Guest User

Untitled

a guest
Apr 4th, 2016
324
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # postfix config file
  2.  
  3. # uncomment for debugging if needed
  4. soft_bounce=yes
  5.  
  6. # postfix main
  7. mail_owner = postfix
  8. setgid_group = postdrop
  9. delay_warning_time = 4
  10.  
  11. # postfix paths
  12. html_directory = no
  13. command_directory = /usr/sbin
  14. daemon_directory = /usr/lib/postfix
  15. queue_directory = /var/spool/postfix
  16. sendmail_path = /usr/sbin/sendmail.postfix
  17. newaliases_path = /usr/bin/newaliases.postfix
  18. mailq_path = /usr/bin/mailq.postfix
  19. manpage_directory = /usr/share/man
  20. sample_directory = /usr/share/doc/postfix-2.2.2/samples
  21. readme_directory = /usr/share/doc/postfix-2.2.2/README_FILES
  22.  
  23. # network settings
  24. inet_interfaces = all
  25. mydomain = njoror.squashedfly.eu
  26. myhostname = njoror.squashedfly.eu
  27. mynetworks = 127.0.0.1, 213.138.113.144
  28. mydestination = localhost.$mydomain, localhost
  29. relay_domains = proxy:mysql:/etc/sentora/configs/postfix/mysql-relay_domains_maps.cf
  30.  
  31. # mail delivery
  32. recipient_delimiter = +
  33.  
  34. # mappings
  35. alias_maps = hash:/etc/aliases
  36. alias_database = hash:/etc/aliases
  37. #transport_maps = hash:/etc/postfix/transport
  38. #local_recipient_maps =
  39.  
  40. # virtual setup
  41. virtual_alias_maps = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_alias_maps.cf,
  42. regexp:/etc/sentora/configs/postfix/virtual_regexp
  43. virtual_mailbox_base = /var/sentora/vmail
  44. virtual_mailbox_domains = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_domains_maps.cf
  45. virtual_mailbox_maps = proxy:mysql:/etc/sentora/configs/postfix/mysql-virtual_mailbox_maps.cf
  46. virtual_minimum_uid = 999
  47. virtual_uid_maps = static:999
  48. virtual_gid_maps = static:8
  49. virtual_transport = dovecot
  50. dovecot_destination_recipient_limit = 1
  51.  
  52. # debugging
  53. debug_peer_level = 2
  54. debugger_command =
  55. PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
  56. xxgdb $daemon_directory/$process_name $process_id & sleep 5
  57.  
  58. # authentication
  59. smtpd_sasl_auth_enable = yes
  60. smtpd_sasl_security_options = noanonymous
  61. smtpd_sasl_local_domain = $myhostname
  62. broken_sasl_auth_clients = yes
  63. smtpd_sasl_type = dovecot
  64. smtpd_sasl_path = private/auth
  65.  
  66. # tls config
  67. # smtp_use_tls = no
  68. # smtpd_use_tls = no
  69. #smtp_tls_note_starttls_offer = yes
  70. #smtpd_tls_loglevel = 1
  71. #smtpd_tls_received_header = yes
  72. #smtpd_tls_session_cache_timeout = 3600s
  73. #tls_random_source = dev:/dev/urandom
  74. #smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
  75. # Change mail.example.com.* to your host name
  76. #smtpd_tls_key_file = /etc/pki/tls/private/mail.example.com.key
  77. #smtpd_tls_cert_file = /etc/pki/tls/certs/mail.example.com.crt
  78. # smtpd_tls_CAfile = /etc/pki/tls/root.crt
  79.  
  80. # rules restrictions
  81. smtpd_client_restrictions =
  82. smtpd_helo_restrictions = permit_mynetworks,
  83. reject_invalid_hostname,
  84. permit
  85. smtpd_sender_restrictions = permit_sasl_authenticated,
  86. permit_mynetworks,
  87. reject_unknown_sender_domain,
  88. permit
  89. smtpd_recipient_restrictions = permit_sasl_authenticated,
  90. permit_mynetworks,
  91. permit_inet_interfaces,
  92. reject_unauth_destination,
  93. reject_non_fqdn_sender,
  94. reject_non_fqdn_recipient,
  95. reject_non_fqdn_hostname,
  96. permit_sasl_authenticated,
  97. reject_unknown_recipient_domain,
  98. reject_unauth_destination,
  99. reject_invalid_hostname
  100. # uncomment for realtime black list checks. (Warn: will also reject false positive)
  101. ,reject_rbl_client zen.spamhaus.org
  102. ,reject_rbl_client bl.spamcop.net
  103. ,reject_rbl_client dnsbl.sorbs.net
  104. #,check_policy_service inet:127.0.0.1:10023
  105.  
  106. smtpd_helo_required = yes
  107. unknown_local_recipient_reject_code = 550
  108. disable_vrfy_command = yes
  109. smtpd_data_restrictions = reject_unauth_pipelining
  110. smtpd_banner = $myhostname ESMTP
  111.  
  112. message_size_limit = 20480000
  113.  
  114.  
  115. # Things Philip Changed for SSL
  116.  
  117. # Raise log level as default doesn't give much information
  118. smtpd_tls_loglevel = 1
  119.  
  120. # path to the certificate file, should be root:root and 0444
  121. smtpd_tls_cert_file=/etc/letsencrypt/live/njoror.squashedfly.eu/fullchain.pem
  122.  
  123. # path to the private key file, should be root:root and 0400
  124. smtpd_tls_key_file=/etc/letsencrypt/live/njoror.squashedfly.eu/privkey.pem
  125.  
  126. # Allow use of TLS but make it optional
  127. smtpd_use_tls=yes
  128.  
  129. # Cache sessions for speed improvement
  130. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
  131. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
  132.  
  133. # Disable SSLv2/3 as they are vulnerable
  134. smtpd_tls_protocols = !SSLv2, !SSLv3
  135.  
  136. # Insist on stronger ciphers
  137. smtpd_tls_ciphers = high
  138.  
  139. # SASL parameters
  140. # Don't forget permit_sasl_authenticated in smtpd_relay_restrictions
  141. smtpd_sasl_type = dovecot
  142. smtpd_sasl_path = private/auth
  143. smtpd_sasl_auth_enable = yes
RAW Paste Data