Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
| Beide Seiten der vorigen Revision Vorhergehende Überarbeitung | |||
|
howto:zarafa:main.cf [2019/06/10 15:14] h.roddewig gelöscht |
— (aktuell) | ||
|---|---|---|---|
| Zeile 1: | Zeile 1: | ||
| - | <code> | ||
| - | #Informationen über den Server | ||
| - | smtpd_banner = $myhostname ESMTP Mailserver | ||
| - | #Lokale Benutzer über neue Mails informieren | ||
| - | biff = no | ||
| - | |||
| - | #Mailadressen durch den eignen Hostname vervollständigen | ||
| - | append_dot_mydomain = no | ||
| - | |||
| - | # Uncomment the next line to generate "delayed mail" warnings | ||
| - | #delay_warning_time = 4h | ||
| - | |||
| - | readme_directory = no | ||
| - | |||
| - | content_filter=smtp-amavis:[127.0.0.1]:10024 | ||
| - | |||
| - | # TLS parameters | ||
| - | tls_ssl_options = NO_COMPRESSION | ||
| - | tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA | ||
| - | |||
| - | maximal_queue_lifetime = 2h | ||
| - | bounce_queue_lifetime = 2h | ||
| - | maximal_backoff_time = 15m | ||
| - | minimal_backoff_time = 5m | ||
| - | queue_run_delay = 5m | ||
| - | delay_warning_time = 5m | ||
| - | bounce_template_file = /etc/postfix/bounce.cf | ||
| - | |||
| - | #TLS Ankommend | ||
| - | smtp_tls_security_level = may | ||
| - | smtp_tls_cert_file = /etc/postfix/ssl/cert.pem | ||
| - | smtp_tls_key_file = /etc/postfix/ssl/privkey.pem | ||
| - | smtp_tls_CAfile = /etc/postfix/ssl/fullchain.pem | ||
| - | smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 | ||
| - | smtp_tls_mandatory_ciphers = high | ||
| - | smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | ||
| - | |||
| - | #TLS Ausgehend | ||
| - | smtpd_tls_security_level = may | ||
| - | smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem | ||
| - | smtpd_tls_key_file = /etc/postfix/ssl/privkey.pem | ||
| - | smtpd_tls_CAfile = /etc/postfix/ssl/fullchain.pem | ||
| - | smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 | ||
| - | smtpd_tls_mandatory_ciphers = high | ||
| - | smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | ||
| - | |||
| - | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | ||
| - | # information on enabling SSL in the smtp client. | ||
| - | |||
| - | myhostname = fpoc.roddewig-online.de | ||
| - | mydomain = int.roddewig-online.de | ||
| - | alias_maps = hash:/etc/aliases | ||
| - | alias_database = hash:/etc/aliases | ||
| - | myorigin = $mydomain | ||
| - | mydestination = mail.bunti.loc, mail1804.bunti.loc, mail1804.int.roddewig-online.de, localhost.bunti.loc, localhost | ||
| - | relayhost = | ||
| - | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24 | ||
| - | mailbox_size_limit = 0 | ||
| - | message_size_limit = 41943040 | ||
| - | recipient_delimiter = + | ||
| - | inet_interfaces = all | ||
| - | |||
| - | virtual_mailbox_domains = roddewig-online.de, edv-wak.de, super-mueller.de, elm-net.de | ||
| - | virtual_mailbox_maps = hash:/etc/postfix/virtual | ||
| - | virtual_alias_maps = hash:/etc/postfix/virtual | ||
| - | virtual_transport = lmtp:127.0.0.1:2003 | ||
| - | |||
| - | # SASL Authentication | ||
| - | smtpd_sasl_auth_enable = yes | ||
| - | smtpd_sasl_exceptions_networks = $mynetworks | ||
| - | smtpd_sasl_local_domain = $myhostname | ||
| - | smtpd_sasl_security_options = noanonymous | ||
| - | broken_sasl_auth_clients = yes | ||
| - | |||
| - | smtpd_helo_required = yes | ||
| - | smtpd_helo_restrictions = permit_mynetworks | ||
| - | # reject_invalid_helo_hostname | ||
| - | # reject_non_fqdn_helo_hostname | ||
| - | # reject_unknown_helo_hostname | ||
| - | reject_unknown_reverse_client_hostname | ||
| - | |||
| - | smtpd_data_restrictions = reject_unauth_pipelining | ||
| - | |||
| - | smtpd_sender_restrictions = pcre:/etc/postfix/rejected_domains | ||
| - | #reject_unauth_destinations = pcre:/etc/postfitx/rejected_domains | ||
| - | |||
| - | # No open relay! | ||
| - | smtpd_recipient_restrictions = | ||
| - | permit_mynetworks | ||
| - | permit_sasl_authenticated | ||
| - | check_client_access hash:/etc/postfix/black-whitelist | ||
| - | check_sender_access hash:/etc/postfix/black-whitelist | ||
| - | |||
| - | # check_policy_service unix:private/policy-spf | ||
| - | reject_invalid_hostname | ||
| - | reject_non_fqdn_hostname | ||
| - | reject_non_fqdn_sender | ||
| - | reject_non_fqdn_recipient | ||
| - | reject_unknown_sender_domain | ||
| - | reject_unknown_recipient_domain | ||
| - | reject_unknown_helo_hostname | ||
| - | reject_unauth_pipelining | ||
| - | reject_unauth_destination | ||
| - | reject_rbl_client zen.spamhaus.org | ||
| - | # reject_rbl_client bl.spamcop.net | ||
| - | # reject_rbl_client dul.dnsbl.sorbs.net | ||
| - | # reject_rbl_client bl.spamcop.net | ||
| - | # reject_rbl_client ix.dnsbl.manitu.net | ||
| - | # reject_rbl_client cbl.abuseat.org | ||
| - | reject_rhsbl_helo db1.spamhaus.org | ||
| - | reject_rhsbl_sender db1.spamhaus.org | ||
| - | # check_policy_service inet:127.0.0.1:10023 | ||
| - | permit | ||
| - | |||
| - | #postscreen_access_list = permit_mynetworks | ||
| - | #postscreen_blacklist_action = drop | ||
| - | |||
| - | #postscreen_greet_action = drop | ||
| - | #postscreen_dnsbl_threshold = 2 | ||
| - | #postscreen_dnsbl_sites = dnsbl.sorbs.net*1, bl.spamcop.net*1, ix.dnsbl.manitu.net*2 #, zen.spamhaus.org*2 | ||
| - | #postscreen_dnsbl_action = drop | ||
| - | </code> | ||
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Noncommercial 4.0 International