Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Use TLS certs generated by acme-client
- pki mail-mx.example.com cert "/etc/ssl/mail-mx.example.com.fullchain.pem"
- pki mail-mx.example.com key "/etc/ssl/private/mail-mx.example.com.key"
- # Checks for improperly/poorly set up mail servers and REJECTS them
- # filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } disconnect "550 no residential connections"
- # filter check_rdns phase connect match !rdns disconnect "550 no rDNS is so 80s"
- # filter check_fcrdns phase connect match !fcrdns disconnect "550 no FCrDNS is so 80s"
- # Junk and blocks mails below a certain threshhold
- # filter senderscore proc-exec "filter-senderscore -blockBelow 10 -junkBelow 70 -slowFactor 5000"
- # Checks for improperly/poorly set up mail servers and JUNKS them
- filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } junk
- filter check_rdns phase connect match !rdns junk
- filter check_fcrdns phase connect match !fcrdns junk
- # Only junk below a certain threshhold, not block
- filter senderscore proc-exec "filter-senderscore -junkBelow 70 -slowFactor 5000"
- filter rspamd proc-exec "filter-rspamd"
- table aliases file:/etc/mail/aliases
- table domains file:/etc/mail/domains
- table virtuals file:/etc/mail/virtual
- table passwd file:/etc/mail/passwd
- table ipv4_addr { 155.138.222.150 }
- listen on all tls pki mail-mx.example.com filter { check_dyndns, check_rdns, check_fcrdns, senderscore, rspamd }
- listen on all port submission tls-require pki mail-mx.example.com auth <passwd> filter rspamd mask-src
- # action "local_mail" maildir junk alias <aliases>
- action "local_mail" lmtp "/var/dovecot/lmtp" rcpt-to alias <aliases>
- action "external_mail" lmtp "/var/dovecot/lmtp" rcpt-to virtual <virtuals>
- #action "external_mail" maildir junk virtual <virtuals>
- action "outbound" relay helo mail-mx.example.com
- # Uncomment the following to accept external mail for domain "example.org"
- # match from any for domain "example.com" action "local_mail"
- match from any for domain <domains> action "external_mail"
- match for local action "local_mail"
- match from any auth for any action "outbound"
- match for any action "outbound"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement