From 155853989294fe935f9ff3733a32ae4c4ff59aa7 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Wed, 10 Feb 2016 22:11:46 +0100 Subject: [PATCH] Current state --- .../etc/bash/bashrc.d/bash_completion.sh | 16 + .../bash/bashrc.d/bash_completion.sh.dist.new | 15 + config-archive/etc/postfix/main.cf | 4 +- config-archive/etc/postfix/main.cf.1 | 5 +- config-archive/etc/postfix/main.cf.2 | 25 +- config-archive/etc/postfix/main.cf.3 | 6 +- config-archive/etc/postfix/main.cf.4 | 4 +- config-archive/etc/postfix/main.cf.5 | 4 +- config-archive/etc/postfix/main.cf.6 | 4 +- config-archive/etc/postfix/main.cf.7 | 4 +- config-archive/etc/postfix/main.cf.8 | 6 +- config-archive/etc/postfix/main.cf.9 | 4 +- config-archive/etc/postfix/main.cf.default.1 | 652 +++++++ .../etc/postfix/main.cf.default.dist | 858 ++++++++++ config-archive/etc/postfix/main.cf.dist | 4 +- cups/subscriptions.conf | 4 +- postfix/main.cf | 5 +- postfix/main.cf.default | 1498 ++++++++++------- postfix/main.cf.orig | 652 +++++++ 19 files changed, 3096 insertions(+), 674 deletions(-) create mode 100644 config-archive/etc/bash/bashrc.d/bash_completion.sh create mode 100644 config-archive/etc/bash/bashrc.d/bash_completion.sh.dist.new create mode 100644 config-archive/etc/postfix/main.cf.default.1 create mode 100644 config-archive/etc/postfix/main.cf.default.dist create mode 100644 postfix/main.cf.orig diff --git a/config-archive/etc/bash/bashrc.d/bash_completion.sh b/config-archive/etc/bash/bashrc.d/bash_completion.sh new file mode 100644 index 00000000..ae6756f9 --- /dev/null +++ b/config-archive/etc/bash/bashrc.d/bash_completion.sh @@ -0,0 +1,16 @@ +# Check for interactive bash and that we haven't already been sourced. +if [ -n "$BASH_VERSION" -a -n "$PS1" -a -z "$BASH_COMPLETION_COMPAT_DIR" ]; then + + # Check for recent enough version of bash. + if [ ${BASH_VERSINFO[0]} -gt 4 ] || \ + [ ${BASH_VERSINFO[0]} -eq 4 -a ${BASH_VERSINFO[1]} -ge 1 ]; then + [ -r "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" ] && \ + . "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" + if shopt -q progcomp && [ -r /usr/share/bash-completion/bash_completion ]; then + # Source completion code. + BASH_COMPLETION_COMPAT_DIR=/usr/share/bash-completion/completions + . /usr/share/bash-completion/bash_completion + fi + fi + +fi diff --git a/config-archive/etc/bash/bashrc.d/bash_completion.sh.dist.new b/config-archive/etc/bash/bashrc.d/bash_completion.sh.dist.new new file mode 100644 index 00000000..bb0fdb61 --- /dev/null +++ b/config-archive/etc/bash/bashrc.d/bash_completion.sh.dist.new @@ -0,0 +1,15 @@ +# Check for interactive bash and that we haven't already been sourced. +if [ -n "$BASH_VERSION" -a -n "$PS1" -a -z "$BASH_COMPLETION_COMPAT_DIR" ]; then + + # Check for recent enough version of bash. + if [ ${BASH_VERSINFO[0]} -gt 4 ] || \ + [ ${BASH_VERSINFO[0]} -eq 4 -a ${BASH_VERSINFO[1]} -ge 1 ]; then + [ -r "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" ] && \ + . "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" + if shopt -q progcomp && [ -r /usr/share/bash-completion/bash_completion ]; then + # Source completion code. + . /usr/share/bash-completion/bash_completion + fi + fi + +fi diff --git a/config-archive/etc/postfix/main.cf b/config-archive/etc/postfix/main.cf index 38714de1..6b000688 100644 --- a/config-archive/etc/postfix/main.cf +++ b/config-archive/etc/postfix/main.cf @@ -664,7 +664,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-3.0.1-r1/html +html_directory = /usr/share/doc/postfix-3.0.2/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -677,7 +677,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-3.0.1-r1/readme +readme_directory = /usr/share/doc/postfix-3.0.2/readme # inet_protocols = ipv4 meta_directory = /etc/postfix shlib_directory = /usr/lib64/postfix/${mail_version} diff --git a/config-archive/etc/postfix/main.cf.1 b/config-archive/etc/postfix/main.cf.1 index 2da72a08..38714de1 100644 --- a/config-archive/etc/postfix/main.cf.1 +++ b/config-archive/etc/postfix/main.cf.1 @@ -664,7 +664,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-3.0.0/html +html_directory = /usr/share/doc/postfix-3.0.1-r1/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -677,7 +677,8 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-3.0.0/readme +readme_directory = /usr/share/doc/postfix-3.0.1-r1/readme +# inet_protocols = ipv4 meta_directory = /etc/postfix shlib_directory = /usr/lib64/postfix/${mail_version} home_mailbox = .maildir/ diff --git a/config-archive/etc/postfix/main.cf.2 b/config-archive/etc/postfix/main.cf.2 index 6ffa90b0..2da72a08 100644 --- a/config-archive/etc/postfix/main.cf.2 +++ b/config-archive/etc/postfix/main.cf.2 @@ -10,6 +10,25 @@ # For best results, change no more than 2-3 parameters at a time, # and test if Postfix still works after every change. +# COMPATIBILITY +# +# The compatibility_level determines what default settings Postfix +# will use for main.cf and master.cf settings. These defaults will +# change over time. +# +# To avoid breaking things, Postfix will use backwards-compatible +# default settings and log where it uses those old backwards-compatible +# default settings, until the system administrator has determined +# if any backwards-compatible default settings need to be made +# permanent in main.cf or master.cf. +# +# When this review is complete, update the compatibility_level setting +# below as recommended in the RELEASE_NOTES file. +# +# The level below is what should be used with new (not upgrade) installs. +# +#compatibility_level = 2 + # SOFT BOUNCE # # The soft_bounce parameter provides a limited safety net for @@ -645,7 +664,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.11.3/html +html_directory = /usr/share/doc/postfix-3.0.0/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,7 +677,9 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.11.3/readme +readme_directory = /usr/share/doc/postfix-3.0.0/readme +meta_directory = /etc/postfix +shlib_directory = /usr/lib64/postfix/${mail_version} home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes diff --git a/config-archive/etc/postfix/main.cf.3 b/config-archive/etc/postfix/main.cf.3 index 5e3d60fd..6ffa90b0 100644 --- a/config-archive/etc/postfix/main.cf.3 +++ b/config-archive/etc/postfix/main.cf.3 @@ -5,7 +5,7 @@ # For common configuration examples, see BASIC_CONFIGURATION_README # and STANDARD_CONFIGURATION_README. To find these documents, use # the command "postconf html_directory readme_directory", or go to -# http://www.postfix.org/. +# http://www.postfix.org/BASIC_CONFIGURATION_README.html etc. # # For best results, change no more than 2-3 parameters at a time, # and test if Postfix still works after every change. @@ -645,7 +645,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.10.3/html +html_directory = /usr/share/doc/postfix-2.11.3/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,7 +658,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.10.3/readme +readme_directory = /usr/share/doc/postfix-2.11.3/readme home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes diff --git a/config-archive/etc/postfix/main.cf.4 b/config-archive/etc/postfix/main.cf.4 index 0436c1c4..5e3d60fd 100644 --- a/config-archive/etc/postfix/main.cf.4 +++ b/config-archive/etc/postfix/main.cf.4 @@ -645,7 +645,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.10.2/html +html_directory = /usr/share/doc/postfix-2.10.3/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,7 +658,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.10.2/readme +readme_directory = /usr/share/doc/postfix-2.10.3/readme home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes diff --git a/config-archive/etc/postfix/main.cf.5 b/config-archive/etc/postfix/main.cf.5 index f7e2a6a6..0436c1c4 100644 --- a/config-archive/etc/postfix/main.cf.5 +++ b/config-archive/etc/postfix/main.cf.5 @@ -645,7 +645,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.10.1/html +html_directory = /usr/share/doc/postfix-2.10.2/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,7 +658,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.10.1/readme +readme_directory = /usr/share/doc/postfix-2.10.2/readme home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes diff --git a/config-archive/etc/postfix/main.cf.6 b/config-archive/etc/postfix/main.cf.6 index 1232f478..f7e2a6a6 100644 --- a/config-archive/etc/postfix/main.cf.6 +++ b/config-archive/etc/postfix/main.cf.6 @@ -645,7 +645,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.10.0/html +html_directory = /usr/share/doc/postfix-2.10.1/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,7 +658,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.10.0/readme +readme_directory = /usr/share/doc/postfix-2.10.1/readme home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes diff --git a/config-archive/etc/postfix/main.cf.7 b/config-archive/etc/postfix/main.cf.7 index c438ed09..1232f478 100644 --- a/config-archive/etc/postfix/main.cf.7 +++ b/config-archive/etc/postfix/main.cf.7 @@ -645,7 +645,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.9.5/html +html_directory = /usr/share/doc/postfix-2.10.0/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,7 +658,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.9.5/readme +readme_directory = /usr/share/doc/postfix-2.10.0/readme home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes diff --git a/config-archive/etc/postfix/main.cf.8 b/config-archive/etc/postfix/main.cf.8 index c1606d6e..c438ed09 100644 --- a/config-archive/etc/postfix/main.cf.8 +++ b/config-archive/etc/postfix/main.cf.8 @@ -645,7 +645,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.9.4/html +html_directory = /usr/share/doc/postfix-2.9.5/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,11 +658,11 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.9.4/readme +readme_directory = /usr/share/doc/postfix-2.9.5/readme home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes -smtpd_sasl2_auth_enable = yes +#smtpd_sasl2_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_local_domain = $myhostname diff --git a/config-archive/etc/postfix/main.cf.9 b/config-archive/etc/postfix/main.cf.9 index 22ce4373..c1606d6e 100644 --- a/config-archive/etc/postfix/main.cf.9 +++ b/config-archive/etc/postfix/main.cf.9 @@ -645,7 +645,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.9.3/html +html_directory = /usr/share/doc/postfix-2.9.4/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -658,7 +658,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.9.3/readme +readme_directory = /usr/share/doc/postfix-2.9.4/readme home_mailbox = .maildir/ smtpd_sasl_auth_enable = yes diff --git a/config-archive/etc/postfix/main.cf.default.1 b/config-archive/etc/postfix/main.cf.default.1 new file mode 100644 index 00000000..fcc2569d --- /dev/null +++ b/config-archive/etc/postfix/main.cf.default.1 @@ -0,0 +1,652 @@ +# Global Postfix configuration file. This file lists only a subset +# of all parameters. For the syntax, and for a complete parameter +# list, see the postconf(5) manual page (command: "man 5 postconf"). +# +# For common configuration examples, see BASIC_CONFIGURATION_README +# and STANDARD_CONFIGURATION_README. To find these documents, use +# the command "postconf html_directory readme_directory", or go to +# http://www.postfix.org/. +# +# For best results, change no more than 2-3 parameters at a time, +# and test if Postfix still works after every change. + +# SOFT BOUNCE +# +# The soft_bounce parameter provides a limited safety net for +# testing. When soft_bounce is enabled, mail will remain queued that +# would otherwise bounce. This parameter disables locally-generated +# bounces, and prevents the SMTP server from rejecting mail permanently +# (by changing 5xx replies into 4xx replies). However, soft_bounce +# is no cure for address rewriting mistakes or mail routing mistakes. +# +#soft_bounce = no + +# LOCAL PATHNAME INFORMATION +# +# The queue_directory specifies the location of the Postfix queue. +# This is also the root directory of Postfix daemons that run chrooted. +# See the files in examples/chroot-setup for setting up Postfix chroot +# environments on different UNIX systems. +# +queue_directory = /var/spool/postfix + +# The command_directory parameter specifies the location of all +# postXXX commands. +# +command_directory = /usr/sbin + +# The daemon_directory parameter specifies the location of all Postfix +# daemon programs (i.e. programs listed in the master.cf file). This +# directory must be owned by root. +# +daemon_directory = /usr/lib64/postfix + +# The data_directory parameter specifies the location of Postfix-writable +# data files (caches, random numbers). This directory must be owned +# by the mail_owner account (see below). +# +data_directory = /var/lib/postfix + +# QUEUE AND PROCESS OWNERSHIP +# +# The mail_owner parameter specifies the owner of the Postfix queue +# and of most Postfix daemon processes. Specify the name of a user +# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS +# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In +# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED +# USER. +# +mail_owner = postfix + +# The default_privs parameter specifies the default rights used by +# the local delivery agent for delivery to external file or command. +# These rights are used in the absence of a recipient user context. +# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. +# +#default_privs = nobody + +# INTERNET HOST AND DOMAIN NAMES +# +# The myhostname parameter specifies the internet hostname of this +# mail system. The default is to use the fully-qualified domain name +# from gethostname(). $myhostname is used as a default value for many +# other configuration parameters. +# +#myhostname = host.domain.tld +#myhostname = virtual.domain.tld + +# The mydomain parameter specifies the local internet domain name. +# The default is to use $myhostname minus the first component. +# $mydomain is used as a default value for many other configuration +# parameters. +# +#mydomain = domain.tld + +# SENDING MAIL +# +# The myorigin parameter specifies the domain that locally-posted +# mail appears to come from. The default is to append $myhostname, +# which is fine for small sites. If you run a domain with multiple +# machines, you should (1) change this to $mydomain and (2) set up +# a domain-wide alias database that aliases each user to +# user@that.users.mailhost. +# +# For the sake of consistency between sender and recipient addresses, +# myorigin also specifies the default domain name that is appended +# to recipient addresses that have no @domain part. +# +#myorigin = $myhostname +#myorigin = $mydomain + +# RECEIVING MAIL + +# The inet_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on. By default, +# the software claims all active interfaces on the machine. The +# parameter also controls delivery of mail to user@[ip.address]. +# +# See also the proxy_interfaces parameter, for network addresses that +# are forwarded to us via a proxy or network address translator. +# +# Note: you need to stop/start Postfix when this parameter changes. +# +#inet_interfaces = all +#inet_interfaces = $myhostname +#inet_interfaces = $myhostname, localhost + +# The proxy_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on by way of a +# proxy or network address translation unit. This setting extends +# the address list specified with the inet_interfaces parameter. +# +# You must specify your proxy/NAT addresses when your system is a +# backup MX host for other domains, otherwise mail delivery loops +# will happen when the primary MX host is down. +# +#proxy_interfaces = +#proxy_interfaces = 1.2.3.4 + +# The mydestination parameter specifies the list of domains that this +# machine considers itself the final destination for. +# +# These domains are routed to the delivery agent specified with the +# local_transport parameter setting. By default, that is the UNIX +# compatible delivery agent that lookups all recipients in /etc/passwd +# and /etc/aliases or their equivalent. +# +# The default is $myhostname + localhost.$mydomain. On a mail domain +# gateway, you should also include $mydomain. +# +# Do not specify the names of virtual domains - those domains are +# specified elsewhere (see VIRTUAL_README). +# +# Do not specify the names of domains that this machine is backup MX +# host for. Specify those names via the relay_domains settings for +# the SMTP server, or use permit_mx_backup if you are lazy (see +# STANDARD_CONFIGURATION_README). +# +# The local machine is always the final destination for mail addressed +# to user@[the.net.work.address] of an interface that the mail system +# receives mail on (see the inet_interfaces parameter). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". +# +#mydestination = $myhostname, localhost.$mydomain, localhost +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, +# mail.$mydomain, www.$mydomain, ftp.$mydomain + +# REJECTING MAIL FOR UNKNOWN LOCAL USERS +# +# The local_recipient_maps parameter specifies optional lookup tables +# with all names or addresses of users that are local with respect +# to $mydestination, $inet_interfaces or $proxy_interfaces. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown local users. This parameter is defined by default. +# +# To turn off local recipient checking in the SMTP server, specify +# local_recipient_maps = (i.e. empty). +# +# The default setting assumes that you use the default Postfix local +# delivery agent for local delivery. You need to update the +# local_recipient_maps setting if: +# +# - You define $mydestination domain recipients in files other than +# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# For example, you define $mydestination domain recipients in +# the $virtual_mailbox_maps files. +# +# - You redefine the local delivery agent in master.cf. +# +# - You redefine the "local_transport" setting in main.cf. +# +# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" +# feature of the Postfix local delivery agent (see local(8)). +# +# Details are described in the LOCAL_RECIPIENT_README file. +# +# Beware: if the Postfix SMTP server runs chrooted, you probably have +# to access the passwd file via the proxymap service, in order to +# overcome chroot restrictions. The alternative, having a copy of +# the system passwd file in the chroot jail is just not practical. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify a bare username, an @domain.tld +# wild-card, or specify a user@domain.tld address. +# +#local_recipient_maps = unix:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps +#local_recipient_maps = + +# The unknown_local_recipient_reject_code specifies the SMTP server +# response code when a recipient domain matches $mydestination or +# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty +# and the recipient address or address local-part is not found. +# +# The default setting is 550 (reject mail) but it is safer to start +# with 450 (try again later) until you are certain that your +# local_recipient_maps settings are OK. +# +unknown_local_recipient_reject_code = 550 + +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in postconf(5). +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +#mynetworks_style = class +#mynetworks_style = subnet +#mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. Specify type:table for table-based lookups +# (the value on the table right-hand side is not used). +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks +#mynetworks = hash:/etc/postfix/network_table + +# The relay_domains parameter restricts what destinations this system will +# relay mail to. See the smtpd_recipient_restrictions description in +# postconf(5) for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients (IP address matches $mynetworks) to any destination, +# - from "untrusted" clients to destinations that match $relay_domains or +# subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces or $proxy_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction description in postconf(5). +# +#relay_domains = $mydestination + +# INTERNET OR INTRANET + +# The relayhost parameter specifies the default host to send mail to +# when no entry is matched in the optional transport(5) table. When +# no relayhost is given, mail is routed directly to the destination. +# +# On an intranet, specify the organizational domain name. If your +# internal DNS uses no MX records, specify the name of the intranet +# gateway host instead. +# +# In the case of SMTP, specify a domain, host, host:port, [host]:port, +# [address] or [address]:port; the form [host] turns off MX lookups. +# +# If you're connected via UUCP, see also the default_transport parameter. +# +#relayhost = $mydomain +#relayhost = [gateway.my.domain] +#relayhost = [mailserver.isp.tld] +#relayhost = uucphost +#relayhost = [an.ip.add.ress] + +# REJECTING UNKNOWN RELAY USERS +# +# The relay_recipient_maps parameter specifies optional lookup tables +# with all addresses in the domains that match $relay_domains. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown relay users. This feature is off by default. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify an @domain.tld wild-card, or specify +# a user@domain.tld address. +# +#relay_recipient_maps = hash:/etc/postfix/relay_recipients + +# INPUT RATE CONTROL +# +# The in_flow_delay configuration parameter implements mail input +# flow control. This feature is turned on by default, although it +# still needs further development (it's disabled on SCO UNIX due +# to an SCO bug). +# +# A Postfix process will pause for $in_flow_delay seconds before +# accepting a new message, when the message arrival rate exceeds the +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more +# than the number of messages delivered per second. +# +# Specify 0 to disable the feature. Valid delays are 0..10. +# +#in_flow_delay = 1s + +# ADDRESS REWRITING +# +# The ADDRESS_REWRITING_README document gives information about +# address masquerading or other forms of address rewriting including +# username->Firstname.Lastname mapping. + +# ADDRESS REDIRECTION (VIRTUAL DOMAIN) +# +# The VIRTUAL_README document gives information about the many forms +# of domain hosting that Postfix supports. + +# "USER HAS MOVED" BOUNCE MESSAGES +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# TRANSPORT MAP +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# ALIAS DATABASE +# +# The alias_maps parameter specifies the list of alias databases used +# by the local delivery agent. The default list is system dependent. +# +# On systems with NIS, the default is to search the local alias +# database, then the NIS alias database. See aliases(5) for syntax +# details. +# +# If you change the alias database, run "postalias /etc/aliases" (or +# wherever your system stores the mail alias file), or simply run +# "newaliases" to build the necessary DBM or DB file. +# +# It will take a minute or so before changes become visible. Use +# "postfix reload" to eliminate the delay. +# +#alias_maps = dbm:/etc/aliases +#alias_maps = hash:/etc/aliases +#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = netinfo:/aliases + +# The alias_database parameter specifies the alias database(s) that +# are built with "newaliases" or "sendmail -bi". This is a separate +# configuration parameter, because alias_maps (see above) may specify +# tables that are not necessarily all under control by Postfix. +# +#alias_database = dbm:/etc/aliases +#alias_database = dbm:/etc/mail/aliases +#alias_database = hash:/etc/aliases +#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases + +# ADDRESS EXTENSIONS (e.g., user+foo) +# +# The recipient_delimiter parameter specifies the separator between +# user names and address extensions (user+foo). See canonical(5), +# local(8), relocated(5) and virtual(5) for the effects this has on +# aliases, canonical, virtual, relocated and .forward file lookups. +# Basically, the software tries user+foo and .forward+foo before +# trying user and .forward. +# +#recipient_delimiter = + + +# DELIVERY TO MAILBOX +# +# The home_mailbox parameter specifies the optional pathname of a +# mailbox file relative to a user's home directory. The default +# mailbox file is /var/spool/mail/user or /var/mail/user. Specify +# "Maildir/" for qmail-style delivery (the / is required). +# +#home_mailbox = Mailbox +#home_mailbox = Maildir/ + +# The mail_spool_directory parameter specifies the directory where +# UNIX-style mailboxes are kept. The default setting depends on the +# system type. +# +#mail_spool_directory = /var/mail +#mail_spool_directory = /var/spool/mail + +# The mailbox_command parameter specifies the optional external +# command to use instead of mailbox delivery. The command is run as +# the recipient with proper HOME, SHELL and LOGNAME environment settings. +# Exception: delivery for root is done as $default_user. +# +# Other environment variables of interest: USER (recipient username), +# EXTENSION (address extension), DOMAIN (domain part of address), +# and LOCAL (the address localpart). +# +# Unlike other Postfix configuration parameters, the mailbox_command +# parameter is not subjected to $parameter substitutions. This is to +# make it easier to specify shell syntax (see example below). +# +# Avoid shell meta characters because they will force Postfix to run +# an expensive shell process. Procmail alone is expensive enough. +# +# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN +# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. +# +#mailbox_command = /some/where/procmail +#mailbox_command = /some/where/procmail -a "$EXTENSION" + +# The mailbox_transport specifies the optional transport in master.cf +# to use after processing aliases and .forward files. This parameter +# has precedence over the mailbox_command, fallback_transport and +# luser_relay parameters. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#mailbox_transport = lmtp:unix:/file/name +#mailbox_transport = cyrus + +# The fallback_transport specifies the optional transport in master.cf +# to use for recipients that are not found in the UNIX passwd database. +# This parameter has precedence over the luser_relay parameter. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#fallback_transport = lmtp:unix:/file/name +#fallback_transport = cyrus +#fallback_transport = + +# The luser_relay parameter specifies an optional destination address +# for unknown recipients. By default, mail for unknown@$mydestination, +# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned +# as undeliverable. +# +# The following expansions are done on luser_relay: $user (recipient +# username), $shell (recipient shell), $home (recipient home directory), +# $recipient (full recipient address), $extension (recipient address +# extension), $domain (recipient domain), $local (entire recipient +# localpart), $recipient_delimiter. Specify ${name?value} or +# ${name:value} to expand value only when $name does (does not) exist. +# +# luser_relay works only for the default Postfix local delivery agent. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must specify "local_recipient_maps =" (i.e. empty) in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#luser_relay = $user@other.host +#luser_relay = $local@other.host +#luser_relay = admin+$local + +# JUNK MAIL CONTROLS +# +# The controls listed here are only a very small subset. The file +# SMTPD_ACCESS_README provides an overview. + +# The header_checks parameter specifies an optional table with patterns +# that each logical message header is matched against, including +# headers that span multiple physical lines. +# +# By default, these patterns also apply to MIME headers and to the +# headers of attached messages. With older Postfix versions, MIME and +# attached message headers were treated as body text. +# +# For details, see "man header_checks". +# +#header_checks = regexp:/etc/postfix/header_checks + +# FAST ETRN SERVICE +# +# Postfix maintains per-destination logfiles with information about +# deferred mail, so that mail can be flushed quickly with the SMTP +# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". +# See the ETRN_README document for a detailed description. +# +# The fast_flush_domains parameter controls what destinations are +# eligible for this service. By default, they are all domains that +# this server is willing to relay mail to. +# +#fast_flush_domains = $relay_domains + +# SHOW SOFTWARE VERSION OR NOT +# +# The smtpd_banner parameter specifies the text that follows the 220 +# code in the SMTP server's greeting banner. Some people like to see +# the mail version advertised. By default, Postfix shows no version. +# +# You MUST specify $myhostname at the start of the text. That is an +# RFC requirement. Postfix itself does not care. +# +#smtpd_banner = $myhostname ESMTP $mail_name +#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) + +# PARALLEL DELIVERY TO THE SAME DESTINATION +# +# How many parallel deliveries to the same user or domain? With local +# delivery, it does not make sense to do massively parallel delivery +# to the same user, because mailbox updates must happen sequentially, +# and expensive pipelines in .forward files can cause disasters when +# too many are run at the same time. With SMTP deliveries, 10 +# simultaneous connections to the same domain could be sufficient to +# raise eyebrows. +# +# Each message delivery transport has its XXX_destination_concurrency_limit +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. + +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 20 + +# DEBUGGING CONTROL +# +# The debug_peer_level parameter specifies the increment in verbose +# logging level when an SMTP client or server host name or address +# matches a pattern in the debug_peer_list parameter. +# +debug_peer_level = 2 + +# The debug_peer_list parameter specifies an optional list of domain +# or network patterns, /file/name patterns or type:name tables. When +# an SMTP client or server host name or address matches a pattern, +# increase the verbose logging level by the amount specified in the +# debug_peer_level parameter. +# +#debug_peer_list = 127.0.0.1 +#debug_peer_list = some.domain + +# The debugger_command specifies the external command that is executed +# when a Postfix daemon program is run with the -D option. +# +# Use "command .. & sleep 5" so that the debugger can attach before +# the process marches on. If you use an X-based debugger, be sure to +# set up your XAUTHORITY environment variable before starting Postfix. +# +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + +# If you can't use X, use this to capture the call stack when a +# daemon crashes. The result is in a file in the configuration +# directory, and is named after the process name and the process ID. +# +# debugger_command = +# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; +# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 +# >$config_directory/$process_name.$process_id.log & sleep 5 +# +# Another possibility is to run gdb under a detached screen session. +# To attach to the screen sesssion, su root and run "screen -r +# " where uniquely matches one of the detached +# sessions (from "screen -list"). +# +# debugger_command = +# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen +# -dmS $process_name gdb $daemon_directory/$process_name +# $process_id & sleep 1 + +# INSTALL-TIME CONFIGURATION INFORMATION +# +# The following parameters are used when installing a new Postfix version. +# +# sendmail_path: The full pathname of the Postfix sendmail command. +# This is the Sendmail-compatible mail posting interface. +# +sendmail_path = /usr/sbin/sendmail + +# newaliases_path: The full pathname of the Postfix newaliases command. +# This is the Sendmail-compatible command to build alias databases. +# +newaliases_path = /usr/bin/newaliases + +# mailq_path: The full pathname of the Postfix mailq command. This +# is the Sendmail-compatible mail queue listing command. +# +mailq_path = /usr/bin/mailq + +# setgid_group: The group for mail submission and queue management +# commands. This must be a group name with a numerical group ID that +# is not shared with other accounts, not even with the Postfix account. +# +setgid_group = postdrop + +# html_directory: The location of the Postfix HTML documentation. +# +html_directory = /usr/share/doc/postfix-2.8.7/html + +# manpage_directory: The location of the Postfix on-line manual pages. +# +manpage_directory = /usr/share/man + +# sample_directory: The location of the Postfix sample configuration files. +# This parameter is obsolete as of Postfix 2.1. +# +sample_directory = /etc/postfix + +# readme_directory: The location of the Postfix README files. +# +readme_directory = /usr/share/doc/postfix-2.8.7/readme +home_mailbox = .maildir/ diff --git a/config-archive/etc/postfix/main.cf.default.dist b/config-archive/etc/postfix/main.cf.default.dist new file mode 100644 index 00000000..447290b3 --- /dev/null +++ b/config-archive/etc/postfix/main.cf.default.dist @@ -0,0 +1,858 @@ +# DO NOT EDIT THIS FILE. EDIT THE MAIN.CF FILE INSTEAD. THE +# TEXT HERE JUST SHOWS DEFAULT SETTINGS BUILT INTO POSTFIX. +# +2bounce_notice_recipient = postmaster +access_map_defer_code = 450 +access_map_reject_code = 554 +address_verify_cache_cleanup_interval = 12h +address_verify_default_transport = $default_transport +address_verify_local_transport = $local_transport +address_verify_map = btree:$data_directory/verify_cache +address_verify_negative_cache = yes +address_verify_negative_expire_time = 3d +address_verify_negative_refresh_time = 3h +address_verify_poll_count = ${stress?{1}:{3}} +address_verify_poll_delay = 3s +address_verify_positive_expire_time = 31d +address_verify_positive_refresh_time = 7d +address_verify_relay_transport = $relay_transport +address_verify_relayhost = $relayhost +address_verify_sender = $double_bounce_sender +address_verify_sender_dependent_default_transport_maps = $sender_dependent_default_transport_maps +address_verify_sender_dependent_relayhost_maps = $sender_dependent_relayhost_maps +address_verify_sender_ttl = 0s +address_verify_service_name = verify +address_verify_transport_maps = $transport_maps +address_verify_virtual_transport = $virtual_transport +alias_database = hash:/etc/mail/aliases +alias_maps = hash:/etc/mail/aliases, nis:mail.aliases +allow_mail_to_commands = alias, forward +allow_mail_to_files = alias, forward +allow_min_user = no +allow_percent_hack = yes +allow_untrusted_routing = no +alternate_config_directories = +always_add_missing_headers = no +always_bcc = +anvil_rate_time_unit = 60s +anvil_status_update_time = 600s +append_at_myorigin = yes +append_dot_mydomain = ${{$compatibility_level} < {1} ? {yes} : {no}} +application_event_drain_time = 100s +authorized_flush_users = static:anyone +authorized_mailq_users = static:anyone +authorized_submit_users = static:anyone +backwards_bounce_logfile_compatibility = yes +berkeley_db_create_buffer_size = 16777216 +berkeley_db_read_buffer_size = 131072 +best_mx_transport = +biff = yes +body_checks = +body_checks_size_limit = 51200 +bounce_notice_recipient = postmaster +bounce_queue_lifetime = 5d +bounce_service_name = bounce +bounce_size_limit = 50000 +bounce_template_file = +broken_sasl_auth_clients = no +canonical_classes = envelope_sender, envelope_recipient, header_sender, header_recipient +canonical_maps = +cleanup_service_name = cleanup +command_directory = /usr/sbin +command_execution_directory = +command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ +command_time_limit = 1000s +compatibility_level = 0 +config_directory = /etc/postfix +confirm_delay_cleared = no +connection_cache_protocol_timeout = 5s +connection_cache_service_name = scache +connection_cache_status_update_time = 600s +connection_cache_ttl_limit = 2s +content_filter = +cyrus_sasl_config_path = +daemon_directory = /usr/libexec/postfix +daemon_table_open_error_is_fatal = no +daemon_timeout = 18000s +data_directory = /var/lib/postfix +debug_peer_level = 2 +debug_peer_list = +debugger_command = +default_database_type = hash +default_delivery_slot_cost = 5 +default_delivery_slot_discount = 50 +default_delivery_slot_loan = 3 +default_delivery_status_filter = +default_destination_concurrency_failed_cohort_limit = 1 +default_destination_concurrency_limit = 20 +default_destination_concurrency_negative_feedback = 1 +default_destination_concurrency_positive_feedback = 1 +default_destination_rate_delay = 0s +default_destination_recipient_limit = 50 +default_extra_recipient_limit = 1000 +default_filter_nexthop = +default_minimum_delivery_slots = 3 +default_privs = nobody +default_process_limit = 100 +default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} +default_recipient_limit = 20000 +default_recipient_refill_delay = 5s +default_recipient_refill_limit = 100 +default_transport = smtp +default_verp_delimiters = += +defer_code = 450 +defer_service_name = defer +defer_transports = +delay_logging_resolution_limit = 2 +delay_notice_recipient = postmaster +delay_warning_time = 0h +deliver_lock_attempts = 20 +deliver_lock_delay = 1s +destination_concurrency_feedback_debug = no +detect_8bit_encoding_header = yes +disable_dns_lookups = no +disable_mime_input_processing = no +disable_mime_output_conversion = no +disable_verp_bounces = no +disable_vrfy_command = no +dnsblog_reply_delay = 0s +dnsblog_service_name = dnsblog +dont_remove = 0 +double_bounce_sender = double-bounce +duplicate_filter_limit = 1000 +empty_address_default_transport_maps_lookup_key = <> +empty_address_recipient = MAILER-DAEMON +empty_address_relayhost_maps_lookup_key = <> +enable_long_queue_ids = no +enable_original_recipient = yes +error_delivery_slot_cost = $default_delivery_slot_cost +error_delivery_slot_discount = $default_delivery_slot_discount +error_delivery_slot_loan = $default_delivery_slot_loan +error_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +error_destination_concurrency_limit = $default_destination_concurrency_limit +error_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +error_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +error_destination_rate_delay = $default_destination_rate_delay +error_destination_recipient_limit = $default_destination_recipient_limit +error_extra_recipient_limit = $default_extra_recipient_limit +error_initial_destination_concurrency = $initial_destination_concurrency +error_minimum_delivery_slots = $default_minimum_delivery_slots +error_notice_recipient = postmaster +error_recipient_limit = $default_recipient_limit +error_recipient_refill_delay = $default_recipient_refill_delay +error_recipient_refill_limit = $default_recipient_refill_limit +error_service_name = error +execution_directory_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ +expand_owner_alias = no +export_environment = TZ MAIL_CONFIG LANG +fallback_transport = +fallback_transport_maps = +fast_flush_domains = $relay_domains +fast_flush_purge_time = 7d +fast_flush_refresh_time = 12h +fault_injection_code = 0 +flush_service_name = flush +fork_attempts = 5 +fork_delay = 1s +forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ +forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward +frozen_delivered_to = yes +hash_queue_depth = 1 +hash_queue_names = deferred, defer +header_address_token_limit = 10240 +header_checks = +header_size_limit = 102400 +helpful_warnings = yes +home_mailbox = +hopcount_limit = 50 +html_directory = no +ignore_mx_lookup_error = no +import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C +in_flow_delay = 1s +inet_interfaces = all +inet_protocols = all +initial_destination_concurrency = 5 +internal_mail_filter_classes = +invalid_hostname_reject_code = 501 +ipc_idle = 5s +ipc_timeout = 3600s +ipc_ttl = 1000s +line_length_limit = 2048 +lmdb_map_size = 16777216 +lmtp_address_preference = any +lmtp_address_verify_target = rcpt +lmtp_assume_final = no +lmtp_bind_address = +lmtp_bind_address6 = +lmtp_body_checks = +lmtp_cname_overrides_servername = no +lmtp_connect_timeout = 0s +lmtp_connection_cache_destinations = +lmtp_connection_cache_on_demand = yes +lmtp_connection_cache_time_limit = 2s +lmtp_connection_reuse_count_limit = 0 +lmtp_connection_reuse_time_limit = 300s +lmtp_data_done_timeout = 600s +lmtp_data_init_timeout = 120s +lmtp_data_xfer_timeout = 180s +lmtp_defer_if_no_mx_address_found = no +lmtp_delivery_slot_cost = $default_delivery_slot_cost +lmtp_delivery_slot_discount = $default_delivery_slot_discount +lmtp_delivery_slot_loan = $default_delivery_slot_loan +lmtp_delivery_status_filter = $default_delivery_status_filter +lmtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +lmtp_destination_concurrency_limit = $default_destination_concurrency_limit +lmtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +lmtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +lmtp_destination_rate_delay = $default_destination_rate_delay +lmtp_destination_recipient_limit = $default_destination_recipient_limit +lmtp_discard_lhlo_keyword_address_maps = +lmtp_discard_lhlo_keywords = +lmtp_dns_reply_filter = +lmtp_dns_resolver_options = +lmtp_dns_support_level = +lmtp_enforce_tls = no +lmtp_extra_recipient_limit = $default_extra_recipient_limit +lmtp_generic_maps = +lmtp_header_checks = +lmtp_host_lookup = dns +lmtp_initial_destination_concurrency = $initial_destination_concurrency +lmtp_lhlo_name = $myhostname +lmtp_lhlo_timeout = 300s +lmtp_line_length_limit = 998 +lmtp_mail_timeout = 300s +lmtp_mime_header_checks = +lmtp_minimum_delivery_slots = $default_minimum_delivery_slots +lmtp_mx_address_limit = 5 +lmtp_mx_session_limit = 2 +lmtp_nested_header_checks = +lmtp_per_record_deadline = no +lmtp_pix_workaround_delay_time = 10s +lmtp_pix_workaround_maps = +lmtp_pix_workaround_threshold_time = 500s +lmtp_pix_workarounds = disable_esmtp,delay_dotcrlf +lmtp_quit_timeout = 300s +lmtp_quote_rfc821_envelope = yes +lmtp_randomize_addresses = yes +lmtp_rcpt_timeout = 300s +lmtp_recipient_limit = $default_recipient_limit +lmtp_recipient_refill_delay = $default_recipient_refill_delay +lmtp_recipient_refill_limit = $default_recipient_refill_limit +lmtp_reply_filter = +lmtp_rset_timeout = 20s +lmtp_sasl_auth_cache_name = +lmtp_sasl_auth_cache_time = 90d +lmtp_sasl_auth_enable = no +lmtp_sasl_auth_soft_bounce = yes +lmtp_sasl_mechanism_filter = +lmtp_sasl_password_maps = +lmtp_sasl_path = +lmtp_sasl_security_options = noplaintext, noanonymous +lmtp_sasl_tls_security_options = $lmtp_sasl_security_options +lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options +lmtp_sasl_type = cyrus +lmtp_send_dummy_mail_auth = no +lmtp_send_xforward_command = no +lmtp_sender_dependent_authentication = no +lmtp_skip_5xx_greeting = yes +lmtp_skip_quit_response = no +lmtp_starttls_timeout = 300s +lmtp_tcp_port = 24 +lmtp_tls_CAfile = +lmtp_tls_CApath = +lmtp_tls_block_early_mail_reply = no +lmtp_tls_cert_file = +lmtp_tls_ciphers = medium +lmtp_tls_dcert_file = +lmtp_tls_dkey_file = $lmtp_tls_dcert_file +lmtp_tls_eccert_file = +lmtp_tls_eckey_file = $lmtp_tls_eccert_file +lmtp_tls_enforce_peername = yes +lmtp_tls_exclude_ciphers = +lmtp_tls_fingerprint_cert_match = +lmtp_tls_fingerprint_digest = md5 +lmtp_tls_force_insecure_host_tlsa_lookup = no +lmtp_tls_key_file = $lmtp_tls_cert_file +lmtp_tls_loglevel = 0 +lmtp_tls_mandatory_ciphers = medium +lmtp_tls_mandatory_exclude_ciphers = +lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3 +lmtp_tls_note_starttls_offer = no +lmtp_tls_per_site = +lmtp_tls_policy_maps = +lmtp_tls_protocols = !SSLv2, !SSLv3 +lmtp_tls_scert_verifydepth = 9 +lmtp_tls_secure_cert_match = nexthop +lmtp_tls_security_level = +lmtp_tls_session_cache_database = +lmtp_tls_session_cache_timeout = 3600s +lmtp_tls_trust_anchor_file = +lmtp_tls_verify_cert_match = hostname +lmtp_tls_wrappermode = no +lmtp_use_tls = no +lmtp_xforward_timeout = 300s +local_command_shell = +local_delivery_slot_cost = $default_delivery_slot_cost +local_delivery_slot_discount = $default_delivery_slot_discount +local_delivery_slot_loan = $default_delivery_slot_loan +local_delivery_status_filter = $default_delivery_status_filter +local_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +local_destination_concurrency_limit = 2 +local_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +local_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +local_destination_rate_delay = $default_destination_rate_delay +local_destination_recipient_limit = 1 +local_extra_recipient_limit = $default_extra_recipient_limit +local_header_rewrite_clients = permit_inet_interfaces +local_initial_destination_concurrency = $initial_destination_concurrency +local_minimum_delivery_slots = $default_minimum_delivery_slots +local_recipient_limit = $default_recipient_limit +local_recipient_maps = proxy:unix:passwd.byname $alias_maps +local_recipient_refill_delay = $default_recipient_refill_delay +local_recipient_refill_limit = $default_recipient_refill_limit +local_transport = local:$myhostname +luser_relay = +mail_name = Postfix +mail_owner = postfix +mail_release_date = 20151010 +mail_spool_directory = /var/mail +mail_version = 3.0.3 +mailbox_command = +mailbox_command_maps = +mailbox_delivery_lock = fcntl, dotlock +mailbox_size_limit = 51200000 +mailbox_transport = +mailbox_transport_maps = +mailq_path = /usr/bin/mailq +manpage_directory = /usr/local/man +maps_rbl_domains = +maps_rbl_reject_code = 554 +masquerade_classes = envelope_sender, header_sender, header_recipient +masquerade_domains = +masquerade_exceptions = +master_service_disable = +max_idle = 100s +max_use = 100 +maximal_backoff_time = 4000s +maximal_queue_lifetime = 5d +message_drop_headers = bcc, content-length, resent-bcc, return-path +message_reject_characters = +message_size_limit = 10240000 +message_strip_characters = +meta_directory = /etc/postfix +milter_command_timeout = 30s +milter_connect_macros = j {daemon_name} v +milter_connect_timeout = 30s +milter_content_timeout = 300s +milter_data_macros = i +milter_default_action = tempfail +milter_end_of_data_macros = i +milter_end_of_header_macros = i +milter_header_checks = +milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} +milter_macro_daemon_name = $myhostname +milter_macro_v = $mail_name $mail_version +milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} +milter_protocol = 6 +milter_rcpt_macros = i {rcpt_addr} {rcpt_host} {rcpt_mailer} +milter_unknown_command_macros = +mime_boundary_length_limit = 2048 +mime_header_checks = $header_checks +mime_nesting_limit = 100 +minimal_backoff_time = 300s +multi_instance_directories = +multi_instance_enable = no +multi_instance_group = +multi_instance_name = +multi_instance_wrapper = +multi_recipient_bounce_reject_code = 550 +mydestination = $myhostname, localhost.$mydomain, localhost +mynetworks_style = ${{$compatibility_level} < {2} ? {subnet} : {host}} +myorigin = $myhostname +nested_header_checks = $header_checks +newaliases_path = /usr/bin/newaliases +non_fqdn_reject_code = 504 +non_smtpd_milters = +notify_classes = resource, software +owner_request_special = yes +parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps +permit_mx_backup_networks = +pickup_service_name = pickup +pipe_delivery_status_filter = $default_delivery_status_filter +plaintext_reject_code = 450 +postmulti_control_commands = reload flush +postmulti_start_commands = start +postmulti_stop_commands = stop abort drain quick-stop +postscreen_access_list = permit_mynetworks +postscreen_bare_newline_action = ignore +postscreen_bare_newline_enable = no +postscreen_bare_newline_ttl = 30d +postscreen_blacklist_action = ignore +postscreen_cache_cleanup_interval = 12h +postscreen_cache_map = btree:$data_directory/postscreen_cache +postscreen_cache_retention_time = 7d +postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit +postscreen_command_count_limit = 20 +postscreen_command_filter = +postscreen_command_time_limit = ${stress?{10}:{300}}s +postscreen_disable_vrfy_command = $disable_vrfy_command +postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps +postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords +postscreen_dnsbl_action = ignore +postscreen_dnsbl_reply_map = +postscreen_dnsbl_sites = +postscreen_dnsbl_threshold = 1 +postscreen_dnsbl_timeout = 10s +postscreen_dnsbl_ttl = 1h +postscreen_dnsbl_whitelist_threshold = 0 +postscreen_enforce_tls = $smtpd_enforce_tls +postscreen_expansion_filter = $smtpd_expansion_filter +postscreen_forbidden_commands = $smtpd_forbidden_commands +postscreen_greet_action = ignore +postscreen_greet_banner = $smtpd_banner +postscreen_greet_ttl = 1d +postscreen_greet_wait = ${stress?{2}:{6}}s +postscreen_helo_required = $smtpd_helo_required +postscreen_non_smtp_command_action = drop +postscreen_non_smtp_command_enable = no +postscreen_non_smtp_command_ttl = 30d +postscreen_pipelining_action = enforce +postscreen_pipelining_enable = no +postscreen_pipelining_ttl = 30d +postscreen_post_queue_limit = $default_process_limit +postscreen_pre_queue_limit = $default_process_limit +postscreen_reject_footer = $smtpd_reject_footer +postscreen_tls_security_level = $smtpd_tls_security_level +postscreen_upstream_proxy_protocol = +postscreen_upstream_proxy_timeout = 5s +postscreen_use_tls = $smtpd_use_tls +postscreen_watchdog_timeout = 10s +postscreen_whitelist_interfaces = static:all +prepend_delivered_header = command, file, forward +process_id_directory = pid +propagate_unmatched_extensions = canonical, virtual +proxy_interfaces = +proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $smtpd_client_restrictions $smtpd_helo_restrictions $smtpd_sender_restrictions $smtpd_relay_restrictions $smtpd_recipient_restrictions +proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name $address_verify_map $postscreen_cache_map +proxymap_service_name = proxymap +proxywrite_service_name = proxywrite +qmgr_clog_warn_time = 300s +qmgr_daemon_timeout = 1000s +qmgr_fudge_factor = 100 +qmgr_ipc_timeout = 60s +qmgr_message_active_limit = 20000 +qmgr_message_recipient_limit = 20000 +qmgr_message_recipient_minimum = 10 +qmqpd_authorized_clients = +qmqpd_client_port_logging = no +qmqpd_error_delay = 1s +qmqpd_timeout = 300s +queue_directory = /var/spool/postfix +queue_file_attribute_count_limit = 100 +queue_minfree = 0 +queue_run_delay = 300s +queue_service_name = qmgr +rbl_reply_maps = +readme_directory = no +receive_override_options = +recipient_bcc_maps = +recipient_canonical_classes = envelope_recipient, header_recipient +recipient_canonical_maps = +recipient_delimiter = +reject_code = 554 +reject_tempfail_action = defer_if_permit +relay_clientcerts = +relay_delivery_slot_cost = $default_delivery_slot_cost +relay_delivery_slot_discount = $default_delivery_slot_discount +relay_delivery_slot_loan = $default_delivery_slot_loan +relay_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +relay_destination_concurrency_limit = $default_destination_concurrency_limit +relay_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +relay_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +relay_destination_rate_delay = $default_destination_rate_delay +relay_destination_recipient_limit = $default_destination_recipient_limit +relay_domains = ${{$compatibility_level} < {2} ? {$mydestination} : {}} +relay_domains_reject_code = 554 +relay_extra_recipient_limit = $default_extra_recipient_limit +relay_initial_destination_concurrency = $initial_destination_concurrency +relay_minimum_delivery_slots = $default_minimum_delivery_slots +relay_recipient_limit = $default_recipient_limit +relay_recipient_maps = +relay_recipient_refill_delay = $default_recipient_refill_delay +relay_recipient_refill_limit = $default_recipient_refill_limit +relay_transport = relay +relayhost = +relocated_maps = +remote_header_rewrite_domain = +require_home_directory = no +reset_owner_alias = no +resolve_dequoted_address = yes +resolve_null_domain = no +resolve_numeric_domain = no +retry_delivery_slot_cost = $default_delivery_slot_cost +retry_delivery_slot_discount = $default_delivery_slot_discount +retry_delivery_slot_loan = $default_delivery_slot_loan +retry_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +retry_destination_concurrency_limit = $default_destination_concurrency_limit +retry_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +retry_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +retry_destination_rate_delay = $default_destination_rate_delay +retry_destination_recipient_limit = $default_destination_recipient_limit +retry_extra_recipient_limit = $default_extra_recipient_limit +retry_initial_destination_concurrency = $initial_destination_concurrency +retry_minimum_delivery_slots = $default_minimum_delivery_slots +retry_recipient_limit = $default_recipient_limit +retry_recipient_refill_delay = $default_recipient_refill_delay +retry_recipient_refill_limit = $default_recipient_refill_limit +rewrite_service_name = rewrite +sample_directory = /etc/postfix +send_cyrus_sasl_authzid = no +sender_bcc_maps = +sender_canonical_classes = envelope_sender, header_sender +sender_canonical_maps = +sender_dependent_default_transport_maps = +sender_dependent_relayhost_maps = +sendmail_fix_line_endings = always +sendmail_path = /usr/sbin/sendmail +service_throttle_time = 60s +setgid_group = postdrop +shlib_directory = /usr/lib64/postfix/${mail_version} +show_user_unknown_table_name = yes +showq_service_name = showq +smtp_address_preference = any +smtp_address_verify_target = rcpt +smtp_always_send_ehlo = yes +smtp_bind_address = +smtp_bind_address6 = +smtp_body_checks = +smtp_cname_overrides_servername = no +smtp_connect_timeout = 30s +smtp_connection_cache_destinations = +smtp_connection_cache_on_demand = yes +smtp_connection_cache_time_limit = 2s +smtp_connection_reuse_count_limit = 0 +smtp_connection_reuse_time_limit = 300s +smtp_data_done_timeout = 600s +smtp_data_init_timeout = 120s +smtp_data_xfer_timeout = 180s +smtp_defer_if_no_mx_address_found = no +smtp_delivery_slot_cost = $default_delivery_slot_cost +smtp_delivery_slot_discount = $default_delivery_slot_discount +smtp_delivery_slot_loan = $default_delivery_slot_loan +smtp_delivery_status_filter = $default_delivery_status_filter +smtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +smtp_destination_concurrency_limit = $default_destination_concurrency_limit +smtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +smtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +smtp_destination_rate_delay = $default_destination_rate_delay +smtp_destination_recipient_limit = $default_destination_recipient_limit +smtp_discard_ehlo_keyword_address_maps = +smtp_discard_ehlo_keywords = +smtp_dns_reply_filter = +smtp_dns_resolver_options = +smtp_dns_support_level = +smtp_enforce_tls = no +smtp_extra_recipient_limit = $default_extra_recipient_limit +smtp_fallback_relay = $fallback_relay +smtp_generic_maps = +smtp_header_checks = +smtp_helo_name = $myhostname +smtp_helo_timeout = 300s +smtp_host_lookup = dns +smtp_initial_destination_concurrency = $initial_destination_concurrency +smtp_line_length_limit = 998 +smtp_mail_timeout = 300s +smtp_mime_header_checks = +smtp_minimum_delivery_slots = $default_minimum_delivery_slots +smtp_mx_address_limit = 5 +smtp_mx_session_limit = 2 +smtp_nested_header_checks = +smtp_never_send_ehlo = no +smtp_per_record_deadline = no +smtp_pix_workaround_delay_time = 10s +smtp_pix_workaround_maps = +smtp_pix_workaround_threshold_time = 500s +smtp_pix_workarounds = disable_esmtp,delay_dotcrlf +smtp_quit_timeout = 300s +smtp_quote_rfc821_envelope = yes +smtp_randomize_addresses = yes +smtp_rcpt_timeout = 300s +smtp_recipient_limit = $default_recipient_limit +smtp_recipient_refill_delay = $default_recipient_refill_delay +smtp_recipient_refill_limit = $default_recipient_refill_limit +smtp_reply_filter = +smtp_rset_timeout = 20s +smtp_sasl_auth_cache_name = +smtp_sasl_auth_cache_time = 90d +smtp_sasl_auth_enable = no +smtp_sasl_auth_soft_bounce = yes +smtp_sasl_mechanism_filter = +smtp_sasl_password_maps = +smtp_sasl_path = +smtp_sasl_security_options = noplaintext, noanonymous +smtp_sasl_tls_security_options = $smtp_sasl_security_options +smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options +smtp_sasl_type = cyrus +smtp_send_dummy_mail_auth = no +smtp_send_xforward_command = no +smtp_sender_dependent_authentication = no +smtp_skip_5xx_greeting = yes +smtp_skip_quit_response = yes +smtp_starttls_timeout = 300s +smtp_tls_CAfile = +smtp_tls_CApath = +smtp_tls_block_early_mail_reply = no +smtp_tls_cert_file = +smtp_tls_ciphers = medium +smtp_tls_dcert_file = +smtp_tls_dkey_file = $smtp_tls_dcert_file +smtp_tls_eccert_file = +smtp_tls_eckey_file = $smtp_tls_eccert_file +smtp_tls_enforce_peername = yes +smtp_tls_exclude_ciphers = +smtp_tls_fingerprint_cert_match = +smtp_tls_fingerprint_digest = md5 +smtp_tls_force_insecure_host_tlsa_lookup = no +smtp_tls_key_file = $smtp_tls_cert_file +smtp_tls_loglevel = 0 +smtp_tls_mandatory_ciphers = medium +smtp_tls_mandatory_exclude_ciphers = +smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 +smtp_tls_note_starttls_offer = no +smtp_tls_per_site = +smtp_tls_policy_maps = +smtp_tls_protocols = !SSLv2, !SSLv3 +smtp_tls_scert_verifydepth = 9 +smtp_tls_secure_cert_match = nexthop, dot-nexthop +smtp_tls_security_level = +smtp_tls_session_cache_database = +smtp_tls_session_cache_timeout = 3600s +smtp_tls_trust_anchor_file = +smtp_tls_verify_cert_match = hostname +smtp_tls_wrappermode = no +smtp_use_tls = no +smtp_xforward_timeout = 300s +smtpd_authorized_verp_clients = $authorized_verp_clients +smtpd_authorized_xclient_hosts = +smtpd_authorized_xforward_hosts = +smtpd_banner = $myhostname ESMTP $mail_name +smtpd_client_connection_count_limit = 50 +smtpd_client_connection_rate_limit = 0 +smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks} +smtpd_client_message_rate_limit = 0 +smtpd_client_new_tls_session_rate_limit = 0 +smtpd_client_port_logging = no +smtpd_client_recipient_rate_limit = 0 +smtpd_client_restrictions = +smtpd_command_filter = +smtpd_data_restrictions = +smtpd_delay_open_until_valid_rcpt = yes +smtpd_delay_reject = yes +smtpd_discard_ehlo_keyword_address_maps = +smtpd_discard_ehlo_keywords = +smtpd_dns_reply_filter = +smtpd_end_of_data_restrictions = +smtpd_enforce_tls = no +smtpd_error_sleep_time = 1s +smtpd_etrn_restrictions = +smtpd_expansion_filter = \t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~ +smtpd_forbidden_commands = CONNECT GET POST +smtpd_hard_error_limit = ${stress?{1}:{20}} +smtpd_helo_required = no +smtpd_helo_restrictions = +smtpd_history_flush_threshold = 100 +smtpd_junk_command_limit = ${stress?{1}:{100}} +smtpd_log_access_permit_actions = +smtpd_milters = +smtpd_noop_commands = +smtpd_null_access_lookup_key = <> +smtpd_peername_lookup = yes +smtpd_per_record_deadline = ${stress?{yes}:{no}} +smtpd_policy_service_default_action = 451 4.3.5 Server configuration problem +smtpd_policy_service_max_idle = 300s +smtpd_policy_service_max_ttl = 1000s +smtpd_policy_service_request_limit = 0 +smtpd_policy_service_retry_delay = 1s +smtpd_policy_service_timeout = 100s +smtpd_policy_service_try_limit = 2 +smtpd_proxy_ehlo = $myhostname +smtpd_proxy_filter = +smtpd_proxy_options = +smtpd_proxy_timeout = 100s +smtpd_recipient_limit = 1000 +smtpd_recipient_overshoot_limit = 1000 +smtpd_recipient_restrictions = +smtpd_reject_footer = +smtpd_reject_unlisted_recipient = yes +smtpd_reject_unlisted_sender = no +smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination +smtpd_restriction_classes = +smtpd_sasl_auth_enable = no +smtpd_sasl_authenticated_header = no +smtpd_sasl_exceptions_networks = +smtpd_sasl_local_domain = +smtpd_sasl_path = smtpd +smtpd_sasl_security_options = noanonymous +smtpd_sasl_service = smtp +smtpd_sasl_tls_security_options = $smtpd_sasl_security_options +smtpd_sasl_type = cyrus +smtpd_sender_login_maps = +smtpd_sender_restrictions = +smtpd_service_name = smtpd +smtpd_soft_error_limit = 10 +smtpd_starttls_timeout = ${stress?{10}:{300}}s +smtpd_timeout = ${stress?{10}:{300}}s +smtpd_tls_CAfile = +smtpd_tls_CApath = +smtpd_tls_always_issue_session_ids = yes +smtpd_tls_ask_ccert = no +smtpd_tls_auth_only = no +smtpd_tls_ccert_verifydepth = 9 +smtpd_tls_cert_file = +smtpd_tls_ciphers = medium +smtpd_tls_dcert_file = +smtpd_tls_dh1024_param_file = +smtpd_tls_dh512_param_file = +smtpd_tls_dkey_file = $smtpd_tls_dcert_file +smtpd_tls_eccert_file = +smtpd_tls_eckey_file = $smtpd_tls_eccert_file +smtpd_tls_eecdh_grade = strong +smtpd_tls_exclude_ciphers = +smtpd_tls_fingerprint_digest = md5 +smtpd_tls_key_file = $smtpd_tls_cert_file +smtpd_tls_loglevel = 0 +smtpd_tls_mandatory_ciphers = medium +smtpd_tls_mandatory_exclude_ciphers = +smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 +smtpd_tls_protocols = !SSLv2, !SSLv3 +smtpd_tls_received_header = no +smtpd_tls_req_ccert = no +smtpd_tls_security_level = +smtpd_tls_session_cache_database = +smtpd_tls_session_cache_timeout = 3600s +smtpd_tls_wrappermode = no +smtpd_upstream_proxy_protocol = +smtpd_upstream_proxy_timeout = 5s +smtpd_use_tls = no +smtputf8_autodetect_classes = sendmail, verify +smtputf8_enable = ${{$compatibility_level} < {1} ? {no} : {yes}} +soft_bounce = no +stale_lock_time = 500s +stress = +strict_7bit_headers = no +strict_8bitmime = no +strict_8bitmime_body = no +strict_mailbox_ownership = yes +strict_mime_encoding_domain = no +strict_rfc821_envelopes = no +strict_smtputf8 = no +sun_mailtool_compatibility = no +swap_bangpath = yes +syslog_facility = mail +syslog_name = ${multi_instance_name?{$multi_instance_name}:{postfix}} +tcp_windowsize = 0 +tls_append_default_CA = no +tls_daemon_random_bytes = 32 +tls_dane_digest_agility = on +tls_dane_digests = sha512 sha256 +tls_dane_trust_anchor_digest_enable = yes +tls_disable_workarounds = +tls_eecdh_strong_curve = prime256v1 +tls_eecdh_ultra_curve = secp384r1 +tls_export_cipherlist = aNULL:-aNULL:ALL:+RC4:@STRENGTH +tls_high_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH +tls_legacy_public_key_fingerprints = no +tls_low_cipherlist = aNULL:-aNULL:ALL:!EXPORT:+RC4:@STRENGTH +tls_medium_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH +tls_null_cipherlist = eNULL:!aNULL +tls_preempt_cipherlist = no +tls_random_bytes = 32 +tls_random_exchange_name = ${data_directory}/prng_exch +tls_random_prng_update_period = 3600s +tls_random_reseed_period = 3600s +tls_random_source = dev:/dev/urandom +tls_session_ticket_cipher = aes-128-cbc +tls_ssl_options = +tls_wildcard_matches_multiple_labels = yes +tlsmgr_service_name = tlsmgr +tlsproxy_enforce_tls = $smtpd_enforce_tls +tlsproxy_service_name = tlsproxy +tlsproxy_tls_CAfile = $smtpd_tls_CAfile +tlsproxy_tls_CApath = $smtpd_tls_CApath +tlsproxy_tls_always_issue_session_ids = $smtpd_tls_always_issue_session_ids +tlsproxy_tls_ask_ccert = $smtpd_tls_ask_ccert +tlsproxy_tls_ccert_verifydepth = $smtpd_tls_ccert_verifydepth +tlsproxy_tls_cert_file = $smtpd_tls_cert_file +tlsproxy_tls_ciphers = $smtpd_tls_ciphers +tlsproxy_tls_dcert_file = $smtpd_tls_dcert_file +tlsproxy_tls_dh1024_param_file = $smtpd_tls_dh1024_param_file +tlsproxy_tls_dh512_param_file = $smtpd_tls_dh512_param_file +tlsproxy_tls_dkey_file = $smtpd_tls_dkey_file +tlsproxy_tls_eccert_file = $smtpd_tls_eccert_file +tlsproxy_tls_eckey_file = $smtpd_tls_eckey_file +tlsproxy_tls_eecdh_grade = $smtpd_tls_eecdh_grade +tlsproxy_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers +tlsproxy_tls_fingerprint_digest = $smtpd_tls_fingerprint_digest +tlsproxy_tls_key_file = $smtpd_tls_key_file +tlsproxy_tls_loglevel = $smtpd_tls_loglevel +tlsproxy_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers +tlsproxy_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers +tlsproxy_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols +tlsproxy_tls_protocols = $smtpd_tls_protocols +tlsproxy_tls_req_ccert = $smtpd_tls_req_ccert +tlsproxy_tls_security_level = $smtpd_tls_security_level +tlsproxy_use_tls = $smtpd_use_tls +tlsproxy_watchdog_timeout = 10s +trace_service_name = trace +transport_maps = +transport_retry_time = 60s +trigger_timeout = 10s +undisclosed_recipients_header = +unknown_address_reject_code = 450 +unknown_address_tempfail_action = $reject_tempfail_action +unknown_client_reject_code = 450 +unknown_helo_hostname_tempfail_action = $reject_tempfail_action +unknown_hostname_reject_code = 450 +unknown_local_recipient_reject_code = 550 +unknown_relay_recipient_reject_code = 550 +unknown_virtual_alias_reject_code = 550 +unknown_virtual_mailbox_reject_code = 550 +unverified_recipient_defer_code = 450 +unverified_recipient_reject_code = 450 +unverified_recipient_reject_reason = +unverified_recipient_tempfail_action = $reject_tempfail_action +unverified_sender_defer_code = 450 +unverified_sender_reject_code = 450 +unverified_sender_reject_reason = +unverified_sender_tempfail_action = $reject_tempfail_action +verp_delimiter_filter = -=+ +virtual_alias_address_length_limit = 1000 +virtual_alias_domains = $virtual_alias_maps +virtual_alias_expansion_limit = 1000 +virtual_alias_maps = $virtual_maps +virtual_alias_recursion_limit = 1000 +virtual_delivery_slot_cost = $default_delivery_slot_cost +virtual_delivery_slot_discount = $default_delivery_slot_discount +virtual_delivery_slot_loan = $default_delivery_slot_loan +virtual_delivery_status_filter = $default_delivery_status_filter +virtual_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +virtual_destination_concurrency_limit = $default_destination_concurrency_limit +virtual_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +virtual_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +virtual_destination_rate_delay = $default_destination_rate_delay +virtual_destination_recipient_limit = $default_destination_recipient_limit +virtual_extra_recipient_limit = $default_extra_recipient_limit +virtual_gid_maps = +virtual_initial_destination_concurrency = $initial_destination_concurrency +virtual_mailbox_base = +virtual_mailbox_domains = $virtual_mailbox_maps +virtual_mailbox_limit = 51200000 +virtual_mailbox_lock = fcntl, dotlock +virtual_mailbox_maps = +virtual_minimum_delivery_slots = $default_minimum_delivery_slots +virtual_minimum_uid = 100 +virtual_recipient_limit = $default_recipient_limit +virtual_recipient_refill_delay = $default_recipient_refill_delay +virtual_recipient_refill_limit = $default_recipient_refill_limit +virtual_transport = virtual +virtual_uid_maps = diff --git a/config-archive/etc/postfix/main.cf.dist b/config-archive/etc/postfix/main.cf.dist index ca960fe3..fc1a8819 100644 --- a/config-archive/etc/postfix/main.cf.dist +++ b/config-archive/etc/postfix/main.cf.dist @@ -659,7 +659,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-3.0.2/html +html_directory = /usr/share/doc/postfix-3.0.3-r1/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -672,7 +672,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-3.0.2/readme +readme_directory = /usr/share/doc/postfix-3.0.3-r1/readme inet_protocols = ipv4 meta_directory = /etc/postfix shlib_directory = /usr/lib64/postfix/${mail_version} diff --git a/cups/subscriptions.conf b/cups/subscriptions.conf index 82b5c4f5..586bff98 100644 --- a/cups/subscriptions.conf +++ b/cups/subscriptions.conf @@ -1,5 +1,5 @@ # Subscription configuration file for CUPS v2.0.3 -# Written by cupsd on 2016-02-09 19:42 +# Written by cupsd on 2016-02-10 08:45 NextSubscriptionId 248 Events all @@ -7,6 +7,6 @@ Owner anonymous Recipient dbus:// LeaseDuration 86400 Interval 0 -ExpirationTime 1455090330 +ExpirationTime 1455176670 NextEventId 177 diff --git a/postfix/main.cf b/postfix/main.cf index 6b000688..2b6cf73c 100644 --- a/postfix/main.cf +++ b/postfix/main.cf @@ -664,7 +664,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-3.0.2/html +html_directory = /usr/share/doc/postfix-3.0.3-r1/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -677,7 +677,8 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-3.0.2/readme +readme_directory = /usr/share/doc/postfix-3.0.3-r1/readme + # inet_protocols = ipv4 meta_directory = /etc/postfix shlib_directory = /usr/lib64/postfix/${mail_version} diff --git a/postfix/main.cf.default b/postfix/main.cf.default index fcc2569d..447290b3 100644 --- a/postfix/main.cf.default +++ b/postfix/main.cf.default @@ -1,652 +1,858 @@ -# Global Postfix configuration file. This file lists only a subset -# of all parameters. For the syntax, and for a complete parameter -# list, see the postconf(5) manual page (command: "man 5 postconf"). -# -# For common configuration examples, see BASIC_CONFIGURATION_README -# and STANDARD_CONFIGURATION_README. To find these documents, use -# the command "postconf html_directory readme_directory", or go to -# http://www.postfix.org/. -# -# For best results, change no more than 2-3 parameters at a time, -# and test if Postfix still works after every change. - -# SOFT BOUNCE -# -# The soft_bounce parameter provides a limited safety net for -# testing. When soft_bounce is enabled, mail will remain queued that -# would otherwise bounce. This parameter disables locally-generated -# bounces, and prevents the SMTP server from rejecting mail permanently -# (by changing 5xx replies into 4xx replies). However, soft_bounce -# is no cure for address rewriting mistakes or mail routing mistakes. -# -#soft_bounce = no - -# LOCAL PATHNAME INFORMATION -# -# The queue_directory specifies the location of the Postfix queue. -# This is also the root directory of Postfix daemons that run chrooted. -# See the files in examples/chroot-setup for setting up Postfix chroot -# environments on different UNIX systems. -# -queue_directory = /var/spool/postfix - -# The command_directory parameter specifies the location of all -# postXXX commands. -# +# DO NOT EDIT THIS FILE. EDIT THE MAIN.CF FILE INSTEAD. THE +# TEXT HERE JUST SHOWS DEFAULT SETTINGS BUILT INTO POSTFIX. +# +2bounce_notice_recipient = postmaster +access_map_defer_code = 450 +access_map_reject_code = 554 +address_verify_cache_cleanup_interval = 12h +address_verify_default_transport = $default_transport +address_verify_local_transport = $local_transport +address_verify_map = btree:$data_directory/verify_cache +address_verify_negative_cache = yes +address_verify_negative_expire_time = 3d +address_verify_negative_refresh_time = 3h +address_verify_poll_count = ${stress?{1}:{3}} +address_verify_poll_delay = 3s +address_verify_positive_expire_time = 31d +address_verify_positive_refresh_time = 7d +address_verify_relay_transport = $relay_transport +address_verify_relayhost = $relayhost +address_verify_sender = $double_bounce_sender +address_verify_sender_dependent_default_transport_maps = $sender_dependent_default_transport_maps +address_verify_sender_dependent_relayhost_maps = $sender_dependent_relayhost_maps +address_verify_sender_ttl = 0s +address_verify_service_name = verify +address_verify_transport_maps = $transport_maps +address_verify_virtual_transport = $virtual_transport +alias_database = hash:/etc/mail/aliases +alias_maps = hash:/etc/mail/aliases, nis:mail.aliases +allow_mail_to_commands = alias, forward +allow_mail_to_files = alias, forward +allow_min_user = no +allow_percent_hack = yes +allow_untrusted_routing = no +alternate_config_directories = +always_add_missing_headers = no +always_bcc = +anvil_rate_time_unit = 60s +anvil_status_update_time = 600s +append_at_myorigin = yes +append_dot_mydomain = ${{$compatibility_level} < {1} ? {yes} : {no}} +application_event_drain_time = 100s +authorized_flush_users = static:anyone +authorized_mailq_users = static:anyone +authorized_submit_users = static:anyone +backwards_bounce_logfile_compatibility = yes +berkeley_db_create_buffer_size = 16777216 +berkeley_db_read_buffer_size = 131072 +best_mx_transport = +biff = yes +body_checks = +body_checks_size_limit = 51200 +bounce_notice_recipient = postmaster +bounce_queue_lifetime = 5d +bounce_service_name = bounce +bounce_size_limit = 50000 +bounce_template_file = +broken_sasl_auth_clients = no +canonical_classes = envelope_sender, envelope_recipient, header_sender, header_recipient +canonical_maps = +cleanup_service_name = cleanup command_directory = /usr/sbin - -# The daemon_directory parameter specifies the location of all Postfix -# daemon programs (i.e. programs listed in the master.cf file). This -# directory must be owned by root. -# -daemon_directory = /usr/lib64/postfix - -# The data_directory parameter specifies the location of Postfix-writable -# data files (caches, random numbers). This directory must be owned -# by the mail_owner account (see below). -# +command_execution_directory = +command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ +command_time_limit = 1000s +compatibility_level = 0 +config_directory = /etc/postfix +confirm_delay_cleared = no +connection_cache_protocol_timeout = 5s +connection_cache_service_name = scache +connection_cache_status_update_time = 600s +connection_cache_ttl_limit = 2s +content_filter = +cyrus_sasl_config_path = +daemon_directory = /usr/libexec/postfix +daemon_table_open_error_is_fatal = no +daemon_timeout = 18000s data_directory = /var/lib/postfix - -# QUEUE AND PROCESS OWNERSHIP -# -# The mail_owner parameter specifies the owner of the Postfix queue -# and of most Postfix daemon processes. Specify the name of a user -# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS -# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In -# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED -# USER. -# -mail_owner = postfix - -# The default_privs parameter specifies the default rights used by -# the local delivery agent for delivery to external file or command. -# These rights are used in the absence of a recipient user context. -# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. -# -#default_privs = nobody - -# INTERNET HOST AND DOMAIN NAMES -# -# The myhostname parameter specifies the internet hostname of this -# mail system. The default is to use the fully-qualified domain name -# from gethostname(). $myhostname is used as a default value for many -# other configuration parameters. -# -#myhostname = host.domain.tld -#myhostname = virtual.domain.tld - -# The mydomain parameter specifies the local internet domain name. -# The default is to use $myhostname minus the first component. -# $mydomain is used as a default value for many other configuration -# parameters. -# -#mydomain = domain.tld - -# SENDING MAIL -# -# The myorigin parameter specifies the domain that locally-posted -# mail appears to come from. The default is to append $myhostname, -# which is fine for small sites. If you run a domain with multiple -# machines, you should (1) change this to $mydomain and (2) set up -# a domain-wide alias database that aliases each user to -# user@that.users.mailhost. -# -# For the sake of consistency between sender and recipient addresses, -# myorigin also specifies the default domain name that is appended -# to recipient addresses that have no @domain part. -# -#myorigin = $myhostname -#myorigin = $mydomain - -# RECEIVING MAIL - -# The inet_interfaces parameter specifies the network interface -# addresses that this mail system receives mail on. By default, -# the software claims all active interfaces on the machine. The -# parameter also controls delivery of mail to user@[ip.address]. -# -# See also the proxy_interfaces parameter, for network addresses that -# are forwarded to us via a proxy or network address translator. -# -# Note: you need to stop/start Postfix when this parameter changes. -# -#inet_interfaces = all -#inet_interfaces = $myhostname -#inet_interfaces = $myhostname, localhost - -# The proxy_interfaces parameter specifies the network interface -# addresses that this mail system receives mail on by way of a -# proxy or network address translation unit. This setting extends -# the address list specified with the inet_interfaces parameter. -# -# You must specify your proxy/NAT addresses when your system is a -# backup MX host for other domains, otherwise mail delivery loops -# will happen when the primary MX host is down. -# -#proxy_interfaces = -#proxy_interfaces = 1.2.3.4 - -# The mydestination parameter specifies the list of domains that this -# machine considers itself the final destination for. -# -# These domains are routed to the delivery agent specified with the -# local_transport parameter setting. By default, that is the UNIX -# compatible delivery agent that lookups all recipients in /etc/passwd -# and /etc/aliases or their equivalent. -# -# The default is $myhostname + localhost.$mydomain. On a mail domain -# gateway, you should also include $mydomain. -# -# Do not specify the names of virtual domains - those domains are -# specified elsewhere (see VIRTUAL_README). -# -# Do not specify the names of domains that this machine is backup MX -# host for. Specify those names via the relay_domains settings for -# the SMTP server, or use permit_mx_backup if you are lazy (see -# STANDARD_CONFIGURATION_README). -# -# The local machine is always the final destination for mail addressed -# to user@[the.net.work.address] of an interface that the mail system -# receives mail on (see the inet_interfaces parameter). -# -# Specify a list of host or domain names, /file/name or type:table -# patterns, separated by commas and/or whitespace. A /file/name -# pattern is replaced by its contents; a type:table is matched when -# a name matches a lookup key (the right-hand side is ignored). -# Continue long lines by starting the next line with whitespace. -# -# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". -# -#mydestination = $myhostname, localhost.$mydomain, localhost -#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain -#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, -# mail.$mydomain, www.$mydomain, ftp.$mydomain - -# REJECTING MAIL FOR UNKNOWN LOCAL USERS -# -# The local_recipient_maps parameter specifies optional lookup tables -# with all names or addresses of users that are local with respect -# to $mydestination, $inet_interfaces or $proxy_interfaces. -# -# If this parameter is defined, then the SMTP server will reject -# mail for unknown local users. This parameter is defined by default. -# -# To turn off local recipient checking in the SMTP server, specify -# local_recipient_maps = (i.e. empty). -# -# The default setting assumes that you use the default Postfix local -# delivery agent for local delivery. You need to update the -# local_recipient_maps setting if: -# -# - You define $mydestination domain recipients in files other than -# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. -# For example, you define $mydestination domain recipients in -# the $virtual_mailbox_maps files. -# -# - You redefine the local delivery agent in master.cf. -# -# - You redefine the "local_transport" setting in main.cf. -# -# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" -# feature of the Postfix local delivery agent (see local(8)). -# -# Details are described in the LOCAL_RECIPIENT_README file. -# -# Beware: if the Postfix SMTP server runs chrooted, you probably have -# to access the passwd file via the proxymap service, in order to -# overcome chroot restrictions. The alternative, having a copy of -# the system passwd file in the chroot jail is just not practical. -# -# The right-hand side of the lookup tables is conveniently ignored. -# In the left-hand side, specify a bare username, an @domain.tld -# wild-card, or specify a user@domain.tld address. -# -#local_recipient_maps = unix:passwd.byname $alias_maps -#local_recipient_maps = proxy:unix:passwd.byname $alias_maps -#local_recipient_maps = - -# The unknown_local_recipient_reject_code specifies the SMTP server -# response code when a recipient domain matches $mydestination or -# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty -# and the recipient address or address local-part is not found. -# -# The default setting is 550 (reject mail) but it is safer to start -# with 450 (try again later) until you are certain that your -# local_recipient_maps settings are OK. -# -unknown_local_recipient_reject_code = 550 - -# TRUST AND RELAY CONTROL - -# The mynetworks parameter specifies the list of "trusted" SMTP -# clients that have more privileges than "strangers". -# -# In particular, "trusted" SMTP clients are allowed to relay mail -# through Postfix. See the smtpd_recipient_restrictions parameter -# in postconf(5). -# -# You can specify the list of "trusted" network addresses by hand -# or you can let Postfix do it for you (which is the default). -# -# By default (mynetworks_style = subnet), Postfix "trusts" SMTP -# clients in the same IP subnetworks as the local machine. -# On Linux, this does works correctly only with interfaces specified -# with the "ifconfig" command. -# -# Specify "mynetworks_style = class" when Postfix should "trust" SMTP -# clients in the same IP class A/B/C networks as the local machine. -# Don't do this with a dialup site - it would cause Postfix to "trust" -# your entire provider's network. Instead, specify an explicit -# mynetworks list by hand, as described below. -# -# Specify "mynetworks_style = host" when Postfix should "trust" -# only the local machine. -# -#mynetworks_style = class -#mynetworks_style = subnet -#mynetworks_style = host - -# Alternatively, you can specify the mynetworks list by hand, in -# which case Postfix ignores the mynetworks_style setting. -# -# Specify an explicit list of network/netmask patterns, where the -# mask specifies the number of bits in the network part of a host -# address. -# -# You can also specify the absolute pathname of a pattern file instead -# of listing the patterns here. Specify type:table for table-based lookups -# (the value on the table right-hand side is not used). -# -#mynetworks = 168.100.189.0/28, 127.0.0.0/8 -#mynetworks = $config_directory/mynetworks -#mynetworks = hash:/etc/postfix/network_table - -# The relay_domains parameter restricts what destinations this system will -# relay mail to. See the smtpd_recipient_restrictions description in -# postconf(5) for detailed information. -# -# By default, Postfix relays mail -# - from "trusted" clients (IP address matches $mynetworks) to any destination, -# - from "untrusted" clients to destinations that match $relay_domains or -# subdomains thereof, except addresses with sender-specified routing. -# The default relay_domains value is $mydestination. -# -# In addition to the above, the Postfix SMTP server by default accepts mail -# that Postfix is final destination for: -# - destinations that match $inet_interfaces or $proxy_interfaces, -# - destinations that match $mydestination -# - destinations that match $virtual_alias_domains, -# - destinations that match $virtual_mailbox_domains. -# These destinations do not need to be listed in $relay_domains. -# -# Specify a list of hosts or domains, /file/name patterns or type:name -# lookup tables, separated by commas and/or whitespace. Continue -# long lines by starting the next line with whitespace. A file name -# is replaced by its contents; a type:name table is matched when a -# (parent) domain appears as lookup key. -# -# NOTE: Postfix will not automatically forward mail for domains that -# list this system as their primary or backup MX host. See the -# permit_mx_backup restriction description in postconf(5). -# -#relay_domains = $mydestination - -# INTERNET OR INTRANET - -# The relayhost parameter specifies the default host to send mail to -# when no entry is matched in the optional transport(5) table. When -# no relayhost is given, mail is routed directly to the destination. -# -# On an intranet, specify the organizational domain name. If your -# internal DNS uses no MX records, specify the name of the intranet -# gateway host instead. -# -# In the case of SMTP, specify a domain, host, host:port, [host]:port, -# [address] or [address]:port; the form [host] turns off MX lookups. -# -# If you're connected via UUCP, see also the default_transport parameter. -# -#relayhost = $mydomain -#relayhost = [gateway.my.domain] -#relayhost = [mailserver.isp.tld] -#relayhost = uucphost -#relayhost = [an.ip.add.ress] - -# REJECTING UNKNOWN RELAY USERS -# -# The relay_recipient_maps parameter specifies optional lookup tables -# with all addresses in the domains that match $relay_domains. -# -# If this parameter is defined, then the SMTP server will reject -# mail for unknown relay users. This feature is off by default. -# -# The right-hand side of the lookup tables is conveniently ignored. -# In the left-hand side, specify an @domain.tld wild-card, or specify -# a user@domain.tld address. -# -#relay_recipient_maps = hash:/etc/postfix/relay_recipients - -# INPUT RATE CONTROL -# -# The in_flow_delay configuration parameter implements mail input -# flow control. This feature is turned on by default, although it -# still needs further development (it's disabled on SCO UNIX due -# to an SCO bug). -# -# A Postfix process will pause for $in_flow_delay seconds before -# accepting a new message, when the message arrival rate exceeds the -# message delivery rate. With the default 100 SMTP server process -# limit, this limits the mail inflow to 100 messages a second more -# than the number of messages delivered per second. -# -# Specify 0 to disable the feature. Valid delays are 0..10. -# -#in_flow_delay = 1s - -# ADDRESS REWRITING -# -# The ADDRESS_REWRITING_README document gives information about -# address masquerading or other forms of address rewriting including -# username->Firstname.Lastname mapping. - -# ADDRESS REDIRECTION (VIRTUAL DOMAIN) -# -# The VIRTUAL_README document gives information about the many forms -# of domain hosting that Postfix supports. - -# "USER HAS MOVED" BOUNCE MESSAGES -# -# See the discussion in the ADDRESS_REWRITING_README document. - -# TRANSPORT MAP -# -# See the discussion in the ADDRESS_REWRITING_README document. - -# ALIAS DATABASE -# -# The alias_maps parameter specifies the list of alias databases used -# by the local delivery agent. The default list is system dependent. -# -# On systems with NIS, the default is to search the local alias -# database, then the NIS alias database. See aliases(5) for syntax -# details. -# -# If you change the alias database, run "postalias /etc/aliases" (or -# wherever your system stores the mail alias file), or simply run -# "newaliases" to build the necessary DBM or DB file. -# -# It will take a minute or so before changes become visible. Use -# "postfix reload" to eliminate the delay. -# -#alias_maps = dbm:/etc/aliases -#alias_maps = hash:/etc/aliases -#alias_maps = hash:/etc/aliases, nis:mail.aliases -#alias_maps = netinfo:/aliases - -# The alias_database parameter specifies the alias database(s) that -# are built with "newaliases" or "sendmail -bi". This is a separate -# configuration parameter, because alias_maps (see above) may specify -# tables that are not necessarily all under control by Postfix. -# -#alias_database = dbm:/etc/aliases -#alias_database = dbm:/etc/mail/aliases -#alias_database = hash:/etc/aliases -#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases - -# ADDRESS EXTENSIONS (e.g., user+foo) -# -# The recipient_delimiter parameter specifies the separator between -# user names and address extensions (user+foo). See canonical(5), -# local(8), relocated(5) and virtual(5) for the effects this has on -# aliases, canonical, virtual, relocated and .forward file lookups. -# Basically, the software tries user+foo and .forward+foo before -# trying user and .forward. -# -#recipient_delimiter = + - -# DELIVERY TO MAILBOX -# -# The home_mailbox parameter specifies the optional pathname of a -# mailbox file relative to a user's home directory. The default -# mailbox file is /var/spool/mail/user or /var/mail/user. Specify -# "Maildir/" for qmail-style delivery (the / is required). -# -#home_mailbox = Mailbox -#home_mailbox = Maildir/ - -# The mail_spool_directory parameter specifies the directory where -# UNIX-style mailboxes are kept. The default setting depends on the -# system type. -# -#mail_spool_directory = /var/mail -#mail_spool_directory = /var/spool/mail - -# The mailbox_command parameter specifies the optional external -# command to use instead of mailbox delivery. The command is run as -# the recipient with proper HOME, SHELL and LOGNAME environment settings. -# Exception: delivery for root is done as $default_user. -# -# Other environment variables of interest: USER (recipient username), -# EXTENSION (address extension), DOMAIN (domain part of address), -# and LOCAL (the address localpart). -# -# Unlike other Postfix configuration parameters, the mailbox_command -# parameter is not subjected to $parameter substitutions. This is to -# make it easier to specify shell syntax (see example below). -# -# Avoid shell meta characters because they will force Postfix to run -# an expensive shell process. Procmail alone is expensive enough. -# -# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN -# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. -# -#mailbox_command = /some/where/procmail -#mailbox_command = /some/where/procmail -a "$EXTENSION" - -# The mailbox_transport specifies the optional transport in master.cf -# to use after processing aliases and .forward files. This parameter -# has precedence over the mailbox_command, fallback_transport and -# luser_relay parameters. -# -# Specify a string of the form transport:nexthop, where transport is -# the name of a mail delivery transport defined in master.cf. The -# :nexthop part is optional. For more details see the sample transport -# configuration file. -# -# NOTE: if you use this feature for accounts not in the UNIX password -# file, then you must update the "local_recipient_maps" setting in -# the main.cf file, otherwise the SMTP server will reject mail for -# non-UNIX accounts with "User unknown in local recipient table". -# -#mailbox_transport = lmtp:unix:/file/name -#mailbox_transport = cyrus - -# The fallback_transport specifies the optional transport in master.cf -# to use for recipients that are not found in the UNIX passwd database. -# This parameter has precedence over the luser_relay parameter. -# -# Specify a string of the form transport:nexthop, where transport is -# the name of a mail delivery transport defined in master.cf. The -# :nexthop part is optional. For more details see the sample transport -# configuration file. -# -# NOTE: if you use this feature for accounts not in the UNIX password -# file, then you must update the "local_recipient_maps" setting in -# the main.cf file, otherwise the SMTP server will reject mail for -# non-UNIX accounts with "User unknown in local recipient table". -# -#fallback_transport = lmtp:unix:/file/name -#fallback_transport = cyrus -#fallback_transport = - -# The luser_relay parameter specifies an optional destination address -# for unknown recipients. By default, mail for unknown@$mydestination, -# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned -# as undeliverable. -# -# The following expansions are done on luser_relay: $user (recipient -# username), $shell (recipient shell), $home (recipient home directory), -# $recipient (full recipient address), $extension (recipient address -# extension), $domain (recipient domain), $local (entire recipient -# localpart), $recipient_delimiter. Specify ${name?value} or -# ${name:value} to expand value only when $name does (does not) exist. -# -# luser_relay works only for the default Postfix local delivery agent. -# -# NOTE: if you use this feature for accounts not in the UNIX password -# file, then you must specify "local_recipient_maps =" (i.e. empty) in -# the main.cf file, otherwise the SMTP server will reject mail for -# non-UNIX accounts with "User unknown in local recipient table". -# -#luser_relay = $user@other.host -#luser_relay = $local@other.host -#luser_relay = admin+$local - -# JUNK MAIL CONTROLS -# -# The controls listed here are only a very small subset. The file -# SMTPD_ACCESS_README provides an overview. - -# The header_checks parameter specifies an optional table with patterns -# that each logical message header is matched against, including -# headers that span multiple physical lines. -# -# By default, these patterns also apply to MIME headers and to the -# headers of attached messages. With older Postfix versions, MIME and -# attached message headers were treated as body text. -# -# For details, see "man header_checks". -# -#header_checks = regexp:/etc/postfix/header_checks - -# FAST ETRN SERVICE -# -# Postfix maintains per-destination logfiles with information about -# deferred mail, so that mail can be flushed quickly with the SMTP -# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". -# See the ETRN_README document for a detailed description. -# -# The fast_flush_domains parameter controls what destinations are -# eligible for this service. By default, they are all domains that -# this server is willing to relay mail to. -# -#fast_flush_domains = $relay_domains - -# SHOW SOFTWARE VERSION OR NOT -# -# The smtpd_banner parameter specifies the text that follows the 220 -# code in the SMTP server's greeting banner. Some people like to see -# the mail version advertised. By default, Postfix shows no version. -# -# You MUST specify $myhostname at the start of the text. That is an -# RFC requirement. Postfix itself does not care. -# -#smtpd_banner = $myhostname ESMTP $mail_name -#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) - -# PARALLEL DELIVERY TO THE SAME DESTINATION -# -# How many parallel deliveries to the same user or domain? With local -# delivery, it does not make sense to do massively parallel delivery -# to the same user, because mailbox updates must happen sequentially, -# and expensive pipelines in .forward files can cause disasters when -# too many are run at the same time. With SMTP deliveries, 10 -# simultaneous connections to the same domain could be sufficient to -# raise eyebrows. -# -# Each message delivery transport has its XXX_destination_concurrency_limit -# parameter. The default is $default_destination_concurrency_limit for -# most delivery transports. For the local delivery agent the default is 2. - -#local_destination_concurrency_limit = 2 -#default_destination_concurrency_limit = 20 - -# DEBUGGING CONTROL -# -# The debug_peer_level parameter specifies the increment in verbose -# logging level when an SMTP client or server host name or address -# matches a pattern in the debug_peer_list parameter. -# debug_peer_level = 2 - -# The debug_peer_list parameter specifies an optional list of domain -# or network patterns, /file/name patterns or type:name tables. When -# an SMTP client or server host name or address matches a pattern, -# increase the verbose logging level by the amount specified in the -# debug_peer_level parameter. -# -#debug_peer_list = 127.0.0.1 -#debug_peer_list = some.domain - -# The debugger_command specifies the external command that is executed -# when a Postfix daemon program is run with the -D option. -# -# Use "command .. & sleep 5" so that the debugger can attach before -# the process marches on. If you use an X-based debugger, be sure to -# set up your XAUTHORITY environment variable before starting Postfix. -# +debug_peer_list = debugger_command = - PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin - ddd $daemon_directory/$process_name $process_id & sleep 5 - -# If you can't use X, use this to capture the call stack when a -# daemon crashes. The result is in a file in the configuration -# directory, and is named after the process name and the process ID. -# -# debugger_command = -# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; -# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 -# >$config_directory/$process_name.$process_id.log & sleep 5 -# -# Another possibility is to run gdb under a detached screen session. -# To attach to the screen sesssion, su root and run "screen -r -# " where uniquely matches one of the detached -# sessions (from "screen -list"). -# -# debugger_command = -# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen -# -dmS $process_name gdb $daemon_directory/$process_name -# $process_id & sleep 1 - -# INSTALL-TIME CONFIGURATION INFORMATION -# -# The following parameters are used when installing a new Postfix version. -# -# sendmail_path: The full pathname of the Postfix sendmail command. -# This is the Sendmail-compatible mail posting interface. -# -sendmail_path = /usr/sbin/sendmail - -# newaliases_path: The full pathname of the Postfix newaliases command. -# This is the Sendmail-compatible command to build alias databases. -# -newaliases_path = /usr/bin/newaliases - -# mailq_path: The full pathname of the Postfix mailq command. This -# is the Sendmail-compatible mail queue listing command. -# +default_database_type = hash +default_delivery_slot_cost = 5 +default_delivery_slot_discount = 50 +default_delivery_slot_loan = 3 +default_delivery_status_filter = +default_destination_concurrency_failed_cohort_limit = 1 +default_destination_concurrency_limit = 20 +default_destination_concurrency_negative_feedback = 1 +default_destination_concurrency_positive_feedback = 1 +default_destination_rate_delay = 0s +default_destination_recipient_limit = 50 +default_extra_recipient_limit = 1000 +default_filter_nexthop = +default_minimum_delivery_slots = 3 +default_privs = nobody +default_process_limit = 100 +default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} +default_recipient_limit = 20000 +default_recipient_refill_delay = 5s +default_recipient_refill_limit = 100 +default_transport = smtp +default_verp_delimiters = += +defer_code = 450 +defer_service_name = defer +defer_transports = +delay_logging_resolution_limit = 2 +delay_notice_recipient = postmaster +delay_warning_time = 0h +deliver_lock_attempts = 20 +deliver_lock_delay = 1s +destination_concurrency_feedback_debug = no +detect_8bit_encoding_header = yes +disable_dns_lookups = no +disable_mime_input_processing = no +disable_mime_output_conversion = no +disable_verp_bounces = no +disable_vrfy_command = no +dnsblog_reply_delay = 0s +dnsblog_service_name = dnsblog +dont_remove = 0 +double_bounce_sender = double-bounce +duplicate_filter_limit = 1000 +empty_address_default_transport_maps_lookup_key = <> +empty_address_recipient = MAILER-DAEMON +empty_address_relayhost_maps_lookup_key = <> +enable_long_queue_ids = no +enable_original_recipient = yes +error_delivery_slot_cost = $default_delivery_slot_cost +error_delivery_slot_discount = $default_delivery_slot_discount +error_delivery_slot_loan = $default_delivery_slot_loan +error_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +error_destination_concurrency_limit = $default_destination_concurrency_limit +error_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +error_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +error_destination_rate_delay = $default_destination_rate_delay +error_destination_recipient_limit = $default_destination_recipient_limit +error_extra_recipient_limit = $default_extra_recipient_limit +error_initial_destination_concurrency = $initial_destination_concurrency +error_minimum_delivery_slots = $default_minimum_delivery_slots +error_notice_recipient = postmaster +error_recipient_limit = $default_recipient_limit +error_recipient_refill_delay = $default_recipient_refill_delay +error_recipient_refill_limit = $default_recipient_refill_limit +error_service_name = error +execution_directory_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ +expand_owner_alias = no +export_environment = TZ MAIL_CONFIG LANG +fallback_transport = +fallback_transport_maps = +fast_flush_domains = $relay_domains +fast_flush_purge_time = 7d +fast_flush_refresh_time = 12h +fault_injection_code = 0 +flush_service_name = flush +fork_attempts = 5 +fork_delay = 1s +forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ +forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward +frozen_delivered_to = yes +hash_queue_depth = 1 +hash_queue_names = deferred, defer +header_address_token_limit = 10240 +header_checks = +header_size_limit = 102400 +helpful_warnings = yes +home_mailbox = +hopcount_limit = 50 +html_directory = no +ignore_mx_lookup_error = no +import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C +in_flow_delay = 1s +inet_interfaces = all +inet_protocols = all +initial_destination_concurrency = 5 +internal_mail_filter_classes = +invalid_hostname_reject_code = 501 +ipc_idle = 5s +ipc_timeout = 3600s +ipc_ttl = 1000s +line_length_limit = 2048 +lmdb_map_size = 16777216 +lmtp_address_preference = any +lmtp_address_verify_target = rcpt +lmtp_assume_final = no +lmtp_bind_address = +lmtp_bind_address6 = +lmtp_body_checks = +lmtp_cname_overrides_servername = no +lmtp_connect_timeout = 0s +lmtp_connection_cache_destinations = +lmtp_connection_cache_on_demand = yes +lmtp_connection_cache_time_limit = 2s +lmtp_connection_reuse_count_limit = 0 +lmtp_connection_reuse_time_limit = 300s +lmtp_data_done_timeout = 600s +lmtp_data_init_timeout = 120s +lmtp_data_xfer_timeout = 180s +lmtp_defer_if_no_mx_address_found = no +lmtp_delivery_slot_cost = $default_delivery_slot_cost +lmtp_delivery_slot_discount = $default_delivery_slot_discount +lmtp_delivery_slot_loan = $default_delivery_slot_loan +lmtp_delivery_status_filter = $default_delivery_status_filter +lmtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +lmtp_destination_concurrency_limit = $default_destination_concurrency_limit +lmtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +lmtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +lmtp_destination_rate_delay = $default_destination_rate_delay +lmtp_destination_recipient_limit = $default_destination_recipient_limit +lmtp_discard_lhlo_keyword_address_maps = +lmtp_discard_lhlo_keywords = +lmtp_dns_reply_filter = +lmtp_dns_resolver_options = +lmtp_dns_support_level = +lmtp_enforce_tls = no +lmtp_extra_recipient_limit = $default_extra_recipient_limit +lmtp_generic_maps = +lmtp_header_checks = +lmtp_host_lookup = dns +lmtp_initial_destination_concurrency = $initial_destination_concurrency +lmtp_lhlo_name = $myhostname +lmtp_lhlo_timeout = 300s +lmtp_line_length_limit = 998 +lmtp_mail_timeout = 300s +lmtp_mime_header_checks = +lmtp_minimum_delivery_slots = $default_minimum_delivery_slots +lmtp_mx_address_limit = 5 +lmtp_mx_session_limit = 2 +lmtp_nested_header_checks = +lmtp_per_record_deadline = no +lmtp_pix_workaround_delay_time = 10s +lmtp_pix_workaround_maps = +lmtp_pix_workaround_threshold_time = 500s +lmtp_pix_workarounds = disable_esmtp,delay_dotcrlf +lmtp_quit_timeout = 300s +lmtp_quote_rfc821_envelope = yes +lmtp_randomize_addresses = yes +lmtp_rcpt_timeout = 300s +lmtp_recipient_limit = $default_recipient_limit +lmtp_recipient_refill_delay = $default_recipient_refill_delay +lmtp_recipient_refill_limit = $default_recipient_refill_limit +lmtp_reply_filter = +lmtp_rset_timeout = 20s +lmtp_sasl_auth_cache_name = +lmtp_sasl_auth_cache_time = 90d +lmtp_sasl_auth_enable = no +lmtp_sasl_auth_soft_bounce = yes +lmtp_sasl_mechanism_filter = +lmtp_sasl_password_maps = +lmtp_sasl_path = +lmtp_sasl_security_options = noplaintext, noanonymous +lmtp_sasl_tls_security_options = $lmtp_sasl_security_options +lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options +lmtp_sasl_type = cyrus +lmtp_send_dummy_mail_auth = no +lmtp_send_xforward_command = no +lmtp_sender_dependent_authentication = no +lmtp_skip_5xx_greeting = yes +lmtp_skip_quit_response = no +lmtp_starttls_timeout = 300s +lmtp_tcp_port = 24 +lmtp_tls_CAfile = +lmtp_tls_CApath = +lmtp_tls_block_early_mail_reply = no +lmtp_tls_cert_file = +lmtp_tls_ciphers = medium +lmtp_tls_dcert_file = +lmtp_tls_dkey_file = $lmtp_tls_dcert_file +lmtp_tls_eccert_file = +lmtp_tls_eckey_file = $lmtp_tls_eccert_file +lmtp_tls_enforce_peername = yes +lmtp_tls_exclude_ciphers = +lmtp_tls_fingerprint_cert_match = +lmtp_tls_fingerprint_digest = md5 +lmtp_tls_force_insecure_host_tlsa_lookup = no +lmtp_tls_key_file = $lmtp_tls_cert_file +lmtp_tls_loglevel = 0 +lmtp_tls_mandatory_ciphers = medium +lmtp_tls_mandatory_exclude_ciphers = +lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3 +lmtp_tls_note_starttls_offer = no +lmtp_tls_per_site = +lmtp_tls_policy_maps = +lmtp_tls_protocols = !SSLv2, !SSLv3 +lmtp_tls_scert_verifydepth = 9 +lmtp_tls_secure_cert_match = nexthop +lmtp_tls_security_level = +lmtp_tls_session_cache_database = +lmtp_tls_session_cache_timeout = 3600s +lmtp_tls_trust_anchor_file = +lmtp_tls_verify_cert_match = hostname +lmtp_tls_wrappermode = no +lmtp_use_tls = no +lmtp_xforward_timeout = 300s +local_command_shell = +local_delivery_slot_cost = $default_delivery_slot_cost +local_delivery_slot_discount = $default_delivery_slot_discount +local_delivery_slot_loan = $default_delivery_slot_loan +local_delivery_status_filter = $default_delivery_status_filter +local_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +local_destination_concurrency_limit = 2 +local_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +local_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +local_destination_rate_delay = $default_destination_rate_delay +local_destination_recipient_limit = 1 +local_extra_recipient_limit = $default_extra_recipient_limit +local_header_rewrite_clients = permit_inet_interfaces +local_initial_destination_concurrency = $initial_destination_concurrency +local_minimum_delivery_slots = $default_minimum_delivery_slots +local_recipient_limit = $default_recipient_limit +local_recipient_maps = proxy:unix:passwd.byname $alias_maps +local_recipient_refill_delay = $default_recipient_refill_delay +local_recipient_refill_limit = $default_recipient_refill_limit +local_transport = local:$myhostname +luser_relay = +mail_name = Postfix +mail_owner = postfix +mail_release_date = 20151010 +mail_spool_directory = /var/mail +mail_version = 3.0.3 +mailbox_command = +mailbox_command_maps = +mailbox_delivery_lock = fcntl, dotlock +mailbox_size_limit = 51200000 +mailbox_transport = +mailbox_transport_maps = mailq_path = /usr/bin/mailq - -# setgid_group: The group for mail submission and queue management -# commands. This must be a group name with a numerical group ID that -# is not shared with other accounts, not even with the Postfix account. -# -setgid_group = postdrop - -# html_directory: The location of the Postfix HTML documentation. -# -html_directory = /usr/share/doc/postfix-2.8.7/html - -# manpage_directory: The location of the Postfix on-line manual pages. -# -manpage_directory = /usr/share/man - -# sample_directory: The location of the Postfix sample configuration files. -# This parameter is obsolete as of Postfix 2.1. -# +manpage_directory = /usr/local/man +maps_rbl_domains = +maps_rbl_reject_code = 554 +masquerade_classes = envelope_sender, header_sender, header_recipient +masquerade_domains = +masquerade_exceptions = +master_service_disable = +max_idle = 100s +max_use = 100 +maximal_backoff_time = 4000s +maximal_queue_lifetime = 5d +message_drop_headers = bcc, content-length, resent-bcc, return-path +message_reject_characters = +message_size_limit = 10240000 +message_strip_characters = +meta_directory = /etc/postfix +milter_command_timeout = 30s +milter_connect_macros = j {daemon_name} v +milter_connect_timeout = 30s +milter_content_timeout = 300s +milter_data_macros = i +milter_default_action = tempfail +milter_end_of_data_macros = i +milter_end_of_header_macros = i +milter_header_checks = +milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} +milter_macro_daemon_name = $myhostname +milter_macro_v = $mail_name $mail_version +milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} +milter_protocol = 6 +milter_rcpt_macros = i {rcpt_addr} {rcpt_host} {rcpt_mailer} +milter_unknown_command_macros = +mime_boundary_length_limit = 2048 +mime_header_checks = $header_checks +mime_nesting_limit = 100 +minimal_backoff_time = 300s +multi_instance_directories = +multi_instance_enable = no +multi_instance_group = +multi_instance_name = +multi_instance_wrapper = +multi_recipient_bounce_reject_code = 550 +mydestination = $myhostname, localhost.$mydomain, localhost +mynetworks_style = ${{$compatibility_level} < {2} ? {subnet} : {host}} +myorigin = $myhostname +nested_header_checks = $header_checks +newaliases_path = /usr/bin/newaliases +non_fqdn_reject_code = 504 +non_smtpd_milters = +notify_classes = resource, software +owner_request_special = yes +parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps +permit_mx_backup_networks = +pickup_service_name = pickup +pipe_delivery_status_filter = $default_delivery_status_filter +plaintext_reject_code = 450 +postmulti_control_commands = reload flush +postmulti_start_commands = start +postmulti_stop_commands = stop abort drain quick-stop +postscreen_access_list = permit_mynetworks +postscreen_bare_newline_action = ignore +postscreen_bare_newline_enable = no +postscreen_bare_newline_ttl = 30d +postscreen_blacklist_action = ignore +postscreen_cache_cleanup_interval = 12h +postscreen_cache_map = btree:$data_directory/postscreen_cache +postscreen_cache_retention_time = 7d +postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit +postscreen_command_count_limit = 20 +postscreen_command_filter = +postscreen_command_time_limit = ${stress?{10}:{300}}s +postscreen_disable_vrfy_command = $disable_vrfy_command +postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps +postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords +postscreen_dnsbl_action = ignore +postscreen_dnsbl_reply_map = +postscreen_dnsbl_sites = +postscreen_dnsbl_threshold = 1 +postscreen_dnsbl_timeout = 10s +postscreen_dnsbl_ttl = 1h +postscreen_dnsbl_whitelist_threshold = 0 +postscreen_enforce_tls = $smtpd_enforce_tls +postscreen_expansion_filter = $smtpd_expansion_filter +postscreen_forbidden_commands = $smtpd_forbidden_commands +postscreen_greet_action = ignore +postscreen_greet_banner = $smtpd_banner +postscreen_greet_ttl = 1d +postscreen_greet_wait = ${stress?{2}:{6}}s +postscreen_helo_required = $smtpd_helo_required +postscreen_non_smtp_command_action = drop +postscreen_non_smtp_command_enable = no +postscreen_non_smtp_command_ttl = 30d +postscreen_pipelining_action = enforce +postscreen_pipelining_enable = no +postscreen_pipelining_ttl = 30d +postscreen_post_queue_limit = $default_process_limit +postscreen_pre_queue_limit = $default_process_limit +postscreen_reject_footer = $smtpd_reject_footer +postscreen_tls_security_level = $smtpd_tls_security_level +postscreen_upstream_proxy_protocol = +postscreen_upstream_proxy_timeout = 5s +postscreen_use_tls = $smtpd_use_tls +postscreen_watchdog_timeout = 10s +postscreen_whitelist_interfaces = static:all +prepend_delivered_header = command, file, forward +process_id_directory = pid +propagate_unmatched_extensions = canonical, virtual +proxy_interfaces = +proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $smtpd_client_restrictions $smtpd_helo_restrictions $smtpd_sender_restrictions $smtpd_relay_restrictions $smtpd_recipient_restrictions +proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name $address_verify_map $postscreen_cache_map +proxymap_service_name = proxymap +proxywrite_service_name = proxywrite +qmgr_clog_warn_time = 300s +qmgr_daemon_timeout = 1000s +qmgr_fudge_factor = 100 +qmgr_ipc_timeout = 60s +qmgr_message_active_limit = 20000 +qmgr_message_recipient_limit = 20000 +qmgr_message_recipient_minimum = 10 +qmqpd_authorized_clients = +qmqpd_client_port_logging = no +qmqpd_error_delay = 1s +qmqpd_timeout = 300s +queue_directory = /var/spool/postfix +queue_file_attribute_count_limit = 100 +queue_minfree = 0 +queue_run_delay = 300s +queue_service_name = qmgr +rbl_reply_maps = +readme_directory = no +receive_override_options = +recipient_bcc_maps = +recipient_canonical_classes = envelope_recipient, header_recipient +recipient_canonical_maps = +recipient_delimiter = +reject_code = 554 +reject_tempfail_action = defer_if_permit +relay_clientcerts = +relay_delivery_slot_cost = $default_delivery_slot_cost +relay_delivery_slot_discount = $default_delivery_slot_discount +relay_delivery_slot_loan = $default_delivery_slot_loan +relay_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +relay_destination_concurrency_limit = $default_destination_concurrency_limit +relay_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +relay_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +relay_destination_rate_delay = $default_destination_rate_delay +relay_destination_recipient_limit = $default_destination_recipient_limit +relay_domains = ${{$compatibility_level} < {2} ? {$mydestination} : {}} +relay_domains_reject_code = 554 +relay_extra_recipient_limit = $default_extra_recipient_limit +relay_initial_destination_concurrency = $initial_destination_concurrency +relay_minimum_delivery_slots = $default_minimum_delivery_slots +relay_recipient_limit = $default_recipient_limit +relay_recipient_maps = +relay_recipient_refill_delay = $default_recipient_refill_delay +relay_recipient_refill_limit = $default_recipient_refill_limit +relay_transport = relay +relayhost = +relocated_maps = +remote_header_rewrite_domain = +require_home_directory = no +reset_owner_alias = no +resolve_dequoted_address = yes +resolve_null_domain = no +resolve_numeric_domain = no +retry_delivery_slot_cost = $default_delivery_slot_cost +retry_delivery_slot_discount = $default_delivery_slot_discount +retry_delivery_slot_loan = $default_delivery_slot_loan +retry_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +retry_destination_concurrency_limit = $default_destination_concurrency_limit +retry_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +retry_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +retry_destination_rate_delay = $default_destination_rate_delay +retry_destination_recipient_limit = $default_destination_recipient_limit +retry_extra_recipient_limit = $default_extra_recipient_limit +retry_initial_destination_concurrency = $initial_destination_concurrency +retry_minimum_delivery_slots = $default_minimum_delivery_slots +retry_recipient_limit = $default_recipient_limit +retry_recipient_refill_delay = $default_recipient_refill_delay +retry_recipient_refill_limit = $default_recipient_refill_limit +rewrite_service_name = rewrite sample_directory = /etc/postfix - -# readme_directory: The location of the Postfix README files. -# -readme_directory = /usr/share/doc/postfix-2.8.7/readme -home_mailbox = .maildir/ +send_cyrus_sasl_authzid = no +sender_bcc_maps = +sender_canonical_classes = envelope_sender, header_sender +sender_canonical_maps = +sender_dependent_default_transport_maps = +sender_dependent_relayhost_maps = +sendmail_fix_line_endings = always +sendmail_path = /usr/sbin/sendmail +service_throttle_time = 60s +setgid_group = postdrop +shlib_directory = /usr/lib64/postfix/${mail_version} +show_user_unknown_table_name = yes +showq_service_name = showq +smtp_address_preference = any +smtp_address_verify_target = rcpt +smtp_always_send_ehlo = yes +smtp_bind_address = +smtp_bind_address6 = +smtp_body_checks = +smtp_cname_overrides_servername = no +smtp_connect_timeout = 30s +smtp_connection_cache_destinations = +smtp_connection_cache_on_demand = yes +smtp_connection_cache_time_limit = 2s +smtp_connection_reuse_count_limit = 0 +smtp_connection_reuse_time_limit = 300s +smtp_data_done_timeout = 600s +smtp_data_init_timeout = 120s +smtp_data_xfer_timeout = 180s +smtp_defer_if_no_mx_address_found = no +smtp_delivery_slot_cost = $default_delivery_slot_cost +smtp_delivery_slot_discount = $default_delivery_slot_discount +smtp_delivery_slot_loan = $default_delivery_slot_loan +smtp_delivery_status_filter = $default_delivery_status_filter +smtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +smtp_destination_concurrency_limit = $default_destination_concurrency_limit +smtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +smtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +smtp_destination_rate_delay = $default_destination_rate_delay +smtp_destination_recipient_limit = $default_destination_recipient_limit +smtp_discard_ehlo_keyword_address_maps = +smtp_discard_ehlo_keywords = +smtp_dns_reply_filter = +smtp_dns_resolver_options = +smtp_dns_support_level = +smtp_enforce_tls = no +smtp_extra_recipient_limit = $default_extra_recipient_limit +smtp_fallback_relay = $fallback_relay +smtp_generic_maps = +smtp_header_checks = +smtp_helo_name = $myhostname +smtp_helo_timeout = 300s +smtp_host_lookup = dns +smtp_initial_destination_concurrency = $initial_destination_concurrency +smtp_line_length_limit = 998 +smtp_mail_timeout = 300s +smtp_mime_header_checks = +smtp_minimum_delivery_slots = $default_minimum_delivery_slots +smtp_mx_address_limit = 5 +smtp_mx_session_limit = 2 +smtp_nested_header_checks = +smtp_never_send_ehlo = no +smtp_per_record_deadline = no +smtp_pix_workaround_delay_time = 10s +smtp_pix_workaround_maps = +smtp_pix_workaround_threshold_time = 500s +smtp_pix_workarounds = disable_esmtp,delay_dotcrlf +smtp_quit_timeout = 300s +smtp_quote_rfc821_envelope = yes +smtp_randomize_addresses = yes +smtp_rcpt_timeout = 300s +smtp_recipient_limit = $default_recipient_limit +smtp_recipient_refill_delay = $default_recipient_refill_delay +smtp_recipient_refill_limit = $default_recipient_refill_limit +smtp_reply_filter = +smtp_rset_timeout = 20s +smtp_sasl_auth_cache_name = +smtp_sasl_auth_cache_time = 90d +smtp_sasl_auth_enable = no +smtp_sasl_auth_soft_bounce = yes +smtp_sasl_mechanism_filter = +smtp_sasl_password_maps = +smtp_sasl_path = +smtp_sasl_security_options = noplaintext, noanonymous +smtp_sasl_tls_security_options = $smtp_sasl_security_options +smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options +smtp_sasl_type = cyrus +smtp_send_dummy_mail_auth = no +smtp_send_xforward_command = no +smtp_sender_dependent_authentication = no +smtp_skip_5xx_greeting = yes +smtp_skip_quit_response = yes +smtp_starttls_timeout = 300s +smtp_tls_CAfile = +smtp_tls_CApath = +smtp_tls_block_early_mail_reply = no +smtp_tls_cert_file = +smtp_tls_ciphers = medium +smtp_tls_dcert_file = +smtp_tls_dkey_file = $smtp_tls_dcert_file +smtp_tls_eccert_file = +smtp_tls_eckey_file = $smtp_tls_eccert_file +smtp_tls_enforce_peername = yes +smtp_tls_exclude_ciphers = +smtp_tls_fingerprint_cert_match = +smtp_tls_fingerprint_digest = md5 +smtp_tls_force_insecure_host_tlsa_lookup = no +smtp_tls_key_file = $smtp_tls_cert_file +smtp_tls_loglevel = 0 +smtp_tls_mandatory_ciphers = medium +smtp_tls_mandatory_exclude_ciphers = +smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 +smtp_tls_note_starttls_offer = no +smtp_tls_per_site = +smtp_tls_policy_maps = +smtp_tls_protocols = !SSLv2, !SSLv3 +smtp_tls_scert_verifydepth = 9 +smtp_tls_secure_cert_match = nexthop, dot-nexthop +smtp_tls_security_level = +smtp_tls_session_cache_database = +smtp_tls_session_cache_timeout = 3600s +smtp_tls_trust_anchor_file = +smtp_tls_verify_cert_match = hostname +smtp_tls_wrappermode = no +smtp_use_tls = no +smtp_xforward_timeout = 300s +smtpd_authorized_verp_clients = $authorized_verp_clients +smtpd_authorized_xclient_hosts = +smtpd_authorized_xforward_hosts = +smtpd_banner = $myhostname ESMTP $mail_name +smtpd_client_connection_count_limit = 50 +smtpd_client_connection_rate_limit = 0 +smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks} +smtpd_client_message_rate_limit = 0 +smtpd_client_new_tls_session_rate_limit = 0 +smtpd_client_port_logging = no +smtpd_client_recipient_rate_limit = 0 +smtpd_client_restrictions = +smtpd_command_filter = +smtpd_data_restrictions = +smtpd_delay_open_until_valid_rcpt = yes +smtpd_delay_reject = yes +smtpd_discard_ehlo_keyword_address_maps = +smtpd_discard_ehlo_keywords = +smtpd_dns_reply_filter = +smtpd_end_of_data_restrictions = +smtpd_enforce_tls = no +smtpd_error_sleep_time = 1s +smtpd_etrn_restrictions = +smtpd_expansion_filter = \t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~ +smtpd_forbidden_commands = CONNECT GET POST +smtpd_hard_error_limit = ${stress?{1}:{20}} +smtpd_helo_required = no +smtpd_helo_restrictions = +smtpd_history_flush_threshold = 100 +smtpd_junk_command_limit = ${stress?{1}:{100}} +smtpd_log_access_permit_actions = +smtpd_milters = +smtpd_noop_commands = +smtpd_null_access_lookup_key = <> +smtpd_peername_lookup = yes +smtpd_per_record_deadline = ${stress?{yes}:{no}} +smtpd_policy_service_default_action = 451 4.3.5 Server configuration problem +smtpd_policy_service_max_idle = 300s +smtpd_policy_service_max_ttl = 1000s +smtpd_policy_service_request_limit = 0 +smtpd_policy_service_retry_delay = 1s +smtpd_policy_service_timeout = 100s +smtpd_policy_service_try_limit = 2 +smtpd_proxy_ehlo = $myhostname +smtpd_proxy_filter = +smtpd_proxy_options = +smtpd_proxy_timeout = 100s +smtpd_recipient_limit = 1000 +smtpd_recipient_overshoot_limit = 1000 +smtpd_recipient_restrictions = +smtpd_reject_footer = +smtpd_reject_unlisted_recipient = yes +smtpd_reject_unlisted_sender = no +smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination +smtpd_restriction_classes = +smtpd_sasl_auth_enable = no +smtpd_sasl_authenticated_header = no +smtpd_sasl_exceptions_networks = +smtpd_sasl_local_domain = +smtpd_sasl_path = smtpd +smtpd_sasl_security_options = noanonymous +smtpd_sasl_service = smtp +smtpd_sasl_tls_security_options = $smtpd_sasl_security_options +smtpd_sasl_type = cyrus +smtpd_sender_login_maps = +smtpd_sender_restrictions = +smtpd_service_name = smtpd +smtpd_soft_error_limit = 10 +smtpd_starttls_timeout = ${stress?