|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
domain.tld
From: mouss (moussnetoyen.net)
Date: Wed Feb 06 2008 - 12:52:20 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Anton Herber wrote:
> Am 06.02.2008 16:40, Charles Marcus schrieb:
>
>> On 2/6/2008, Anton Herber (anton.herberincom.de) wrote:
>>
>>> postconf (because I'm unsure if I should post the whole configfile into
>>> this mail
>>>
>> Paste output of 'postconf -n' only
>>
>>
>
> done. Thanks.
>
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> home_mailbox = Maildir/
> html_directory = no
> inet_interfaces = sub.domain.tld, localhost
>
is the default ("all") not good for you?
> local_recipient_maps = unix:passwd.byname, $alias_maps
> mail_owner = postfix
> mailbox_command = /usr/bin/procmail -d "$USER"
> mailbox_size_limit = 9291456000
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> message_size_limit = 92914560
> mydestination = $myhostname
> mydomain = sub.domain.tld
> myhostname = incommail.storage.incom.de
> mynetworks = 127.0.0.0/8, 192.168.0.0/24, 192.168.100.0/24
> mynetworks_style = class
>
remove this. you already have mynetworks, so there is no place for a style:)
> newaliases_path = /usr/bin/newaliases.postfix
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/doc/postfix-2.4.6/README_FILES
> receive_override_options = no_address_mappings
>
beware the dog... if you ever disable the content filter and the
receive_override_options in master.cf, you'll have no rewrite... should
be ok now, but document it to avoid "white nights".
> relay_domains = $mydestination, domain.tld, sub.domain.tld, and_other.tld
>
1- remove $mydestination from relay_domains
2- put valid relay users in relay_recipient_maps. the default is to
accept all relay recipients.
3- next time; use example.com, example.net, example.org, *.example as
example domains.
> relayhost = [192.168.100.30]
> sample_directory = /usr/share/doc/postfix-2.4.6/samples
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP
>
remove this. the default is good for you, us and them.
> smtpd_recipient_restrictions =
> permit_sasl_authenticated,permit_mynetworks,check_relay_domains,reject_unlisted_recipient,check_recipient_maps
>
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynewtorks
reject_unauth_destination
reject_unlisted_recipient
#reject_unlisted_sender
reject_unknown_sender_domain
> smtpd_reject_unlisted_recipient = yes
>
this is the default.
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions = permit_mynetworks,reject_unknown_sender_domain
>
if you put reject_unknown_sender_domain under
smtpd_recipient_restrictions, you won't need this anymore.
> smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
> smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> soft_bounce = no
> tls_random_source = dev:/dev/urandom
> transport_maps = hash:/etc/postfix/transport
> unknown_local_recipient_reject_code = 550
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]