smtpd_banner = $myhostname ESMTP $mail_name powered by Easy Hosting Control Pane

1. smtpd_banner = $myhostname ESMTP $mail_name powered by Easy Hosting Control Panel (ehcp) on Ubuntu, www.ehcp.net
2. biff = no
3.  
4. append_dot_mydomain = no
5.  
6. readme_directory = /usr/share/doc/postfix
7.  
8. # TLS parameters
9. tls_random_source=dev:/dev/urandom
10. tls_preempt_cipherlist = yes
11.  
12. # TLS Incoming
13. smtpd_tls_cert_file=/path/to/my/certificate.crt
14. smtpd_tls_key_file=/path/to/my/certificate.key
15. smtpd_tls_CAfile=/path/to/my/certificate.ca-bundle
16. smtpd_use_tls=yes
17. smtpd_tls_auth_only=yes
18. smtpd_tls_security_level=may
19. smtpd_tls_ciphers = high
20. smtpd_tls_mandatory_ciphers=high
21. smtpd_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, CAMELLIA, eNULL, aNULL
22. smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, CAMELLIA, eNULL, aNULL
23. smtpd_tls_loglevel=1
24. smtpd_tls_received_header=yes
25. smtpd_tls_session_cache_timeout=3600s
26. smtpd_tls_mandatory_protocols = TLSv1.2, TLSv1.1, TLSv1, !SSLv2, !SSLv3
27. smtpd_tls_protocols = TLSv1.2, TLSv1.1, TLSv1, !SSLv2, !SSLv3
28. smtpd_starttls_timeout = 300s
29. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
30.  
31. # TLS Outgoing
32. smtp_tls_cert_file=/path/to/my/certificate.crt
33. smtp_tls_key_file=/path/to/my/certificate.key
34. smtp_tls_CAfile=/path/to/my/certificate.ca-bundle
35. smtp_use_tls=yes
36. smtp_tls_security_level=may
37. smtp_tls_ciphers = high
38. smtp_tls_mandatory_ciphers=high
39. smtp_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, CAMELLIA, eNULL, aNULL
40. smtp_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, CAMELLIA, SRP, 3DES, eNULL
41. smtp_tls_loglevel=1
42. smtp_tls_received_header=yes
43. smtp_tls_session_cache_timeout=3600s
44. smtp_tls_mandatory_protocols = TLSv1.2, TLSv1.1, TLSv1, !SSLv2, !SSLv3
45. smtp_tls_protocols = TLSv1.2, TLSv1.1, TLSv1, !SSLv2, !SSLv3
46. smtp_starttls_timeout = 300s
47. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
48.  
49. # General Configuration
50. myhostname = mydomain.tld
51. alias_maps = hash:/etc/aliases
52. alias_database = hash:/etc/aliases
53. myorigin = /etc/mailname
54. mydestination = localhost
55. relayhost =
56. mynetworks = 127.0.0.0/8
57. mailbox_command = procmail -a "$EXTENSION"
58. mailbox_size_limit = 0
59. recipient_delimiter = +
60. debug_peer_list =
61. debug_peer_level = 1
62. disable_vrfy_command = yes
63. inet_protocols = ipv4
64. inet_interfaces = all
65. smtpd_destination_concurrency_limit = 2
66. smtpd_destination_rate_delay = 1s
67. smtpd_extra_recipient_limit = 10
68. smtpd_error_sleep_time = 1s
69. smtpd_soft_error_limit = 10
70. smtpd_hard_error_limit = 20
71.  
72. # Virtual domains, mailboxes, etc
73. virtual_alias_domains =
74. virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
75. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
76. virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
77. virtual_mailbox_base = /home/vmail
78. virtual_uid_maps = static:5000
79. virtual_gid_maps = static:5000
80. virtual_create_maildirsize = yes
81. virtual_mailbox_extended = yes
82. virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
83. virtual_mailbox_limit_override = yes
84. virtual_maildir_limit_message = "The user you are trying to reach is over quota."
85. virtual_overquota_bounce = yes
86. virtual_mailbox_limit = 0
87. virtual_message_limit = 0
88. mailbox_size_limit = 0
89. message_size_limit = 0
90. default_process_limit = 3
91. sender_canonical_maps =
92. transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
93. proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $mynetworks $virtual_mailbox_limit_maps $transport_maps
94.  
95. # SASL Authentication
96. #smtpd_sasl_type = courier
97. smtpd_sasl_path = smtpd
98. smtpd_sasl_local_domain = $myhostname
99. smtpd_sasl_auth_enable = yes
100. smtpd_sasl_security_options = noanonymous
101. broken_sasl_auth_clients = yes
102. smtpd_tls_auth_only = yes
103.  
104. # Restrictions
105. #smtpd_delay_reject = yes
106. #smtpd_helo_required = yes
107. #smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit
108. #smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
109. #smtpd_sender_restrictions = permit_mynetworks, reject_unknown_sender_domain, reject_unlisted_sender, permit
110. #smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client b1.spamcop.net, check_policy_service unix:postgrey/socket, permit
111. smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
112. smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_client_access cidr:/etc/postfix/client_checks
113.  
114. # milters & filters (Amavis & DKIM)
115. content_filter = smtp-amavis:127.0.0.1:10024
116. milter_protocol = 2
117. milter_default_action = accept
118. smtpd_milters = inet:localhost:8891
119. non_smtpd_milters = $smtpd_milters