Administrace komentářů

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
delay_warning_time = 4h

smtp_connect_timeout = 120

smtpd_banner 				= $myhostname ESMTP $mail_name (Debian/GNU)
biff 					= no

mydomain				= domena.cz
myhostname 				= smtp.domena.cz
myorigin 				= $mydomain
mydestination 				= localhost
relayhost 				= 
mynetworks 				= 127.0.0.0/8
					  10.0.10.0/24
					  10.0.11.0/24
recipient_delimiter 			= +
inet_interfaces 			= all
home_mailbox				= Maildir/

alias_maps	 			= hash:/etc/aliases
alias_database				= hash:/etc/aliases
#mailbox_command			= /usr/bin/procmail -a "$EXTENSION"
#mail_spool_directory			= /var/spool/mail
mail_spool_directory			= /sysdata/vmail

transport_maps 				= proxy:mysql:/etc/postfix/mysql-virtual-transport.cf

virtual_mailbox_domains 		= mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_base 			= /sysdata/vmail
virtual_uid_maps 			= static:5000
virtual_gid_maps 			= static:5000
virtual_mailbox_maps 			= mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps 			= mysql:/etc/postfix/mysql-email2email.cf,mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_transport 			= dovecot

dovecot_destination_recipient_limit 	= 1

unknown_local_recipient_reject_code 	= 554
unknown_client_reject_code		= 554
unknown_hostname_reject_code		= 554
unknown_local_recipient_reject_code	= 554
unknown_relay_recipient_reject_code	= 554
unknown_sender_reject_code		= 554
unknown_virtual_alias_reject_code	= 554
unknown_virtual_mailbox_reject_code	= 554
unverified_recipient_reject_code	= 554
unverified_sender_reject_code		= 554


# AMAVIS parameters
content_filter = amavisd-new:[127.0.0.1]:10024
# AMAVIS end


# SASL parameters
smtpd_sasl_auth_enable		 =  yes
smtpd_sasl_security_options	 =  noanonymous
broken_sasl_auth_clients	 =  yes
smtpd_sasl_type			 =  dovecot
smtpd_sasl_path			 =  private/auth
# SASL end


# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

# TLS parameters
smtpd_use_tls		   	 =  yes
smtpd_tls_auth_only		 =  yes
smtpd_tls_CAfile		 =  /etc/ssl/certs/ca.crt
smtpd_tls_cert_file 	 	 =  /etc/ssl/certs/server.crt
smtpd_tls_key_file 		 =  /etc/ssl/private/server.key
smtpd_tls_session_cache_database =  btree:${queue_directory}/smtpd_scache
smtpd_tls_received_header 	 =  yes
smtpd_tls_ask_ccert		 =  yes
smtpd_tls_loglevel 		 =  1
tls_random_source 		 =  dev:/dev/urandom
smtpd_session_cache_timeout 	 =  3600s
# TLS end


# velikost schranek
message_size_limit 		 = 20971520
#mailbox_size_limit 		 = 104857600
mailbox_size_limit 		 = 0
# end


# omezeni pro prijemce mailu
smtpd_recipient_restrictions 	 =  check_recipient_access mysql:/etc/postfix/mysql-recipient.cf,
				    permit_sasl_authenticated,
				    permit_mynetworks,
				    reject_unauth_destination,
				    reject_invalid_hostname,
				    reject_non_fqdn_hostname,
				    reject_non_fqdn_recipient,
				    reject_unknown_sender_domain,
				    reject_unauth_pipelining,
				    reject_unauth_destination,
				    reject_rbl_client zombie.dnsbl.sorbs.net,
				    reject_rbl_client relays.mail-abuse.org,
				    reject_rbl_client bl.spamcop.net,
				    reject_rbl_client blackholes.easynet.nl,
				    reject_rbl_client sbl.spamhaus.org
# end

# omezeni pro odesilatele mailu
smtpd_sender_restrictions 	 =  check_sender_access mysql:/etc/postfix/mysql-sender.cf,
				    permit_mynetworks,
				    permit_sasl_authenticated
				    reject_unauth_destination,
				    reject_invalid_hostname,
				    reject_non_fqdn_hostname,
				    reject_non_fqdn_recipient,
				    reject_unknown_sender_domain,
				    reject_unauth_pipelining,
				    reject_unauth_destination,
				    reject_rbl_client zombie.dnsbl.sorbs.net,
				    reject_rbl_client relays.mail-abuse.org,
				    reject_rbl_client bl.spamcop.net,
				    reject_rbl_client blackholes.easynet.nl,
				    reject_rbl_client sbl.spamhaus.org
# end

virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql-virtual-mailbox-limit-maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
virtual_create_maildirsize = yes

# DKIM-milter podpis SMTP serveru
#smtpd_milters = inet:localhost:8891
#non_smtpd_milters = inet:localhost:8891

# OpenDKIM  podpis SMTP serveru
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:12345
non_smtpd_milters = inet:localhost:12345