Created
July 16, 2017 11:29
Star
You must be signed in to star a gist
Postfix配置
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# See /usr/share/postfix/main.cf.dist for a commented, more complete version | |
# Debian specific: Specifying a file name will cause the first | |
# line of that file to be used as the name. The Debian default | |
# is /etc/mailname. | |
#myorigin = /etc/mailname | |
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) | |
biff = no | |
# appending .domain is the MUA's job. | |
append_dot_mydomain = no | |
# Uncomment the next line to generate "delayed mail" warnings | |
#delay_warning_time = 4h | |
readme_directory = no | |
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | |
# information on enabling SSL in the smtp client. | |
myhostname = localhost | |
alias_maps = hash:/etc/aliases | |
alias_database = hash:/etc/aliases | |
mydestination = admin, localhost.localdomain, , localhost | |
relayhost = | |
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 | |
mailbox_size_limit = 0 | |
recipient_delimiter = + | |
inet_interfaces = all | |
inet_protocols = all | |
virtual_alias_domains = email.tindbot.com | |
virtual_alias_maps = hash:/etc/postfix/virtual | |
# setup sender alias | |
smtp_generic_maps = hash:/etc/postfix/generic | |
# setting for security purpose | |
smtp_tls_security_level = may | |
smtp_tls_loglevel = 1 | |
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |
smtp_tls_note_starttls_offer = yes | |
smtpd_use_tls=yes | |
smtpd_tls_loglevel = 1 | |
smtpd_tls_CApath = /etc/letsencrypt/live/email.tindbot.com | |
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | |
smtpd_tls_cert_file = /etc/letsencrypt/live/email.tindbot.com/fullchain.pem | |
smtpd_tls_key_file = /etc/letsencrypt/live/email.tindbot.com/privkey.pem | |
smtpd_tls_security_level = may | |
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 , DES, ADH, RC4, PSD, SRP, 3DES, eNULL | |
smtpd_tls_protocols= !SSLv2, !SSLv3 | |
smtpd_tls_mandatory_protocols= !SSLv2, !SSLv3 | |
smtpd_tls_mandatory_ciphers = high | |
smtpd_tls_received_header = yes | |
smtpd_sasl_type = dovecot | |
smtpd_sasl_path = private/auth | |
smtpd_sasl_local_domain = | |
smtpd_sasl_security_options = noanonymous | |
broken_sasl_auth_clients = yes | |
smtpd_sasl_auth_enable = yes | |
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment