43 lines
1.5 KiB
CFEngine3
43 lines
1.5 KiB
CFEngine3
myhostname = mail.REPLACEME.TLD
|
|
compatibility_level = 2
|
|
mail_owner = postfix
|
|
setgid_group = postdrop
|
|
myorigin = $mydomain
|
|
inet_interfaces = all
|
|
inet_protocols = ipv4
|
|
mydestination = localhost, $mydomain, $myhostname
|
|
relay_domains = $mydestination
|
|
unknown_local_recipient_reject_code = 450
|
|
mynetworks_style = host
|
|
alias_database = $alias_maps
|
|
home_mailbox = Mail/
|
|
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
|
|
alias_maps = hash:/etc/postfix/aliases
|
|
queue_directory = /var/spool/postfix
|
|
command_directory = /usr/bin
|
|
daemon_directory = /usr/lib/postfix/bin
|
|
data_directory = /var/lib/postfix
|
|
manpage_directory = /usr/share/man
|
|
readme_directory = /usr/share/doc/postfix
|
|
meta_directory = /etc/postfix
|
|
shlib_directory = /usr/lib/postfix
|
|
sendmail_path = /usr/bin/sendmail
|
|
newaliases_path = /usr/bin/newaliases
|
|
mailq_path = /usr/bin/mailq
|
|
mailbox_command = /usr/bin/procmail
|
|
html_directory = no
|
|
|
|
smtpd_tls_loglevel = 1
|
|
smtpd_use_tls = yes
|
|
smtpd_tls_protocols = !SSLv2, !SSLv3
|
|
smtpd_tls_ciphers = high
|
|
smtpd_tls_cert_file = /etc/letsencrypt/live/$mydomain/fullchain.pem
|
|
smtpd_tls_key_file = /etc/letsencrypt/live/$mydomain/privkey.pem
|
|
smtpd_tls_security_level = encrypt
|
|
smtpd_sasl_auth_enable = yes
|
|
smtpd_sasl_type = dovecot
|
|
smtpd_sasl_path = /var/spool/postfix/private/auth
|
|
smtpd_sasl_security_options = noanonymous
|
|
smtpd_sasl_local_domain = $myhostname
|
|
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
|
|
smtpd_sender_restrictions = permit_sasl_authenticated,permit_mynetworks
|