Created
April 15, 2022 12:01
-
-
Save stefanpejcic/e56155664a747cf2744c79abcf58135d to your computer and use it in GitHub Desktop.
/etc/postfix/main.cf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# See /usr/share/postfix/main.cf.dist for a commented, more complete version | |
smtpd_banner = $myhostname ESMTP | |
biff = no | |
inet_protocols = ipv4 | |
# appending .domain is the MUA's job. | |
append_dot_mydomain = no | |
readme_directory = no | |
# TLS parameters | |
smtpd_tls_cert_file=/etc/postfix/malware.expert.crt | |
smtpd_tls_key_file=/etc/postfix/malware.expert.key | |
smtpd_tls_security_level = may | |
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | |
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |
smtp_tls_note_starttls_offer = yes | |
smtp_tls_security_level = may | |
# Conf | |
delay_warning_time = 4h | |
bounce_queue_lifetime = 5d | |
maximal_queue_lifetime = 5d | |
smtp_connect_timeout = 10s | |
smtpd_helo_required = yes | |
#It allows Postfix to log recipient address information when rejecting a client name/address or sender address | |
smtpd_delay_reject = yes | |
strict_rfc821_envelopes = yes | |
message_size_limit = 50000000 | |
# Maps to Relay & Transport (Domains and Destination routing) | |
relay_domains = proxy:mysql:/etc/postfix/postfix-mysql-relay_domains_maps.cf | |
transport_maps = proxy:mysql:/etc/postfix/postfix-mysql-transport_maps.cf | |
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | |
# information on enabling SSL in the smtp client. | |
myhostname = mx01.malware.expert | |
mydestination = $myhostname, localhost | |
alias_maps = hash:/etc/aliases | |
alias_database = hash:/etc/aliases | |
myorigin = /etc/mailname | |
relayhost = | |
# Which servers allowed send outgoing emails | |
mynetworks = 127.0.0.0/8 | |
mailbox_size_limit = 0 | |
recipient_delimiter = + | |
inet_interfaces = all | |
smtpd_sender_restrictions = | |
permit_mynetworks | |
reject_non_fqdn_sender | |
reject_unknown_sender_domain | |
smtpd_recipient_restrictions = | |
permit_mynetworks | |
reject_unauth_destination | |
reject_invalid_helo_hostname | |
warn_if_reject reject_non_fqdn_helo_hostname | |
warn_if_reject reject_unknown_helo_hostname | |
warn_if_reject reject_unknown_reverse_client_hostname | |
reject_non_fqdn_sender | |
reject_non_fqdn_recipient | |
reject_unknown_sender_domain | |
reject_unknown_recipient_domain | |
smtpd_data_restrictions = | |
reject_unauth_pipelining | |
reject_multi_recipient_bounce |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment