roddewig-online DokuWiki

Zuletzt angesehen:
Sie befinden sich hier: start » howto » zarafa » main.cf

Dies ist eine alte Version des Dokuments!

#Informationen über den Server smtpd_banner = $myhostname ESMTP Mailserver

#Lokale Benutzer über neue Mails informieren biff = no

#Mailadressen durch den eignen Hostname vervollständigen append_dot_mydomain = no

# Uncomment the next line to generate „delayed mail“ warnings #delay_warning_time = 4h

readme_directory = no

content_filter=smtp-amavis:[127.0.0.1]:10024

# TLS parameters tls_ssl_options = NO_COMPRESSION tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA

maximal_queue_lifetime = 2h bounce_queue_lifetime = 2h maximal_backoff_time = 15m minimal_backoff_time = 5m queue_run_delay = 5m delay_warning_time = 5m bounce_template_file = /etc/postfix/bounce.cf

#TLS Ankommend smtp_tls_security_level = may smtp_tls_cert_file = /etc/postfix/ssl/cert.pem smtp_tls_key_file = /etc/postfix/ssl/privkey.pem smtp_tls_CAfile = /etc/postfix/ssl/fullchain.pem smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_mandatory_ciphers = high smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

#TLS Ausgehend smtpd_tls_security_level = may smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem smtpd_tls_key_file = /etc/postfix/ssl/privkey.pem smtpd_tls_CAfile = /etc/postfix/ssl/fullchain.pem smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_mandatory_ciphers = high smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client.

myhostname = fpoc.roddewig-online.de mydomain = int.roddewig-online.de alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $mydomain mydestination = mail.bunti.loc, mail1804.bunti.loc, mail1804.int.roddewig-online.de, localhost.bunti.loc, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24 mailbox_size_limit = 0 message_size_limit = 41943040 recipient_delimiter = + inet_interfaces = all

virtual_mailbox_domains = roddewig-online.de, edv-wak.de, super-mueller.de, elm-net.de virtual_mailbox_maps = hash:/etc/postfix/virtual virtual_alias_maps = hash:/etc/postfix/virtual virtual_transport = lmtp:127.0.0.1:2003

# SASL Authentication smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes

smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks 

                         # reject_invalid_helo_hostname
                         # reject_non_fqdn_helo_hostname
                         # reject_unknown_helo_hostname
              reject_unknown_reverse_client_hostname

smtpd_data_restrictions = reject_unauth_pipelining

smtpd_sender_restrictions = pcre:/etc/postfix/rejected_domains #reject_unauth_destinations = pcre:/etc/postfitx/rejected_domains

# No open relay! smtpd_recipient_restrictions = 

  permit_mynetworks
  permit_sasl_authenticated
  check_client_access hash:/etc/postfix/black-whitelist
  check_sender_access hash:/etc/postfix/black-whitelist

# check_policy_service unix:private/policy-spf 

  reject_invalid_hostname
  reject_non_fqdn_hostname
  reject_non_fqdn_sender
  reject_non_fqdn_recipient
  reject_unknown_sender_domain
  reject_unknown_recipient_domain
  reject_unknown_helo_hostname
  reject_unauth_pipelining
  reject_unauth_destination
  reject_rbl_client zen.spamhaus.org

# reject_rbl_client bl.spamcop.net # reject_rbl_client dul.dnsbl.sorbs.net # reject_rbl_client bl.spamcop.net # reject_rbl_client ix.dnsbl.manitu.net # reject_rbl_client cbl.abuseat.org 

  reject_rhsbl_helo db1.spamhaus.org
  reject_rhsbl_sender db1.spamhaus.org

# check_policy_service inet:127.0.0.1:10023 

  permit

#postscreen_access_list = permit_mynetworks #postscreen_blacklist_action = drop

#postscreen_greet_action = drop #postscreen_dnsbl_threshold = 2 #postscreen_dnsbl_sites = dnsbl.sorbs.net*1, bl.spamcop.net*1, ix.dnsbl.manitu.net*2 #, zen.spamhaus.org*2 #postscreen_dnsbl_action = drop

Zuletzt geändert: 2019/06/10 15:02
CC Attribution-Noncommercial 4.0 International Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Noncommercial 4.0 International