2014-11-03 15:05:19 +00:00
|
|
|
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
|
|
|
|
|
|
|
|
# Debian specific: Specifying a file name will cause the first
|
|
|
|
# line of that file to be used as the name. The Debian default
|
|
|
|
# is /etc/mailname.
|
|
|
|
#myorigin = /etc/mailname
|
|
|
|
|
2015-07-08 09:06:43 +00:00
|
|
|
smtpd_banner = $myhostname ESMTP $mail_name
|
2014-11-03 15:05:19 +00:00
|
|
|
biff = no
|
|
|
|
|
|
|
|
# appending .domain is the MUA's job.
|
|
|
|
append_dot_mydomain = no
|
|
|
|
|
|
|
|
# Uncomment the next line to generate "delayed mail" warnings
|
|
|
|
#delay_warning_time = 4h
|
|
|
|
|
|
|
|
readme_directory = no
|
|
|
|
|
|
|
|
# TLS parameters
|
|
|
|
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
|
|
|
|
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
|
|
|
|
smtpd_use_tls=yes
|
|
|
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
|
|
|
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
|
|
|
|
|
|
|
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
|
|
|
|
# information on enabling SSL in the smtp client.
|
|
|
|
|
|
|
|
myhostname = localhost
|
|
|
|
alias_maps = hash:/etc/aliases
|
|
|
|
alias_database = hash:/etc/aliases
|
2015-01-06 10:03:15 +00:00
|
|
|
mydestination = /etc/mailname, localhost.localdomain, localhost
|
2015-07-08 09:06:43 +00:00
|
|
|
relayhost =
|
2015-07-27 10:39:32 +00:00
|
|
|
mynetworks = 127.0.0.0/8 172.0.0.0/8
|
2014-11-03 15:05:19 +00:00
|
|
|
mailbox_size_limit = 0
|
|
|
|
recipient_delimiter = +
|
|
|
|
|
|
|
|
# SMTP configuration for incoming mail (port 25)
|
|
|
|
# Outgoing mail (port 587) configuration is specified in master.cf
|
|
|
|
|
|
|
|
# allow all connections (since we want to receive mail from outside)
|
|
|
|
smtpd_client_restrictions = permit
|
|
|
|
|
|
|
|
# Don't talk to mail systems that don't know their own hostname.
|
|
|
|
# With Postfix < 2.3, specify reject_unknown_hostname.
|
|
|
|
smtpd_helo_restrictions = permit
|
|
|
|
|
|
|
|
# Don't accept mail from domains that don't exist.
|
|
|
|
smtpd_sender_restrictions = permit
|
|
|
|
|
|
|
|
# Only accept mail where this server is the final destination
|
2015-07-27 10:39:32 +00:00
|
|
|
smtpd_relay_restrictions = permit_auth_destination, permit_mynetworks, reject
|
2014-11-03 15:05:19 +00:00
|
|
|
|
|
|
|
# Mail thats not for us gets filtered out by smtpd_relay_restrictions
|
|
|
|
# When the mail is for us, we just accept everything. (could add spam blocklists/user checking etc. here)
|
|
|
|
smtpd_recipient_restrictions = permit
|
|
|
|
|
|
|
|
# Delivery to dovecot
|
|
|
|
alias_maps = hash:/etc/aliases
|
|
|
|
alias_database = hash:/etc/aliases
|
|
|
|
virtual_alias_maps = hash:/etc/postfix/virtual
|
|
|
|
virtual_mailbox_domains = /etc/postfix/virtual-mailbox-domains
|
|
|
|
virtual_mailbox_maps = hash:/etc/postfix/virtual-mailbox-maps
|
|
|
|
virtual_transport = dovecot
|
|
|
|
dovecot_destination_recipient_limit = 1
|
|
|
|
|
|
|
|
# additional authentication settings
|
|
|
|
smtpd_tls_auth_only = yes
|
|
|
|
smtpd_sasl_auth_enable = yes
|
|
|
|
smtpd_sasl_type = dovecot
|
|
|
|
smtpd_sasl_path = private/auth
|