|
# See /usr/share/postfix/main.cf.dist for a commented, more complete version |
|
|
|
|
|
# Debian specific: Specifying a file name will cause the first |
|
# line of that file to be used as the name. The Debian default |
|
# is /etc/mailname. |
|
#myorigin = /etc/mailname |
|
|
|
#smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) |
|
smtpd_banner = $myhostname ESMTP ready |
|
biff = no |
|
|
|
# appending .domain is the MUA's job. |
|
append_dot_mydomain = no |
|
|
|
# Uncomment the next line to generate "delayed mail" warnings |
|
#delay_warning_time = 4h |
|
|
|
readme_directory = no |
|
|
|
# TLS parameters |
|
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem |
|
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key |
|
smtpd_use_tls=yes |
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache |
|
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache |
|
|
|
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for |
|
# information on enabling SSL in the smtp client. |
|
|
|
myhostname = <myhostname> |
|
alias_maps = hash:/etc/aliases |
|
alias_database = hash:/etc/aliases |
|
myorigin = /etc/mailname |
|
mydestination = <myhostname>, localhost |
|
relayhost = |
|
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 |
|
mailbox_size_limit = 0 |
|
recipient_delimiter = + |
|
inet_interfaces = all |
|
inet_protocols = ipv4 |
|
|
|
# |
|
# Backup MX |
|
# |
|
|
|
disable_vrfy_command = yes |
|
strict_rfc821_envelopes = yes |
|
|
|
smtpd_delay_reject = yes |
|
smtpd_helo_required = yes |
|
|
|
smtpd_helo_restrictions = |
|
reject_unknown_hostname, |
|
reject_invalid_hostname, |
|
reject_non_fqdn_hostname |
|
|
|
smtpd_sender_restrictions = |
|
reject_non_fqdn_sender, |
|
reject_unknown_sender_domain |
|
|
|
smtpd_recipient_restrictions = |
|
permit_mynetworks, |
|
reject_unauth_destination, |
|
reject_unauth_pipelining, |
|
reject_non_fqdn_recipient |
|
|
|
smtpd_data_restrictions = |
|
reject_unauth_pipelining |
|
|
|
smtpd_client_restrictions = |
|
permit_mynetworks, |
|
reject_unknown_client, |
|
reject_rbl_client b.barracudacentral.org, |
|
reject_rbl_client dsn.rfc-ignorant.org, |
|
reject_rbl_client dnsbl.sorbs.net, |
|
reject_rbl_client rhsbl.sorbs.net, |
|
reject_rbl_client bl.spamcop.net, |
|
reject_rbl_client zen.spamhaus.org, |
|
reject_rbl_client db.wpbl.info |
|
|
|
unknown_address_reject_code = 550 |
|
unknown_client_reject_code = 550 |
|
unknown_hostname_reject_code = 550 |
|
unknown_local_recipient_reject_code = 550 |
|
unknown_relay_recipient_reject_code = 550 |
|
unknown_virtual_alias_reject_code = 550 |
|
unknown_virtual_mailbox_reject_code = 550 |
|
unverified_recipient_reject_code = 550 |
|
unverified_sender_reject_code = 550 |
|
|
|
maximal_queue_lifetime = 21d |
|
|
|
relay_domains = /etc/postfix/relay_domains |