server-configs/postfix/main.cf

51 lines
1.7 KiB
CFEngine3

myhostname = mail.REPLACEME.TLD
compatibility_level = 2
mail_owner = postfix
setgid_group = postdrop
myorigin = $mydomain
inet_interfaces = all
inet_protocols = ipv4
mydestination = localhost, $mydomain, $myhostname
relay_domains = $mydestination
unknown_local_recipient_reject_code = 450
mynetworks_style = host
alias_database = $alias_maps
home_mailbox = Mail/
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
alias_maps = hash:/etc/postfix/aliases
queue_directory = /var/spool/postfix
command_directory = /usr/bin
daemon_directory = /usr/lib/postfix/bin
data_directory = /var/lib/postfix
manpage_directory = /usr/share/man
readme_directory = /usr/share/doc/postfix
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
sendmail_path = /usr/bin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
mailbox_command = /usr/bin/procmail
html_directory = no
mailbox_size_limit = 1024000000
message_size_limit = 51200000
smtpd_tls_loglevel = 1
smtpd_use_tls = yes
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_ciphers = high
smtpd_tls_cert_file = /etc/letsencrypt/live/$mydomain/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/$mydomain/privkey.pem
smtpd_tls_security_level = may
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sender_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unknown_sender_domain
non_smtpd_milters=inet:127.0.0.1:8891
smtpd_milters=inet:127.0.0.1:8891
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C RESOLV_MULTI=on