Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # postconf -nf
- alias_database = hash:/etc/aliases
- alias_maps = hash:/etc/aliases
- append_dot_mydomain = no
- biff = no
- inet_interfaces = all
- inet_protocols = all
- mailbox_size_limit = 0
- milter_connect_macros = i j {daemon_name} v {if_name} _
- mydestination = localhost
- myhostname = mail.domain.tld
- mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128, 222.222.222.222/28
- myorigin = /etc/mailname
- readme_directory = no
- recipient_delimiter = +
- relayhost =
- smtp_tls_security_level = may
- smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
- smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
- smtpd_milters = unix:/spamass/spamass.sock
- smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
- defer_unauth_destination
- smtpd_sasl_auth_enable = yes
- smtpd_sasl_path = private/auth
- smtpd_sasl_type = dovecot
- smtpd_sender_login_maps = mysql:/etc/postfix/mysql-email2email.cf
- smtpd_tls_auth_only = yes
- smtpd_tls_cert_file = /etc/letsencrypt/live/mail.domain.tld/fullchain.pem
- smtpd_tls_key_file = /etc/letsencrypt/live/mail.domain.tld/privkey.pem
- smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
- smtpd_tls_security_level = may
- smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
- smtpd_use_tls = yes
- virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
- virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
- virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
- virtual_transport = lmtp:unix:private/dovecot-lmtp
- # postconf -Mf
- smtp inet n - y - - smtpd
- submission inet n - - - - smtpd
- -o syslog_name=postfix/submission
- -o smtpd_tls_security_level=encrypt
- -o smtpd_sasl_auth_enable=yes
- -o smtpd_sasl_type=dovecot
- -o smtpd_sasl_path=private/auth
- -o smtpd_sasl_security_options=noanonymous
- -o smtpd_sender_login_maps=mysql:/etc/postfix/mysql-email2email.cf
- -o smtpd_sender_restrictions=reject_sender_login_mismatch
- -o smtpd_sasl_local_domain=$myhostname
- -o smtpd_client_restrictions=permit_sasl_authenticated,reject
- -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
- pickup unix n - y 60 1 pickup
- cleanup unix n - y - 0 cleanup
- qmgr unix n - n 300 1 qmgr
- tlsmgr unix - - y 1000? 1 tlsmgr
- rewrite unix - - y - - trivial-rewrite
- bounce unix - - y - 0 bounce
- defer unix - - y - 0 bounce
- trace unix - - y - 0 bounce
- verify unix - - y - 1 verify
- flush unix n - y 1000? 0 flush
- proxymap unix - - n - - proxymap
- proxywrite unix - - n - 1 proxymap
- smtp unix - - y - - smtp
- relay unix - - y - - smtp
- showq unix n - y - - showq
- error unix - - y - - error
- retry unix - - y - - error
- discard unix - - y - - discard
- local unix - n n - - local
- virtual unix - n n - - virtual
- lmtp unix - - y - - lmtp
- anvil unix - - y - 1 anvil
- scache unix - - y - 1 scache
- maildrop unix - n n - - pipe flags=DRhu
- user=vmail argv=/usr/bin/maildrop -d ${recipient}
- uucp unix - n n - - pipe flags=Fqhu
- user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
- ifmail unix - n n - - pipe flags=F user=ftn
- argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
- bsmtp unix - n n - - pipe flags=Fq.
- user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
- scalemail-backend unix - n n - 2 pipe flags=R
- user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
- ${user} ${extension}
- mailman unix - n n - - pipe flags=FR
- user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
- ${user}
- # postmap -q me@domain.tld mysql:/etc/postfix/mysql-email2email.cf
- me@domain.tld
- # postmap -q NOTme@domain.tld mysql:/etc/postfix/mysql-email2email.cf
- <no output>
- # cat /var/log/mail.log for email sent as forged email:
- Aug 18 09:24:39 mail postfix/submission/smtpd[1305]: connect from hostname.domain.tld[123.123.123.123]
- Aug 18 09:24:40 mail spamass-milter[197]: Could not retrieve sendmail macro "i"!. Please add it to confMILTER_MACROS_ENVFROM for better spamassassin results
- Aug 18 09:24:40 mail postfix/submission/smtpd[1305]: 2319060040: client=hostname.domain.tld[123.123.123.123], sasl_method=PLAIN, sasl_username=me@domain.tld
- Aug 18 09:24:40 mail postfix/cleanup[1313]: 2319060040: message-id=<c53a6e3b-97fb-ba65-1372-be1d02605a86@domain.tld>
- Aug 18 09:24:40 mail spamd[517]: spamd: connection from ip6-localhost [::1]:40070 to port 783, fd 5
- Aug 18 09:24:40 mail spamd[517]: spamd: processing message <c53a6e3b-97fb-ba65-1372-be1d02605a86@domain.tld> for me:5000
- Aug 18 09:24:40 mail spamd[517]: spamd: clean message (-1.0/5.0) for me:5000 in 0.2 seconds, 741 bytes.
- Aug 18 09:24:40 mail spamd[517]: spamd: result: . 0 - ALL_TRUSTED,TVD_SPACE_RATIO scantime=0.2,size=741,user=me,uid=5000,required_score=5.0,rhost=ip6-localhost,raddr=::1,rport=40070,mid=<c53a6e3b-97fb-ba65-1372-be1d02605a86@domain.tld>,autolearn=ham autolearn_force=no
- Aug 18 09:24:40 mail postfix/qmgr[643]: 2319060040: from=<me@domain.tld>, size=672, nrcpt=1 (queue active)
- Aug 18 09:24:40 mail spamd[434]: prefork: child states: II
- Aug 18 09:24:40 mail postfix/submission/smtpd[1305]: disconnect from hostname.domain.tld[123.123.123.123] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
- Aug 18 09:24:40 mail postfix/smtp[1316]: 2319060040: to=<receiver@some.tld>, relay=host.domain.tld[312.312.312.312]:25, delay=0.48, delays=0.33/0.02/0.01/0.12, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 8B91A1000B8)
- Aug 18 09:24:40 mail postfix/qmgr[643]: 2319060040: removed
- Aug 18 09:24:40 mail dovecot: imap-login: Login: user=<me@domain.tld>, method=PLAIN, rip=123.123.123.123, lip=222.222.222.222, mpid=1318, TLS, session=<wCWxBQJXNrNVphKX>
- Aug 18 09:24:40 mail dovecot: imap(me@domain.tld): Logged out in=538 out=532
- Aug 18 09:24:40 mail dovecot: imap-login: Login: user=<me@domain.tld>, method=PLAIN, rip=123.123.123.123, lip=222.222.222.222, mpid=1320, TLS, session=<LDy1BQJXOLNVphKX>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement