main.cf

From Lubaka, 9 Months ago, written in Plain Text, viewed 26 times.
URL https://paste.smirky.net/view/08ebe499 Embed
Download Paste or View Raw
  1. # LOCAL PATHNAME INFORMATION
  2. queue_directory = /var/spool/postfix
  3. command_directory = /usr/sbin
  4. data_directory = /var/lib/postfix
  5.  
  6. # QUEUE AND PROCESS OWNERSHIP
  7. mail_owner = postfix
  8.  
  9. # INTERNET HOST AND DOMAIN NAMES
  10. myhostname = mail.minchev.bg
  11. mydomain = minchev.bg
  12.  
  13. # SENDING MAIL
  14. #myorigin = $mydomain
  15. myorigin = $myhostname
  16.  
  17. # RECEIVING MAIL
  18. mydestination = localhost
  19. #mydestination =  $myhostname, localhost.$mydomain, mail.minchev.bg, mailback.minchev.bg, localhost
  20. inet_interfaces = 46.101.110.243, 127.0.0.1
  21.  
  22. #custom settings for master postfix configuration
  23. #https://www.akadia.com/services/postfix_mx_backup.html
  24. relay_domains = $mydestination, mailback.minchev.bg
  25. transport_maps = hash:/etc/postfix/transport
  26. relay_recipient_maps = hash:/etc/postfix/relay_recipients
  27.  
  28. #https://stackoverflow.com/questions/34266699/warning-pipe-flag-d-requires-dovecot-destination-recipient-limit-1
  29. #dovecot_destination_recipient_limit = 1
  30. #https://github.com/tomav/docker-mailserver/issues/362
  31. virtualprocmail_destination_recipient_limit = 1
  32.  
  33.  
  34. # REJECTING MAIL FROM UNKNOWN LOCAL USERS
  35. unknown_local_recipient_reject_code = 550
  36.  
  37. # TRUST AND RELAY CONTROL
  38. mynetworks_style = host
  39. #mynetworks = 46.101.110.240/29, 127.0.0.0/12
  40. mynetworks = 127.0.0.0/12
  41.  
  42. # DKIM SMTP SIGNATURE
  43. #smtpd_milters = inet:localhost:12301
  44. #smtpd_milters = unix:/var/run/opendkim/opendkim.sock
  45. #non_smtpd_milters = inet:localhost:12301
  46. #non_smtp_milters = unix:/var/run/opendkim/opendkim.sock
  47. milter_default_action = accept
  48. #milter_protocol = 6
  49.  
  50. # BEGIN of custom content
  51. home_mailbox = Maildir/
  52. #default_transport = smtp
  53.  
  54. #backup mail custom configuration
  55. #http://www.postfix.org/STANDARD_CONFIGURATION_README.html
  56. #relay_domains = shkolata.eu, lyubo.info, $mydestination
  57. #relay_recipient_maps = hash:/etc/postfix/relay_recipients
  58. #proxy_interfaces = 78.142.62.243
  59.  
  60. # VIRTUAL DOMAIN AND USER OPTIONS
  61. virtual_alias_maps = proxy:mysql:/etc/postfix/virtual_alias_maps.cf
  62. virtual_mailbox_domains = proxy:mysql:/etc/postfix/virtual_mailbox_domains.cf
  63. virtual_mailbox_maps = proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf
  64. virtual_mailbox_base = /var/mail
  65. virtual_mailbox_limit = 512000000
  66. virtual_minimum_uid = 7788
  67.  
  68. #virtual_transport = dovecot
  69. virtual_transport = virtualprocmail:email
  70. #virtual_transport = smtp:minchev.bg:
  71. #virtualprocmail_destination_recipient_limit=1
  72.  
  73. virtual_uid_maps = static:7788
  74. virtual_gid_maps = static:7788
  75. local_recipient_maps = $virtual_mailbox_maps
  76. sender_canonical_maps = hash:/etc/postfix/sender_canonical
  77.  
  78.  
  79. smtpd_sasl_auth_enable = yes
  80. smtpd_sasl_type = dovecot
  81. smtpd_sasl_path = /var/run/dovecot/auth-client
  82. #smtpd_sasl_path = private/auth
  83. smtpd_banner = mail.minchev.bg ESMTP $mail_name (Debian/GNU)
  84.  
  85. smtpd_sasl_security_options = noanonymous
  86. smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
  87. smtp_use_tls = yes
  88. smtpd_use_tls = yes
  89. smtp_tls_note_starttls_offer = yes
  90. smtpd_tls_received_header = yes
  91. smtpd_tls_session_cache_timeout = 3600s
  92.  
  93. smtpd_tls_cert_file=/etc/letsencrypt/live/minchev.bg/cert.pem
  94. smtpd_tls_key_file=/etc/letsencrypt/live/minchev.bg/privkey.pem
  95. smtpd_tls_CAfile=/etc/letsencrypt/live/minchev.bg/chain.pem
  96. smtp_tls_CAfile=/etc/letsencrypt/live/minchev.bg/chain.pem
  97. smtpd_sasl_local_domain = $mydomain
  98. broken_sasl_auth_clients = yes
  99. smtpd_tls_loglevel = 1
  100. tls_random_source = dev:/dev/urandom
  101. #policy-spf_time_limit = 3600s
  102.  
  103. # ALIAS DATABASE
  104. alias_maps = hash:/etc/postfix/virtual_alias_maps.cf
  105. alias_database = /etc/postfix/virtual_alias_maps.cf
  106.  
  107. # FIX EMPTY HEADERS
  108. always_add_missing_headers = yes
  109.  
  110.  
  111. # INSTALL-TIME CONFIGURATION INFORMATION
  112. sendmail_path = /usr/bin/sendmail
  113. newaliases_path = /usr/bin/newaliases
  114. mailq_path = /usr/bin/mailq
  115. setgid_group = postdrop
  116. html_directory = no
  117. manpage_directory = /usr/share/man
  118. readme_directory = /usr/share/doc/postfix
  119. inet_protocols = ipv4
  120.  
  121. smtpd_sender_login_maps = mysql:/etc/postfix/virtual_sender_login_maps.cf
  122.  
  123. smtpd_helo_required = yes
  124. smtpd_helo_restrictions = permit_mynetworks,
  125.                           check_client_access hash:/etc/postfix/rbl_whitelist,
  126.                           reject_invalid_helo_hostname,
  127.                           reject_non_fqdn_helo_hostname,
  128.                           reject_unknown_helo_hostname
  129.  
  130. smtpd_sender_restrictions =     permit_mynetworks,
  131.                                 check_client_access hash:/etc/postfix/rbl_whitelist,
  132.                                 reject_non_fqdn_sender,
  133.                                 reject_unknown_sender_domain
  134. #backup mail custom config
  135. smtpd_relay_restrictions =      permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
  136.  
  137. #smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
  138. smtpd_recipient_restrictions =
  139.   check_client_access hash:/etc/postfix/rbl_whitelist,
  140.   permit_sasl_authenticated, permit_mynetworks,
  141.   reject_non_fqdn_hostname,
  142.   reject_non_fqdn_sender,
  143.   reject_non_fqdn_recipient,
  144.   reject_unauth_destination,
  145.   reject_unauth_pipelining,
  146.   reject_invalid_hostname,
  147.   reject_rbl_client zen.spamhaus.org
  148.  
  149. smtpd_data_restrictions = reject_unauth_pipelining, permit
  150. #end custom settings
  151.  
  152. mailbox_size_limit = 107374182
  153. message_size_limit = 52428800
  154. body_checks_size_limit = 52428800
  155.  
  156. #Pocmail config
  157. mailbox_command = procmail -a "$EXTENSION"
  158. #mailbox_command = /usr/bin/procmail -a "$EXTENSION" DEFAULT=/var/mail/Maildir/ MAILDIR=/var/mail/Maildir/
  159.  
  160. #Disable the SMTP VRFY command. This stops some techniques used to harvest email addresses.
  161. disable_vrfy_command = yes
  162.  

Reply to "main.cf"

Here you can reply to the paste above

captcha