summaryrefslogtreecommitdiff
path: root/packages/postfix/files/main.cf_2.0
blob: 1a6ddabbf3d619dd75c5acc98ff7547de84a6383 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
#!/bin/sh
cat <<EOF
# Configure your domain and accounts
mydomain=sample.com
mynetworks = 127.0.0.1/32 192.168.1.0/24

virtual_mailbox_domains = sample.com, other.net
virtual_mailbox_maps = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual_alias


# You'll start with the following lines for maildir storage
virtual_mailbox_base = /var/spool/vmail
virtual_uid_maps = static:`grep vmail /etc/passwd | cut -d ":" -f 3`
virtual_gid_maps = static:`grep vmail /etc/passwd | cut -d ":" -f 4`


# You'll start with the following lines for IMAP storage
#virtual_transport = lmtp:unix:/var/lib/cyrus/socket/lmtp


# General stuff here again
config_directory = /etc/postfix
sample_directory = /etc/postfix
queue_directory = /var/spool/postfix
mail_spool_directory = /var/spool/mail
readme_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
setgid_group = postdrop
mydestination =
unknown_local_recipient_reject_code = 450
mynetworks_style = host
debug_peer_level = 2
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq

smtpd_data_restrictions =
        permit_mynetworks,
        reject_unauth_pipelining,
        permit

smtpd_client_restrictions =
        permit_mynetworks,
        # reject_unknown_client, # This can cause a lot of false rejects.
        reject_invalid_hostname,
        reject_rbl_client list.dsbl.org,
        reject_rbl_client sbl.spamhaus.org,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client dul.dnsbl.sorbs.net,
        permit

smtpd_helo_required = yes
smtpd_helo_restrictions =
        permit_mynetworks,
        reject_unauth_pipelining,
        # reject_non_fqdn_hostname, # This can cause a lot of false rejects.
        # reject_unknown_hostname, # This can cause a lot of false rejects.
        reject_invalid_hostname,
        permit

smtpd_sender_restrictions =
        permit_mynetworks,
        reject_non_fqdn_sender,
        # check_sender_access hash:/etc/postfix/access_domains,
        reject_unknown_sender_domain,
        permit

smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,

        # check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
        # check_helo_access pcre:/etc/postfix/helo_checks.pcre,

        # check_client_access hash:/etc/postfix/maps/access_client,
        # check_client_access hash:/etc/postfix/maps/exceptions_client,
        # check_helo_access hash:/etc/postfix/maps/access_helo,
        # check_helo_access hash:/etc/postfix/maps/verify_helo,
        # check_sender_access hash:/etc/postfix/maps/access_sender,
        # check_sender_access hash:/etc/postfix/maps/verify_sender,
        # check_recipient_access hash:/etc/postfix/maps/access_recipient,

        # reject_multi_recipient_bounce,
        reject_non_fqdn_recipient,
        reject_unknown_recipient_domain,
        # reject_unlisted_recipient,
        #check_policy_service unix:private/policy,

        # check_sender_access hash:/etc/postfix/maps/no_verify_sender,
        # check_sender_access hash:/etc/postfix/access_domains,
        # reject_unverified_sender,
        # reject_unverified_recipient
        check_recipient_access hash:/etc/postfix/internal_recipient

disable_vrfy_command = yes

EOF