Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # ==========================================================================
- # service type private unpriv chroot wakeup maxproc command + args
- # (yes) (yes) (yes) (never) (100)
- # ==========================================================================
- smtp inet n - - - - smtpd
- #smtp inet n - - - 1 postscreen
- #smtpd pass - - - - - smtpd
- #dnsblog unix - - - - 0 dnsblog
- #tlsproxy unix - - - - 0 tlsproxy
- #submission inet n - - - - smtpd
- # -o syslog_name=postfix/submission
- # -o smtpd_tls_security_level=encrypt
- # -o smtpd_sasl_auth_enable=yes
- # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
- # -o milter_macro_daemon_name=ORIGINATING
- #smtps inet n - - - - smtpd
- # -o syslog_name=postfix/smtps
- # -o smtpd_tls_wrappermode=yes
- # -o smtpd_sasl_auth_enable=yes
- # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
- # -o milter_macro_daemon_name=ORIGINATING
- #628 inet n - - - - qmqpd
- pickup fifo n - - 60 1 pickup
- cleanup unix n - - - 0 cleanup
- qmgr fifo n - n 300 1 qmgr
- #qmgr fifo n - n 300 1 oqmgr
- tlsmgr unix - - - 1000? 1 tlsmgr
- rewrite unix - - - - - trivial-rewrite
- bounce unix - - - - 0 bounce
- defer unix - - - - 0 bounce
- trace unix - - - - 0 bounce
- verify unix - - - - 1 verify
- flush unix n - - 1000? 0 flush
- proxymap unix - - n - - proxymap
- proxywrite unix - - n - 1 proxymap
- smtp unix - - - - - smtp
- relay unix - - - - - smtp
- showq unix n - - - - showq
- error unix - - - - - error
- retry unix - - - - - error
- discard unix - - - - - discard
- local unix - n n - - local
- virtual unix - n n - - virtual
- lmtp unix - - - - - lmtp
- anvil unix - - - - 1 anvil
- scache unix - - - - 1 scache
- maildrop unix - n n - - pipe
- flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
- uucp unix - n n - - pipe
- uucp unix - n n - - pipe
- flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
- ifmail unix - n n - - pipe
- flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
- bsmtp unix - n n - - pipe
- flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
- scalemail-backend unix - n n - 2 pipe
- flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
- mailman unix - n n - - pipe
- flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
- ${nexthop} ${user}
- dovecot unix - n n - - pipe
- flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
- # See /usr/share/postfix/main.cf.dist for a commented, more complete version
- # Debian specific: Specifying a file name will cause the first
- # line of that file to be used as the name. The Debian default
- # is /etc/mailname.
- #myorigin = /etc/mailname
- smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
- biff = no
- # appending .domain is the MUA's job.
- append_dot_mydomain = no
- # Uncomment the next line to generate "delayed mail" warnings
- #delay_warning_time = 4h
- readme_directory = /usr/share/doc/postfix
- # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
- # information on enabling SSL in the smtp client.
- myhostname = domainName.ru
- alias_maps = hash:/etc/aliases
- alias_database = hash:/etc/aliases
- myorigin = /etc/mailname
- mydestination =
- relayhost =
- mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
- mailbox_command = procmail -a "$EXTENSION"
- mailbox_size_limit = 0
- recipient_delimiter = +
- inet_interfaces = all
- inet_protocols = ipv4
- # TLS parameters
- #smtpd_tls_cert_file = /etc/postfix/certificate/smtpd.pem
- #smtpd_tls_key_file = /etc/postfix/certificate/smtpd.pem
- smtpd_use_tls = yes
- smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
- smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
- smtp_tls_loglevel = 3
- smtp_tls_CApath = /etc/ssl/certs
- smtpd_tls_received_header = yes
- #smtpd_tls_cert_file = /etc/ssl/domainName.ru2016-bundle;
- #smtpd_tls_key_file = /etc/ssl/www.domainName.ru.key;
- smtpd_tls_cert_file = /root/mailCert/mail.domainName.ru.public.pem
- smtpd_tls_key_file = /root/mailCert/mail.domainName.ru.private.pem
- smtpd_tls_CApath = /etc/ssl/certs
- smtpd_tls_loglevel = 3
- smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
- smtpd_tls_protocols=!SSLv2,!TLSv1,!TLSv1.1,!SSLv3
- # MySQL конфигурация
- virtual_alias_domains =
- virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_forwardings.cf, mysql:/etc/postfix/mysql/virtual_email2email.cf
- virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_domains.cf
- virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailboxes.cf
- virtual_mailbox_base = /home/vmail
- virtual_uid_maps = static:5000
- virtual_gid_maps = static:5000
- # SASL конфигурация
- smtpd_sasl_auth_enable = yes
- smtpd_sasl_authenticated_header = yes
- smtpd_sasl_local_domain = $myhostname
- smtpd_sasl_security_options = noanonymous
- smtpd_sasl_type = dovecot
- smtpd_sasl_path = private/auth
- broken_sasl_auth_clients = yes
- smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
- smtpd_recipient_restrictions = permit_mynetworks,
- permit_sasl_authenticated,
- reject_unauth_destination,
- reject_unauth_pipelining,
- reject_invalid_hostname,
- proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $
- virtual_transport = dovecot
- milter_protocol = 2
- milter_default_action = accept
- smtpd_milters = inet:localhost:12301
- non_smtpd_milters = inet:localhost:12301
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement