source: companies/celepar/emailadmin/doc/main.cf @ 763

Revision 763, 29.6 KB checked in by niltonneto, 15 years ago (diff)

Importação inicial do Expresso da Celepar

Line 
1# Global Postfix configuration file. This file lists only a subset
2# of all 300+ parameters. See the sample-xxx.cf files for a full list.
3#
4# The general format is lines with parameter = value pairs. Lines
5# that begin with whitespace continue the previous line. A value can
6# contain references to other $names or ${name}s.
7#
8# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF
9# POSTFIX STILL WORKS AFTER EVERY CHANGE.
10
11# SOFT BOUNCE
12#
13# The soft_bounce parameter provides a limited safety net for
14# testing.  When soft_bounce is enabled, mail will remain queued that
15# would otherwise bounce. This parameter disables locally-generated
16# bounces, and prevents the SMTP server from rejecting mail permanently
17# (by changing 5xx replies into 4xx replies). However, soft_bounce
18# is no cure for address rewriting mistakes or mail routing mistakes.
19#
20#soft_bounce = no
21
22# LOCAL PATHNAME INFORMATION
23#
24# The queue_directory specifies the location of the Postfix queue.
25# This is also the root directory of Postfix daemons that run chrooted.
26# See the files in examples/chroot-setup for setting up Postfix chroot
27# environments on different UNIX systems.
28#
29queue_directory = /var/spool/postfix
30
31# The command_directory parameter specifies the location of all
32# postXXX commands.
33#
34command_directory = /usr/sbin
35
36# The daemon_directory parameter specifies the location of all Postfix
37# daemon programs (i.e. programs listed in the master.cf file). This
38# directory must be owned by root.
39#
40daemon_directory = /usr/lib/postfix
41
42# QUEUE AND PROCESS OWNERSHIP
43#
44# The mail_owner parameter specifies the owner of the Postfix queue
45# and of most Postfix daemon processes.  Specify the name of a user
46# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
47# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM.  In
48# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
49# USER.
50#
51mail_owner = postfix
52
53# The default_privs parameter specifies the default rights used by
54# the local delivery agent for delivery to external file or command.
55# These rights are used in the absence of a recipient user context.
56# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
57#
58#default_privs = nobody
59
60# INTERNET HOST AND DOMAIN NAMES
61#
62# The myhostname parameter specifies the internet hostname of this
63# mail system. The default is to use the fully-qualified domain name
64# from gethostname(). $myhostname is used as a default value for many
65# other configuration parameters.
66#
67#myhostname = host.domain.tld
68#myhostname = virtual.domain.tld
69
70# The mydomain parameter specifies the local internet domain name.
71# The default is to use $myhostname minus the first component.
72# $mydomain is used as a default value for many other configuration
73# parameters.
74#
75#mydomain = domain.tld
76
77# SENDING MAIL
78#
79# The myorigin parameter specifies the domain that locally-posted
80# mail appears to come from. The default is to append $myhostname,
81# which is fine for small sites.  If you run a domain with multiple
82# machines, you should (1) change this to $mydomain and (2) set up
83# a domain-wide alias database that aliases each user to
84# user@that.users.mailhost.
85#
86# For the sake of consistency between sender and recipient addresses,
87# myorigin also specifies the default domain name that is appended
88# to recipient addresses that have no @domain part.
89#
90#myorigin = $myhostname
91#myorigin = $mydomain
92
93# RECEIVING MAIL
94
95# The inet_interfaces parameter specifies the network interface
96# addresses that this mail system receives mail on.  By default,
97# the software claims all active interfaces on the machine. The
98# parameter also controls delivery of mail to user@[ip.address].
99#
100# See also the proxy_interfaces parameter, for network addresses that
101# are forwarded to us via a proxy or network address translator.
102#
103# Note: you need to stop/start Postfix when this parameter changes.
104#
105#inet_interfaces = all
106#inet_interfaces = $myhostname
107#inet_interfaces = $myhostname, localhost
108
109# The proxy_interfaces parameter specifies the network interface
110# addresses that this mail system receives mail on by way of a
111# proxy or network address translation unit. This setting extends
112# the address list specified with the inet_interfaces parameter.
113#
114# You must specify your proxy/NAT addresses when your system is a
115# backup MX host for other domains, otherwise mail delivery loops
116# will happen when the primary MX host is down.
117#
118#proxy_interfaces =
119#proxy_interfaces = 1.2.3.4
120
121# The mydestination parameter specifies the list of domains that this
122# machine considers itself the final destination for.
123#
124# These domains are routed to the delivery agent specified with the
125# local_transport parameter setting. By default, that is the UNIX
126# compatible delivery agent that lookups all recipients in /etc/passwd
127# and /etc/aliases or their equivalent.
128#
129# The default is $myhostname + localhost.$mydomain.  On a mail domain
130# gateway, you should also include $mydomain.
131#
132# Do not specify the names of virtual domains - those domains are
133# specified elsewhere (see sample-virtual.cf).
134#
135# Do not specify the names of domains that this machine is backup MX
136# host for. Specify those names via the relay_domains settings for
137# the SMTP server, or use permit_mx_backup if you are lazy (see
138# sample-smtpd.cf).
139#
140# The local machine is always the final destination for mail addressed
141# to user@[the.net.work.address] of an interface that the mail system
142# receives mail on (see the inet_interfaces parameter).
143#
144# Specify a list of host or domain names, /file/name or type:table
145# patterns, separated by commas and/or whitespace. A /file/name
146# pattern is replaced by its contents; a type:table is matched when
147# a name matches a lookup key (the right-hand side is ignored).
148# Continue long lines by starting the next line with whitespace.
149#
150# DO NOT LIST RELAY DESTINATIONS IN MYDESTINATION.
151# SPECIFY RELAY DESTINATIONS IN RELAY_DOMAINS.
152#
153# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
154#
155#mydestination = $myhostname, localhost.$mydomain
156#mydestination = $myhostname, localhost.$mydomain $mydomain
157#mydestination = $myhostname, localhost.$mydomain, $mydomain,
158#       mail.$mydomain, www.$mydomain, ftp.$mydomain
159mydestination = $myhostname, localhost.$mydomain $mydomain,
160        kneschke.de, phpgw.de, egroupware.org, linux-at-work.de, lists.kneschke.de
161
162# REJECTING MAIL FOR UNKNOWN LOCAL USERS
163#
164# The local_recipient_maps parameter specifies optional lookup tables
165# with all names or addresses of users that are local with respect
166# to $mydestination and $inet_interfaces.
167#
168# If this parameter is defined, then the SMTP server will reject
169# mail for unknown local users. This parameter is defined by default.
170#
171# To turn off local recipient checking in the SMTP server, specify
172# local_recipient_maps = (i.e. empty).
173#
174# The default setting assumes that you use the default Postfix local
175# delivery agent for local delivery. You need to update the
176# local_recipient_maps setting if:
177#
178# - You define $mydestination domain recipients in files other than
179#   /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
180#   For example, you define $mydestination domain recipients in   
181#   the $virtual_mailbox_maps files.
182#
183# - You redefine the local delivery agent in master.cf.
184#
185# - You redefine the "local_transport" setting in main.cf.
186#
187# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
188#   feature of the Postfix local delivery agent (see sample-local.cf).
189#
190# Details are described in the LOCAL_RECIPIENT_README file.
191#
192# Beware: if the Postfix SMTP server runs chrooted, you probably have
193# to access the passwd file via the proxymap service, in order to
194# overcome chroot restrictions. The alternative, having a copy of
195# the system passwd file in the chroot jail is just not practical.
196#
197# The right-hand side of the lookup tables is conveniently ignored.
198# In the left-hand side, specify a bare username, an @domain.tld
199# wild-card, or specify a user@domain.tld address.
200#
201#local_recipient_maps = unix:passwd.byname $alias_maps
202#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
203#local_recipient_maps =
204
205# The unknown_local_recipient_reject_code specifies the SMTP server
206# response code when a recipient domain matches $mydestination or
207# $inet_interfaces, while $local_recipient_maps is non-empty and the
208# recipient address or address local-part is not found.
209#
210# The default setting is 550 (reject mail) but it is safer to start
211# with 450 (try again later) until you are certain that your
212# local_recipient_maps settings are OK.
213#
214unknown_local_recipient_reject_code = 550
215#unknown_local_recipient_reject_code = 450
216
217# TRUST AND RELAY CONTROL
218
219# The mynetworks parameter specifies the list of "trusted" SMTP
220# clients that have more privileges than "strangers".
221#
222# In particular, "trusted" SMTP clients are allowed to relay mail
223# through Postfix.  See the smtpd_recipient_restrictions parameter
224# in file sample-smtpd.cf.
225#
226# You can specify the list of "trusted" network addresses by hand
227# or you can let Postfix do it for you (which is the default).
228#
229# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
230# clients in the same IP subnetworks as the local machine.
231# On Linux, this does works correctly only with interfaces specified
232# with the "ifconfig" command.
233#
234# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
235# clients in the same IP class A/B/C networks as the local machine.
236# Don't do this with a dialup site - it would cause Postfix to "trust"
237# your entire provider's network.  Instead, specify an explicit
238# mynetworks list by hand, as described below.
239
240# Specify "mynetworks_style = host" when Postfix should "trust"
241# only the local machine.
242#
243#mynetworks_style = class
244#mynetworks_style = subnet
245#mynetworks_style = host
246
247# Alternatively, you can specify the mynetworks list by hand, in
248# which case Postfix ignores the mynetworks_style setting.
249#
250# Specify an explicit list of network/netmask patterns, where the
251# mask specifies the number of bits in the network part of a host
252# address.
253#
254# You can also specify the absolute pathname of a pattern file instead
255# of listing the patterns here. Specify type:table for table-based lookups
256# (the value on the table right-hand side is not used).
257#
258#mynetworks = 168.100.189.0/28, 127.0.0.0/8
259#mynetworks = $config_directory/mynetworks
260#mynetworks = hash:/etc/postfix/network_table
261
262# The relay_domains parameter restricts what destinations this system will
263# relay mail to.  See the smtpd_recipient_restrictions restriction in the
264# file sample-smtpd.cf for detailed information.
265#
266# By default, Postfix relays mail
267# - from "trusted" clients (IP address matches $mynetworks) to any destination,
268# - from "untrusted" clients to destinations that match $relay_domains or
269#   subdomains thereof, except addresses with sender-specified routing.
270# The default relay_domains value is $mydestination.
271#
272# In addition to the above, the Postfix SMTP server by default accepts mail
273# that Postfix is final destination for:
274# - destinations that match $inet_interfaces,
275# - destinations that match $mydestination
276# - destinations that match $virtual_alias_domains,
277# - destinations that match $virtual_mailbox_domains.
278# These destinations do not need to be listed in $relay_domains.
279#
280# Specify a list of hosts or domains, /file/name patterns or type:name
281# lookup tables, separated by commas and/or whitespace.  Continue
282# long lines by starting the next line with whitespace. A file name
283# is replaced by its contents; a type:name table is matched when a
284# (parent) domain appears as lookup key.
285#
286# NOTE: Postfix will not automatically forward mail for domains that
287# list this system as their primary or backup MX host. See the
288# permit_mx_backup restriction in the file sample-smtpd.cf.
289#
290#relay_domains = $mydestination
291
292# INTERNET OR INTRANET
293
294# The relayhost parameter specifies the default host to send mail to
295# when no entry is matched in the optional transport(5) table. When
296# no relayhost is given, mail is routed directly to the destination.
297#
298# On an intranet, specify the organizational domain name. If your
299# internal DNS uses no MX records, specify the name of the intranet
300# gateway host instead.
301#
302# In the case of SMTP, specify a domain, host, host:port, [host]:port,
303# [address] or [address]:port; the form [host] turns off MX lookups.
304#
305# If you're connected via UUCP, see also the default_transport parameter.
306#
307#relayhost = $mydomain
308#relayhost = gateway.my.domain
309#relayhost = uucphost
310#relayhost = [an.ip.add.ress]
311
312# REJECTING UNKNOWN RELAY USERS
313#
314# The relay_recipient_maps parameter specifies optional lookup tables
315# with all addresses in the domains that match $relay_domains.
316#
317# If this parameter is defined, then the SMTP server will reject
318# mail for unknown relay users. This feature is off by default.
319#
320# The right-hand side of the lookup tables is conveniently ignored.
321# In the left-hand side, specify an @domain.tld wild-card, or specify
322# a user@domain.tld address.
323#
324#relay_recipient_maps = hash:/etc/postfix/relay_recipients
325
326# INPUT RATE CONTROL
327#
328# The in_flow_delay configuration parameter implements mail input
329# flow control. This feature is turned on by default, although it
330# still needs further development (it's disabled on SCO UNIX due
331# to an SCO bug).
332#
333# A Postfix process will pause for $in_flow_delay seconds before
334# accepting a new message, when the message arrival rate exceeds the
335# message delivery rate. With the default 100 SMTP server process
336# limit, this limits the mail inflow to 100 messages a second more
337# than the number of messages delivered per second.
338#
339# Specify 0 to disable the feature. Valid delays are 0..10.
340#
341#in_flow_delay = 1s
342
343# ADDRESS REWRITING
344#
345# Insert text from sample-rewrite.cf if you need to do address
346# masquerading.
347#
348# Insert text from sample-canonical.cf if you need to do address
349# rewriting, or if you need username->Firstname.Lastname mapping.
350
351# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
352#
353# Insert text from sample-virtual.cf if you need virtual domain support.
354
355# "USER HAS MOVED" BOUNCE MESSAGES
356#
357# Insert text from sample-relocated.cf if you need "user has moved"
358# style bounce messages. Alternatively, you can bounce recipients
359# with an SMTP server access table. See sample-smtpd.cf.
360
361# TRANSPORT MAP
362#
363# Insert text from sample-transport.cf if you need explicit routing.
364
365# ALIAS DATABASE
366#
367# The alias_maps parameter specifies the list of alias databases used
368# by the local delivery agent. The default list is system dependent.
369#
370# On systems with NIS, the default is to search the local alias
371# database, then the NIS alias database. See aliases(5) for syntax
372# details.
373#
374# If you change the alias database, run "postalias /etc/aliases" (or
375# wherever your system stores the mail alias file), or simply run
376# "newaliases" to build the necessary DBM or DB file.
377#
378# It will take a minute or so before changes become visible.  Use
379# "postfix reload" to eliminate the delay.
380#
381#alias_maps = dbm:/etc/aliases
382#alias_maps = hash:/etc/aliases
383#alias_maps = hash:/etc/aliases, nis:mail.aliases
384#alias_maps = netinfo:/aliases
385
386# The alias_database parameter specifies the alias database(s) that
387# are built with "newaliases" or "sendmail -bi".  This is a separate
388# configuration parameter, because alias_maps (see above) may specify
389# tables that are not necessarily all under control by Postfix.
390#
391#alias_database = dbm:/etc/aliases
392#alias_database = dbm:/etc/mail/aliases
393#alias_database = hash:/etc/aliases
394#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
395
396# ADDRESS EXTENSIONS (e.g., user+foo)
397#
398# The recipient_delimiter parameter specifies the separator between
399# user names and address extensions (user+foo). See canonical(5),
400# local(8), relocated(5) and virtual(5) for the effects this has on
401# aliases, canonical, virtual, relocated and .forward file lookups.
402# Basically, the software tries user+foo and .forward+foo before
403# trying user and .forward.
404#
405#recipient_delimiter = +
406
407# DELIVERY TO MAILBOX
408#
409# The home_mailbox parameter specifies the optional pathname of a
410# mailbox file relative to a user's home directory. The default
411# mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
412# "Maildir/" for qmail-style delivery (the / is required).
413#
414#home_mailbox = Mailbox
415#home_mailbox = Maildir/
416 
417# The mail_spool_directory parameter specifies the directory where
418# UNIX-style mailboxes are kept. The default setting depends on the
419# system type.
420#
421#mail_spool_directory = /var/mail
422#mail_spool_directory = /var/spool/mail
423
424# The mailbox_command parameter specifies the optional external
425# command to use instead of mailbox delivery. The command is run as
426# the recipient with proper HOME, SHELL and LOGNAME environment settings.
427# Exception:  delivery for root is done as $default_user.
428#
429# Other environment variables of interest: USER (recipient username),
430# EXTENSION (address extension), DOMAIN (domain part of address),
431# and LOCAL (the address localpart).
432#
433# Unlike other Postfix configuration parameters, the mailbox_command
434# parameter is not subjected to $parameter substitutions. This is to
435# make it easier to specify shell syntax (see example below).
436#
437# Avoid shell meta characters because they will force Postfix to run
438# an expensive shell process. Procmail alone is expensive enough.
439#
440# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN
441# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER.
442#
443#mailbox_command = /some/where/procmail
444#mailbox_command = /some/where/procmail -a "$EXTENSION"
445
446# The mailbox_transport specifies the optional transport in master.cf
447# to use after processing aliases and .forward files. This parameter
448# has precedence over the mailbox_command, fallback_transport and
449# luser_relay parameters.
450#
451# Specify a string of the form transport:nexthop, where transport is
452# the name of a mail delivery transport defined in master.cf.  The
453# :nexthop part is optional. For more details see the sample transport
454# configuration file.
455#
456# NOTE: if you use this feature for accounts not in the UNIX password
457# file, then you must update the "local_recipient_maps" setting in
458# the main.cf file, otherwise the SMTP server will reject mail for   
459# non-UNIX accounts with "User unknown in local recipient table".
460#
461#mailbox_transport = lmtp:unix:/file/name
462mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
463#mailbox_transport = cyrus
464
465# The fallback_transport specifies the optional transport in master.cf
466# to use for recipients that are not found in the UNIX passwd database.
467# This parameter has precedence over the luser_relay parameter.
468#
469# Specify a string of the form transport:nexthop, where transport is
470# the name of a mail delivery transport defined in master.cf.  The
471# :nexthop part is optional. For more details see the sample transport
472# configuration file.
473#
474# NOTE: if you use this feature for accounts not in the UNIX password
475# file, then you must update the "local_recipient_maps" setting in
476# the main.cf file, otherwise the SMTP server will reject mail for   
477# non-UNIX accounts with "User unknown in local recipient table".
478#
479#fallback_transport = lmtp:unix:/file/name
480#fallback_transport = cyrus
481#fallback_transport =
482
483# The luser_relay parameter specifies an optional destination address
484# for unknown recipients.  By default, mail for unknown@$mydestination
485# and unknown@[$inet_interfaces] is returned as undeliverable.
486#
487# The following expansions are done on luser_relay: $user (recipient
488# username), $shell (recipient shell), $home (recipient home directory),
489# $recipient (full recipient address), $extension (recipient address
490# extension), $domain (recipient domain), $local (entire recipient
491# localpart), $recipient_delimiter. Specify ${name?value} or
492# ${name:value} to expand value only when $name does (does not) exist.
493#
494# luser_relay works only for the default Postfix local delivery agent.
495#
496# NOTE: if you use this feature for accounts not in the UNIX password
497# file, then you must specify "local_recipient_maps =" (i.e. empty) in
498# the main.cf file, otherwise the SMTP server will reject mail for   
499# non-UNIX accounts with "User unknown in local recipient table".
500#
501#luser_relay = $user@other.host
502#luser_relay = $local@other.host
503#luser_relay = admin+$local
504 
505# JUNK MAIL CONTROLS
506#
507# The controls listed here are only a very small subset. See the file
508# sample-smtpd.cf for an elaborate list of anti-UCE controls.
509
510# The header_checks parameter specifies an optional table with patterns
511# that each logical message header is matched against, including
512# headers that span multiple physical lines.
513#
514# By default, these patterns also apply to MIME headers and to the
515# headers of attached messages. With older Postfix versions, MIME and
516# attached message headers were treated as body text.
517#
518# For details, see the sample-filter.cf file.
519#
520#header_checks = regexp:/etc/postfix/header_checks
521
522# FAST ETRN SERVICE
523#
524# Postfix maintains per-destination logfiles with information about
525# deferred mail, so that mail can be flushed quickly with the SMTP
526# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".
527#
528# By default, Postfix maintains deferred mail logfile information
529# only for destinations that Postfix is willing to relay to (as
530# specified in the relay_domains parameter). For other destinations,
531# Postfix attempts to deliver ALL queued mail after receiving the
532# SMTP "ETRN domain.tld" command, or after execution of "sendmail
533# -qRdomain.tld". This can be slow when a lot of mail is queued.
534#
535# The fast_flush_domains parameter controls what destinations are
536# eligible for this "fast ETRN/sendmail -qR" service.
537#
538#fast_flush_domains = $relay_domains
539#fast_flush_domains =
540
541# The disable_vrfy_command parameter allows you to disable the SMTP
542# VRFY command. This stops some techniques used by spammers to harvest
543# email addresses.
544#
545disable_vrfy_command = yes
546
547# SHOW SOFTWARE VERSION OR NOT
548#
549# The smtpd_banner parameter specifies the text that follows the 220
550# code in the SMTP server's greeting banner. Some people like to see
551# the mail version advertised. By default, Postfix shows no version.
552#
553# You MUST specify $myhostname at the start of the text. That is an
554# RFC requirement. Postfix itself does not care.
555#
556#smtpd_banner = $myhostname ESMTP $mail_name
557#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
558
559# PARALLEL DELIVERY TO THE SAME DESTINATION
560#
561# How many parallel deliveries to the same user or domain? With local
562# delivery, it does not make sense to do massively parallel delivery
563# to the same user, because mailbox updates must happen sequentially,
564# and expensive pipelines in .forward files can cause disasters when
565# too many are run at the same time. With SMTP deliveries, 10
566# simultaneous connections to the same domain could be sufficient to
567# raise eyebrows.
568#
569# Each message delivery transport has its XXX_destination_concurrency_limit
570# parameter.  The default is $default_destination_concurrency_limit for
571# most delivery transports. For the local delivery agent the default is 2.
572
573#local_destination_concurrency_limit = 2
574#default_destination_concurrency_limit = 20
575
576# DEBUGGING CONTROL
577#
578# The debug_peer_level parameter specifies the increment in verbose
579# logging level when an SMTP client or server host name or address
580# matches a pattern in the debug_peer_list parameter.
581#
582debug_peer_level = 2
583
584# The debug_peer_list parameter specifies an optional list of domain
585# or network patterns, /file/name patterns or type:name tables. When
586# an SMTP client or server host name or address matches a pattern,
587# increase the verbose logging level by the amount specified in the
588# debug_peer_level parameter.
589#
590#debug_peer_list = 127.0.0.1
591#debug_peer_list = some.domain
592
593# The debugger_command specifies the external command that is executed
594# when a Postfix daemon program is run with the -D option.
595#
596# Use "command .. & sleep 5" so that the debugger can attach before
597# the process marches on. If you use an X-based debugger, be sure to
598# set up your XAUTHORITY environment variable before starting Postfix.
599#
600debugger_command =
601         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
602         xxgdb $daemon_directory/$process_name $process_id & sleep 5
603
604# If you don't have X installed on the Postfix machine, try:
605# debugger_command =
606#       PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
607#       echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
608#       >$config_directory/$process_name.$process_id.log & sleep 5
609
610# INSTALL-TIME CONFIGURATION INFORMATION
611#
612# The following parameters are used when installing a new Postfix version.
613#
614# sendmail_path: The full pathname of the Postfix sendmail command.
615# This is the Sendmail-compatible mail posting interface.
616#
617sendmail_path = /usr/sbin/sendmail
618
619# newaliases_path: The full pathname of the Postfix newaliases command.
620# This is the Sendmail-compatible command to build alias databases.
621#
622newaliases_path = /usr/bin/newaliases
623
624# mailq_path: The full pathname of the Postfix mailq command.  This
625# is the Sendmail-compatible mail queue listing command.
626#
627mailq_path = /usr/bin/mailq
628
629# setgid_group: The group for mail submission and queue management
630# commands.  This must be a group name with a numerical group ID that
631# is not shared with other accounts, not even with the Postfix account.
632#
633setgid_group = postdrop
634
635# manpage_directory: The location of the Postfix on-line manual pages.
636#
637manpage_directory = /usr/share/man
638
639# sample_directory: The location of the Postfix sample configuration files.
640#
641sample_directory = /usr/share/doc/postfix-2.0.19/sample
642
643# readme_directory: The location of the Postfix README files.
