000s
- maximal_queue_lifetime = 7d
- message_size_limit = 32020096
- meta_directory = /usr/local/libexec/postfix
- milter_default_action = accept
- milter_protocol = 6
- minimal_backoff_time = 1000s
- mydestination =
- myhostname = MY.HOSTNAME.COM
- mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
- mynetworks_style = host
- myorigin = $myhostname
- newaliases_path = /usr/local/bin/newaliases
- non_smtpd_milters = inet:127.0.0.1:11332, local:opendkim/opendkim.sock
- queue_directory = /var/spool/postfix
- readme_directory = no
- recipient_delimiter = +
- sample_directory = /usr/local/etc/postfix
- sendmail_path = /usr/local/sbin/sendmail
- setgid_group = maildrop
- shlib_directory = /usr/local/lib/postfix
- smtp_bind_address = MY.EXTERNAL.IP
- smtp_helo_timeout = 60s
- smtp_tls_note_starttls_offer = yes
- smtp_tls_security_level = may
- smtpd_banner = $myhostname ESMTP $mail_name
- smtpd_client_restrictions = permit_sasl_authenticated, reject_rbl_client rbl.realtimeblacklist.com, reject_rbl_client cbl.abuseat.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client xbl.spamhaus.org, reject_rbl_client psbl.surriel.com, reject_rbl_client b.barracudacentral.org, reject_unknown_reverse_client_hostname, reject_unknown_client_hostname
- smtpd_data_restrictions = reject_unauth_pipelining
- smtpd_delay_reject = yes
- smtpd_hard_error_limit = 12
- smtpd_helo_required = yes
- smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, check_helo_access hash:/usr/local/etc/postfix/helo_access, permit
- smtpd_milters = inet:localhost:11332, local:opendkim/opendkim.sock
- smtpd_recipient_limit = 160
- smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, reject_invalid_hostname, permit
- smtpd_relay_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
- smtpd_sasl_auth_enable = yes
- smtpd_sasl_authenticated_header = yes
- smtpd_sasl_local_domain =
- smtpd_sasl_path = private/auth
- smtpd_sasl_security_options = noanonymous
- smtpd_sasl_type = dovecot
- smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_authenticated_sender_login_mismatch, permit_sasl_authenticated, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, check_sender_access pcre:/usr/local/etc/postfix/reject_domains, check_sender_access pcre:/usr/local/etc/postfix/allow_domains, permit
- smtpd_soft_error_limit = 3
- smtpd_tls_cert_file = /usr/local/etc/letsencrypt/live/MY.HOSTNAME.COM/fullchain.pem
- smtpd_tls_dh1024_param_file = /etc/dhparam2048.pem
- smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
- smtpd_tls_key_file = /usr/local/etc/letsencrypt/live/MY.HOSTNAME.COM/privkey.pem
- smtpd_tls_loglevel = 1
- smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
- smtpd_tls_received_header = yes
- smtpd_tls_security_level = may
- smtpd_tls_session_cache_database = btree:/usr/local/var/lib/postfix/smtpd_scache
- smtpd_tls_session_cache_timeout = 3600s
- tls_high_cipherlist = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:TLS_DHE_RSA_WITH_AES_128_CBC_SHA:TLS_DHE_RSA_WITH_AES_256_CBC_SHA:TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- tls_random_source = dev:/dev/urandom
- unknown_local_recipient_reject_code = 450
- virtual_alias_maps = mysql:/usr/local/etc/postfix/sql/mysql_virtual_alias_maps.cf, mysql:/usr/local/etc/postfix/sql/mysql_virtual_alias_domainaliases_maps.cf
- virtual_gid_maps = static:50000
- virtual_mailbox_base = /var/vmail
- virtual_mailbox_domains = mysql:/usr/local/etc/postfix/sql/mysql_virtual_domains_maps.cf
- virtual_mailbox_maps = mysql:/usr/local/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, mysql:/usr/local/etc/postfix/sql/mysql_virtual_mailbox_domainaliases_maps.cf
- virtual_transport = dovecot
- virtual_uid_maps = static:50000
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement