main.cf
· 3.6 KiB · CFEngine3
Исходник
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = peppermint.node.swee.codes
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/peppermint.node.swee.codes/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/peppermint.node.swee.codes/privkey.pem
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
# Authentication
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
# Restrictions
smtpd_helo_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unlisted_recipient,
reject_unauth_destination
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_unknown_sender_domain
smtpd_relay_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
defer_unauth_destination
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = peppermint.node.swee.codes
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydomain = swee.codes
myorigin = swee.codes
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
# Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp
# Virtual domains, users, and aliases
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,
mysql:/etc/postfix/mysql-virtual-email2email.cf
# Even more Restrictions and MTA params
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
#smtpd_etrn_restrictions = reject
#smtpd_reject_unlisted_sender = yes
#smtpd_reject_unlisted_recipient = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtp_always_send_ehlo = yes
#smtpd_hard_error_limit = 1
smtpd_timeout = 30s
smtp_helo_timeout = 15s
smtp_rcpt_timeout = 15s
smtpd_recipient_limit = 40
minimal_backoff_time = 180s
maximal_backoff_time = 3h
# Reply Rejection Codes
invalid_hostname_reject_code = 550
non_fqdn_reject_code = 550
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
spamassassin_destination_recipient_limit = 1
1 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version |
2 | |
3 | # Debian specific: Specifying a file name will cause the first |
4 | # line of that file to be used as the name. The Debian default |
5 | # is /etc/mailname. |
6 | #myorigin = /etc/mailname |
7 | |
8 | smtpd_banner = peppermint.node.swee.codes |
9 | biff = no |
10 | |
11 | # appending .domain is the MUA's job. |
12 | append_dot_mydomain = no |
13 | |
14 | # Uncomment the next line to generate "delayed mail" warnings |
15 | #delay_warning_time = 4h |
16 | |
17 | readme_directory = no |
18 | |
19 | # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on |
20 | # fresh installs. |
21 | compatibility_level = 2 |
22 | |
23 | # TLS parameters |
24 | smtpd_tls_cert_file=/etc/letsencrypt/live/peppermint.node.swee.codes/fullchain.pem |
25 | smtpd_tls_key_file=/etc/letsencrypt/live/peppermint.node.swee.codes/privkey.pem |
26 | smtpd_use_tls=yes |
27 | smtpd_tls_auth_only = yes |
28 | smtp_tls_security_level = may |
29 | smtpd_tls_security_level = may |
30 | smtpd_sasl_security_options = noanonymous, noplaintext |
31 | smtpd_sasl_tls_security_options = noanonymous |
32 | |
33 | # Authentication |
34 | smtpd_sasl_type = dovecot |
35 | smtpd_sasl_path = private/auth |
36 | smtpd_sasl_auth_enable = yes |
37 | |
38 | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for |
39 | # information on enabling SSL in the smtp client. |
40 | |
41 | # Restrictions |
42 | smtpd_helo_restrictions = |
43 | permit_mynetworks, |
44 | permit_sasl_authenticated, |
45 | reject_invalid_helo_hostname, |
46 | reject_non_fqdn_helo_hostname |
47 | smtpd_recipient_restrictions = |
48 | permit_mynetworks, |
49 | permit_sasl_authenticated, |
50 | reject_non_fqdn_recipient, |
51 | reject_unknown_recipient_domain, |
52 | reject_unlisted_recipient, |
53 | reject_unauth_destination |
54 | smtpd_sender_restrictions = |
55 | permit_mynetworks, |
56 | permit_sasl_authenticated, |
57 | reject_non_fqdn_sender, |
58 | reject_unknown_sender_domain |
59 | smtpd_relay_restrictions = |
60 | permit_mynetworks, |
61 | permit_sasl_authenticated, |
62 | defer_unauth_destination |
63 | |
64 | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for |
65 | # information on enabling SSL in the smtp client. |
66 | |
67 | myhostname = peppermint.node.swee.codes |
68 | alias_maps = hash:/etc/aliases |
69 | alias_database = hash:/etc/aliases |
70 | mydomain = swee.codes |
71 | myorigin = swee.codes |
72 | mydestination = localhost |
73 | relayhost = |
74 | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 |
75 | mailbox_size_limit = 0 |
76 | recipient_delimiter = + |
77 | inet_interfaces = all |
78 | inet_protocols = all |
79 | |
80 | # Handing off local delivery to Dovecot's LMTP, and telling it where to store mail |
81 | virtual_transport = lmtp:unix:private/dovecot-lmtp |
82 | |
83 | # Virtual domains, users, and aliases |
84 | virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf |
85 | virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf |
86 | virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf, |
87 | mysql:/etc/postfix/mysql-virtual-email2email.cf |
88 | |
89 | # Even more Restrictions and MTA params |
90 | disable_vrfy_command = yes |
91 | strict_rfc821_envelopes = yes |
92 | #smtpd_etrn_restrictions = reject |
93 | #smtpd_reject_unlisted_sender = yes |
94 | #smtpd_reject_unlisted_recipient = yes |
95 | smtpd_delay_reject = yes |
96 | smtpd_helo_required = yes |
97 | smtp_always_send_ehlo = yes |
98 | #smtpd_hard_error_limit = 1 |
99 | smtpd_timeout = 30s |
100 | smtp_helo_timeout = 15s |
101 | smtp_rcpt_timeout = 15s |
102 | smtpd_recipient_limit = 40 |
103 | minimal_backoff_time = 180s |
104 | maximal_backoff_time = 3h |
105 | |
106 | # Reply Rejection Codes |
107 | invalid_hostname_reject_code = 550 |
108 | non_fqdn_reject_code = 550 |
109 | unknown_address_reject_code = 550 |
110 | unknown_client_reject_code = 550 |
111 | unknown_hostname_reject_code = 550 |
112 | unverified_recipient_reject_code = 550 |
113 | unverified_sender_reject_code = 550 |
114 | milter_protocol = 2 |
115 | milter_default_action = accept |
116 | smtpd_milters = inet:localhost:12301 |
117 | non_smtpd_milters = inet:localhost:12301 |
118 | spamassassin_destination_recipient_limit = 1 |