644#
645readme_directory = /usr/share/doc/postfix-2.0.19/readme
646default_destination_concurrency_limit = 2
647#alias_database = hash:/etc/mail/aliases
648local_destination_concurrency_limit = 2
649alias_maps = hash:/etc/mail/aliases
650
651content_filter = smtp-amavis:[127.0.0.1]:10024
652queue_minfree      = 100000000
653message_size_limit =  50000000
654mailbox_size_limit = 500000000
655smtpd_helo_required=yes
656smtpd_helo_restrictions=permit_mynetworks, reject_invalid_hostname, reject_invalid_hostname
657smtpd_sender_restrictions=permit_mynetworks, reject_unknown_sender_domain, reject_non_fqdn_sender
658
659virtual_maps = ldap:aliases, ldap:mailboxes
660
661aliases_server_host             = 127.0.0.1
662aliases_search_base             = dc=domain,dc=loc
663aliases_query_filter            = (&(|(mail=%s)(mailalternateaddress=%s))(objectclass=posixaccount)(deliveryMode=forwardonly)(accountstatus=active))
664aliases_bind_dn                 = cn=thepostfixadmin,dc=domain,dc=loc
665aliases_bind_pw                 = thepassword
666aliases_result_attribute        = mailforwardingaddress
667aliases_version                 = 3
668
669mailboxes_server_host           = 127.0.0.1
670mailboxes_search_base           = dc=domain,dc=loc
671mailboxes_query_filter          = (&(|(mail=%s)(mailalternateaddress=%s))(objectclass=posixaccount)(accountstatus=active))
672mailboxes_bind_dn               = cn=thepostfixadmin,dc=domain,dc=loc
673mailboxes_bind_pw               = thepassword
674mailboxes_result_attribute      = uid, mailforwardingaddress
675mailboxes_version               = 3
676
677
678#SMTPD mit SASL-Authentification verwenden
679smtpd_sasl_auth_enable          = yes
680
681#Zusatz-Optionen: Keine anonyme-Anmeldung verwenden
682smtpd_sasl_security_options     = noanonymous
683
684#Wieder ein Workaround für ältere Clients und Outlook
685broken_sasl_auth_clients        = yes
686
687# ODER meine Netze und SASL erlauben
688smtpd_recipient_restrictions =
689        permit_mynetworks,
690        permit_sasl_authenticated,
691        reject_rbl_client relays.ordb.org,
692        reject_rbl_client sbl-xbl.spamhaus.org,
693        reject_rbl_client opm.blitzed.org,
694        reject_rbl_client dnsbl.njabl.org,
695        reject_rbl_client blackholes.wirehub.net,
696        reject_rbl_client list.dsbl.org,
697        reject_rbl_client dnsbl.sorbs.net,
698        reject_unauth_destination,
699        reject_non_fqdn_sender,
700        reject_non_fqdn_recipient,
701        reject_unauth_pipelining,
702        reject_unknown_sender_domain,
703        reject_unknown_recipient_domain
704
705#       reject_unknown_client
706#       reject_rbl_client proxies.relays.monkeys.com,
707
708# incoming SSL
709smtpd_use_tls = yes
710#smtpd_tls_auth_only = yes
711smtpd_tls_key_file = /etc/ssl/private/smtp.linux-at-work.de/smtp.linux-at-work.de.key
712smtpd_tls_cert_file = /etc/ssl/private/smtp.linux-at-work.de/smtp.linux-at-work.de.crt
713smtpd_tls_CAfile = /etc/ssl/certs/ca-cert.pem
714smtpd_tls_loglevel = 1
715smtpd_tls_received_header = yes
716smtpd_tls_session_cache_timeout = 3600s
717tls_random_source = dev:/dev/urandom
718
719#outgoing SSL
720smtp_tls_key_file  = /etc/ssl/private/smtp.linux-at-work.de/smtp.linux-at-work.de.key
721smtp_tls_cert_file = /etc/ssl/private/smtp.linux-at-work.de/smtp.linux-at-work.de.crt
722smtp_tls_CAfile    = /etc/ssl/certs/ca-cert.pem
723smtp_tls_CApath    = /etc/ssl/certs
724smtp_tls_loglevel  = 2
725# The server and client negotiate a session, which takes some computer time
726# and network bandwidth. The session is cached only in the smtpd process
727# actually using this session and is lost when the process dies.
728# To share the session information between the smtp processes, a disc based
729# session cache can be used based on the SDBM databases (routines included
730# in Postfix/TLS). Since concurrent writing must be supported, only SDBM
731# can be used.
732#
733smtp_tls_session_cache_database = sdbm:/etc/postfix/smtp_scache
734
735# By default TLS is disabled, so no difference to plain postfix is visible.
736# If you enable TLS it will be used when offered by the server.
737# WARNING: I didn't have access to other software (except those explicitely
738# listed) to test the interaction. On corresponding mailing list
739# there was a discussion going on about MS exchange servers offering
740# STARTTLS even if it is not configured, so it might be wise to not
741# use this option on your central mail hub, as you don't know in advance
742# whether you are going to hit such host. Use the recipient/site specific
743# options instead.
744# HINT: I have it switched on on my mailservers and did experience one
745# single failure since client side TLS is implemented. (There was one
746# misconfired MS Exchange server; I contacted ths admin.) Hence, I am happy
747# with it running all the time, but I am interested in testing anyway.
748# You have been warned, however :-)
749#
750# In case of failure, a "4xx" code is issued and the mail stays in the queue.
751#
752# Explicitely switch it on here, if you want it.
753#
754#smtp_use_tls = yes
Note: See TracBrowser for help on using the repository browser.