You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
  1. # See /usr/share/postfix/main.cf.dist for a commented, more complete version
  2. # Debian specific: Specifying a file name will cause the first
  3. # line of that file to be used as the name. The Debian default
  4. # is /etc/mailname.
  5. #myorigin = /etc/mailname
  6. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
  7. biff = no
  8. # appending .domain is the MUA's job.
  9. append_dot_mydomain = no
  10. # Uncomment the next line to generate "delayed mail" warnings
  11. #delay_warning_time = 4h
  12. readme_directory = no
  13. # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
  14. # information on enabling SSL in the smtp client.
  15. mydomain = MAIL_DOMAIN
  16. myhostname = MAIL_HOSTNAME
  17. alias_maps = hash:/etc/aliases
  18. alias_database = hash:/etc/aliases
  19. myorigin = $mydomain
  20. mydestination = localhost
  21. relayhost =
  22. mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
  23. mailbox_command = procmail -a "$EXTENSION"
  24. mailbox_size_limit = 0
  25. recipient_delimiter = +
  26. inet_interfaces = all
  27. recipient_bcc_maps = pgsql:/etc/postfix/pgsql_recipient_bcc.cf
  28. transport_maps = pgsql:/etc/postfix/pgsql_transport.cf
  29. virtual_mailbox_domains = pgsql:/etc/postfix/pgsql_virtual_mailbox_domains.cf
  30. virtual_mailbox_maps = pgsql:/etc/postfix/pgsql_virtual_mailbox_maps.cf
  31. virtual_alias_maps = pgsql:/etc/postfix/pgsql_virtual_alias_maps.cf,
  32. pgsql:/etc/postfix/pgsql_virtual_alias_maps_regexp.cf,
  33. pgsql:/etc/postfix/pgsql_virtual_alias_maps_alias.cf
  34. relay_domains = pgsql:/etc/postfix/pgsql_relay_domains.cf
  35. virtual_minimum_uid=100
  36. virtual_uid_maps=static:7788
  37. virtual_gid_maps=static:7788
  38. virtual_transport=lmtp:inet:DOVECOT_HOST:DOVECOT_LMTP_PORT
  39. dovecot_destination_recipient_limit = 1
  40. smtpd_tls_cert_file=/etc/ssl/private/mail.crt
  41. smtpd_tls_key_file=/etc/ssl/private/mail.key
  42. smtpd_tls_CAfile=/etc/ssl/private/mail-chain.crt
  43. smtp_tls_CAfile=/etc/ssl/private/mail-chain.crt
  44. smtp_use_tls=yes
  45. smtpd_use_tls=yes
  46. smtpd_tls_loglevel=1
  47. smtpd_tls_received_header=yes
  48. tls_random_source=dev:/dev/urandom
  49. smtp_tls_note_starttls_offer=no
  50. smtpd_tls_session_cache_timeout=3600s
  51. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
  52. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
  53. queue_directory=/var/spool/postfix
  54. smtpd_sasl_type=dovecot
  55. smtpd_sasl_path=inet:DOVECOT_HOST:DOVECOT_SASL_PORT
  56. smtpd_sasl_auth_enable=yes
  57. broken_sasl_auth_clients=yes
  58. smtpd_sasl_security_options=noanonymous
  59. smtpd_sasl_tls_security_options=$smtpd_sasl_security_options
  60. smtpd_sasl_local_domain=$myhostname
  61. smtpd_helo_required=yes
  62. smtpd_helo_restrictions=reject_invalid_helo_hostname
  63. smtpd_recipient_restrictions=permit_mynetworks,
  64. permit_sasl_authenticated,
  65. reject_unknown_recipient_domain,
  66. reject_unauth_pipelining,
  67. reject_unauth_destination
  68. message_size_limit = 0
  69. milter_default_action = accept
  70. milter_protocol = 6
  71. smtpd_milters = inet:MILTER_SASL_HOST:MILTER_SASL_PORT,
  72. inet:OPENDKIM_HOST:OPENDKIM_PORT
  73. non_smtpd_milters = inet:OPENDKIM_HOST:OPENDKIM_PORT
  74. smtpd_relay_restrictions = permit_mynetworks,
  75. permit_sasl_authenticated,
  76. reject_unknown_recipient_domain,
  77. reject_unauth_pipelining,
  78. reject_unauth_destination
  79. sender_canonical_maps = tcp:POSTSRS_HOST:POSTSRS_PORT_FORWARD
  80. sender_canonical_classes = envelope_sender
  81. recipient_canonical_maps = tcp:POSTSRS_HOST:POSTSRS_PORT_REVERSE
  82. recipient_canonical_classes = envelope_recipient