{10}:{300}}s +smtpd_timeout = ${stress?{10}:{300}}s +smtpd_tls_CAfile = +smtpd_tls_CApath = +smtpd_tls_always_issue_session_ids = yes +smtpd_tls_ask_ccert = no +smtpd_tls_auth_only = no +smtpd_tls_ccert_verifydepth = 9 +smtpd_tls_cert_file = +smtpd_tls_ciphers = medium +smtpd_tls_dcert_file = +smtpd_tls_dh1024_param_file = +smtpd_tls_dh512_param_file = +smtpd_tls_dkey_file = $smtpd_tls_dcert_file +smtpd_tls_eccert_file = +smtpd_tls_eckey_file = $smtpd_tls_eccert_file +smtpd_tls_eecdh_grade = strong +smtpd_tls_exclude_ciphers = +smtpd_tls_fingerprint_digest = md5 +smtpd_tls_key_file = $smtpd_tls_cert_file +smtpd_tls_loglevel = 0 +smtpd_tls_mandatory_ciphers = medium +smtpd_tls_mandatory_exclude_ciphers = +smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 +smtpd_tls_protocols = !SSLv2, !SSLv3 +smtpd_tls_received_header = no +smtpd_tls_req_ccert = no +smtpd_tls_security_level = +smtpd_tls_session_cache_database = +smtpd_tls_session_cache_timeout = 3600s +smtpd_tls_wrappermode = no +smtpd_upstream_proxy_protocol = +smtpd_upstream_proxy_timeout = 5s +smtpd_use_tls = no +smtputf8_autodetect_classes = sendmail, verify +smtputf8_enable = ${{$compatibility_level} < {1} ? {no} : {yes}} +soft_bounce = no +stale_lock_time = 500s +stress = +strict_7bit_headers = no +strict_8bitmime = no +strict_8bitmime_body = no +strict_mailbox_ownership = yes +strict_mime_encoding_domain = no +strict_rfc821_envelopes = no +strict_smtputf8 = no +sun_mailtool_compatibility = no +swap_bangpath = yes +syslog_facility = mail +syslog_name = ${multi_instance_name?{$multi_instance_name}:{postfix}} +tcp_windowsize = 0 +tls_append_default_CA = no +tls_daemon_random_bytes = 32 +tls_dane_digest_agility = on +tls_dane_digests = sha512 sha256 +tls_dane_trust_anchor_digest_enable = yes +tls_disable_workarounds = +tls_eecdh_strong_curve = prime256v1 +tls_eecdh_ultra_curve = secp384r1 +tls_export_cipherlist = aNULL:-aNULL:ALL:+RC4:@STRENGTH +tls_high_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH +tls_legacy_public_key_fingerprints = no +tls_low_cipherlist = aNULL:-aNULL:ALL:!EXPORT:+RC4:@STRENGTH +tls_medium_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH +tls_null_cipherlist = eNULL:!aNULL +tls_preempt_cipherlist = no +tls_random_bytes = 32 +tls_random_exchange_name = ${data_directory}/prng_exch +tls_random_prng_update_period = 3600s +tls_random_reseed_period = 3600s +tls_random_source = dev:/dev/urandom +tls_session_ticket_cipher = aes-128-cbc +tls_ssl_options = +tls_wildcard_matches_multiple_labels = yes +tlsmgr_service_name = tlsmgr +tlsproxy_enforce_tls = $smtpd_enforce_tls +tlsproxy_service_name = tlsproxy +tlsproxy_tls_CAfile = $smtpd_tls_CAfile +tlsproxy_tls_CApath = $smtpd_tls_CApath +tlsproxy_tls_always_issue_session_ids = $smtpd_tls_always_issue_session_ids +tlsproxy_tls_ask_ccert = $smtpd_tls_ask_ccert +tlsproxy_tls_ccert_verifydepth = $smtpd_tls_ccert_verifydepth +tlsproxy_tls_cert_file = $smtpd_tls_cert_file +tlsproxy_tls_ciphers = $smtpd_tls_ciphers +tlsproxy_tls_dcert_file = $smtpd_tls_dcert_file +tlsproxy_tls_dh1024_param_file = $smtpd_tls_dh1024_param_file +tlsproxy_tls_dh512_param_file = $smtpd_tls_dh512_param_file +tlsproxy_tls_dkey_file = $smtpd_tls_dkey_file +tlsproxy_tls_eccert_file = $smtpd_tls_eccert_file +tlsproxy_tls_eckey_file = $smtpd_tls_eckey_file +tlsproxy_tls_eecdh_grade = $smtpd_tls_eecdh_grade +tlsproxy_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers +tlsproxy_tls_fingerprint_digest = $smtpd_tls_fingerprint_digest +tlsproxy_tls_key_file = $smtpd_tls_key_file +tlsproxy_tls_loglevel = $smtpd_tls_loglevel +tlsproxy_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers +tlsproxy_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers +tlsproxy_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols +tlsproxy_tls_protocols = $smtpd_tls_protocols +tlsproxy_tls_req_ccert = $smtpd_tls_req_ccert +tlsproxy_tls_security_level = $smtpd_tls_security_level +tlsproxy_use_tls = $smtpd_use_tls +tlsproxy_watchdog_timeout = 10s +trace_service_name = trace +transport_maps = +transport_retry_time = 60s +trigger_timeout = 10s +undisclosed_recipients_header = +unknown_address_reject_code = 450 +unknown_address_tempfail_action = $reject_tempfail_action +unknown_client_reject_code = 450 +unknown_helo_hostname_tempfail_action = $reject_tempfail_action +unknown_hostname_reject_code = 450 +unknown_local_recipient_reject_code = 550 +unknown_relay_recipient_reject_code = 550 +unknown_virtual_alias_reject_code = 550 +unknown_virtual_mailbox_reject_code = 550 +unverified_recipient_defer_code = 450 +unverified_recipient_reject_code = 450 +unverified_recipient_reject_reason = +unverified_recipient_tempfail_action = $reject_tempfail_action +unverified_sender_defer_code = 450 +unverified_sender_reject_code = 450 +unverified_sender_reject_reason = +unverified_sender_tempfail_action = $reject_tempfail_action +verp_delimiter_filter = -=+ +virtual_alias_address_length_limit = 1000 +virtual_alias_domains = $virtual_alias_maps +virtual_alias_expansion_limit = 1000 +virtual_alias_maps = $virtual_maps +virtual_alias_recursion_limit = 1000 +virtual_delivery_slot_cost = $default_delivery_slot_cost +virtual_delivery_slot_discount = $default_delivery_slot_discount +virtual_delivery_slot_loan = $default_delivery_slot_loan +virtual_delivery_status_filter = $default_delivery_status_filter +virtual_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit +virtual_destination_concurrency_limit = $default_destination_concurrency_limit +virtual_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback +virtual_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback +virtual_destination_rate_delay = $default_destination_rate_delay +virtual_destination_recipient_limit = $default_destination_recipient_limit +virtual_extra_recipient_limit = $default_extra_recipient_limit +virtual_gid_maps = +virtual_initial_destination_concurrency = $initial_destination_concurrency +virtual_mailbox_base = +virtual_mailbox_domains = $virtual_mailbox_maps +virtual_mailbox_limit = 51200000 +virtual_mailbox_lock = fcntl, dotlock +virtual_mailbox_maps = +virtual_minimum_delivery_slots = $default_minimum_delivery_slots +virtual_minimum_uid = 100 +virtual_recipient_limit = $default_recipient_limit +virtual_recipient_refill_delay = $default_recipient_refill_delay +virtual_recipient_refill_limit = $default_recipient_refill_limit +virtual_transport = virtual +virtual_uid_maps = diff --git a/postfix/main.cf.orig b/postfix/main.cf.orig new file mode 100644 index 00000000..fcc2569d --- /dev/null +++ b/postfix/main.cf.orig @@ -0,0 +1,652 @@ +# Global Postfix configuration file. This file lists only a subset +# of all parameters. For the syntax, and for a complete parameter +# list, see the postconf(5) manual page (command: "man 5 postconf"). +# +# For common configuration examples, see BASIC_CONFIGURATION_README +# and STANDARD_CONFIGURATION_README. To find these documents, use +# the command "postconf html_directory readme_directory", or go to +# http://www.postfix.org/. +# +# For best results, change no more than 2-3 parameters at a time, +# and test if Postfix still works after every change. + +# SOFT BOUNCE +# +# The soft_bounce parameter provides a limited safety net for +# testing. When soft_bounce is enabled, mail will remain queued that +# would otherwise bounce. This parameter disables locally-generated +# bounces, and prevents the SMTP server from rejecting mail permanently +# (by changing 5xx replies into 4xx replies). However, soft_bounce +# is no cure for address rewriting mistakes or mail routing mistakes. +# +#soft_bounce = no + +# LOCAL PATHNAME INFORMATION +# +# The queue_directory specifies the location of the Postfix queue. +# This is also the root directory of Postfix daemons that run chrooted. +# See the files in examples/chroot-setup for setting up Postfix chroot +# environments on different UNIX systems. +# +queue_directory = /var/spool/postfix + +# The command_directory parameter specifies the location of all +# postXXX commands. +# +command_directory = /usr/sbin + +# The daemon_directory parameter specifies the location of all Postfix +# daemon programs (i.e. programs listed in the master.cf file). This +# directory must be owned by root. +# +daemon_directory = /usr/lib64/postfix + +# The data_directory parameter specifies the location of Postfix-writable +# data files (caches, random numbers). This directory must be owned +# by the mail_owner account (see below). +# +data_directory = /var/lib/postfix + +# QUEUE AND PROCESS OWNERSHIP +# +# The mail_owner parameter specifies the owner of the Postfix queue +# and of most Postfix daemon processes. Specify the name of a user +# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS +# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In +# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED +# USER. +# +mail_owner = postfix + +# The default_privs parameter specifies the default rights used by +# the local delivery agent for delivery to external file or command. +# These rights are used in the absence of a recipient user context. +# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. +# +#default_privs = nobody + +# INTERNET HOST AND DOMAIN NAMES +# +# The myhostname parameter specifies the internet hostname of this +# mail system. The default is to use the fully-qualified domain name +# from gethostname(). $myhostname is used as a default value for many +# other configuration parameters. +# +#myhostname = host.domain.tld +#myhostname = virtual.domain.tld + +# The mydomain parameter specifies the local internet domain name. +# The default is to use $myhostname minus the first component. +# $mydomain is used as a default value for many other configuration +# parameters. +# +#mydomain = domain.tld + +# SENDING MAIL +# +# The myorigin parameter specifies the domain that locally-posted +# mail appears to come from. The default is to append $myhostname, +# which is fine for small sites. If you run a domain with multiple +# machines, you should (1) change this to $mydomain and (2) set up +# a domain-wide alias database that aliases each user to +# user@that.users.mailhost. +# +# For the sake of consistency between sender and recipient addresses, +# myorigin also specifies the default domain name that is appended +# to recipient addresses that have no @domain part. +# +#myorigin = $myhostname +#myorigin = $mydomain + +# RECEIVING MAIL + +# The inet_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on. By default, +# the software claims all active interfaces on the machine. The +# parameter also controls delivery of mail to user@[ip.address]. +# +# See also the proxy_interfaces parameter, for network addresses that +# are forwarded to us via a proxy or network address translator. +# +# Note: you need to stop/start Postfix when this parameter changes. +# +#inet_interfaces = all +#inet_interfaces = $myhostname +#inet_interfaces = $myhostname, localhost + +# The proxy_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on by way of a +# proxy or network address translation unit. This setting extends +# the address list specified with the inet_interfaces parameter. +# +# You must specify your proxy/NAT addresses when your system is a +# backup MX host for other domains, otherwise mail delivery loops +# will happen when the primary MX host is down. +# +#proxy_interfaces = +#proxy_interfaces = 1.2.3.4 + +# The mydestination parameter specifies the list of domains that this +# machine considers itself the final destination for. +# +# These domains are routed to the delivery agent specified with the +# local_transport parameter setting. By default, that is the UNIX +# compatible delivery agent that lookups all recipients in /etc/passwd +# and /etc/aliases or their equivalent. +# +# The default is $myhostname + localhost.$mydomain. On a mail domain +# gateway, you should also include $mydomain. +# +# Do not specify the names of virtual domains - those domains are +# specified elsewhere (see VIRTUAL_README). +# +# Do not specify the names of domains that this machine is backup MX +# host for. Specify those names via the relay_domains settings for +# the SMTP server, or use permit_mx_backup if you are lazy (see +# STANDARD_CONFIGURATION_README). +# +# The local machine is always the final destination for mail addressed +# to user@[the.net.work.address] of an interface that the mail system +# receives mail on (see the inet_interfaces parameter). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". +# +#mydestination = $myhostname, localhost.$mydomain, localhost +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, +# mail.$mydomain, www.$mydomain, ftp.$mydomain + +# REJECTING MAIL FOR UNKNOWN LOCAL USERS +# +# The local_recipient_maps parameter specifies optional lookup tables +# with all names or addresses of users that are local with respect +# to $mydestination, $inet_interfaces or $proxy_interfaces. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown local users. This parameter is defined by default. +# +# To turn off local recipient checking in the SMTP server, specify +# local_recipient_maps = (i.e. empty). +# +# The default setting assumes that you use the default Postfix local +# delivery agent for local delivery. You need to update the +# local_recipient_maps setting if: +# +# - You define $mydestination domain recipients in files other than +# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# For example, you define $mydestination domain recipients in +# the $virtual_mailbox_maps files. +# +# - You redefine the local delivery agent in master.cf. +# +# - You redefine the "local_transport" setting in main.cf. +# +# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" +# feature of the Postfix local delivery agent (see local(8)). +# +# Details are described in the LOCAL_RECIPIENT_README file. +# +# Beware: if the Postfix SMTP server runs chrooted, you probably have +# to access the passwd file via the proxymap service, in order to +# overcome chroot restrictions. The alternative, having a copy of +# the system passwd file in the chroot jail is just not practical. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify a bare username, an @domain.tld +# wild-card, or specify a user@domain.tld address. +# +#local_recipient_maps = unix:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps +#local_recipient_maps = + +# The unknown_local_recipient_reject_code specifies the SMTP server +# response code when a recipient domain matches $mydestination or +# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty +# and the recipient address or address local-part is not found. +# +# The default setting is 550 (reject mail) but it is safer to start +# with 450 (try again later) until you are certain that your +# local_recipient_maps settings are OK. +# +unknown_local_recipient_reject_code = 550 + +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in postconf(5). +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +#mynetworks_style = class +#mynetworks_style = subnet +#mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. Specify type:table for table-based lookups +# (the value on the table right-hand side is not used). +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks +#mynetworks = hash:/etc/postfix/network_table + +# The relay_domains parameter restricts what destinations this system will +# relay mail to. See the smtpd_recipient_restrictions description in +# postconf(5) for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients (IP address matches $mynetworks) to any destination, +# - from "untrusted" clients to destinations that match $relay_domains or +# subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces or $proxy_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction description in postconf(5). +# +#relay_domains = $mydestination + +# INTERNET OR INTRANET + +# The relayhost parameter specifies the default host to send mail to +# when no entry is matched in the optional transport(5) table. When +# no relayhost is given, mail is routed directly to the destination. +# +# On an intranet, specify the organizational domain name. If your +# internal DNS uses no MX records, specify the name of the intranet +# gateway host instead. +# +# In the case of SMTP, specify a domain, host, host:port, [host]:port, +# [address] or [address]:port; the form [host] turns off MX lookups. +# +# If you're connected via UUCP, see also the default_transport parameter. +# +#relayhost = $mydomain +#relayhost = [gateway.my.domain] +#relayhost = [mailserver.isp.tld] +#relayhost = uucphost +#relayhost = [an.ip.add.ress] + +# REJECTING UNKNOWN RELAY USERS +# +# The relay_recipient_maps parameter specifies optional lookup tables +# with all addresses in the domains that match $relay_domains. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown relay users. This feature is off by default. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify an @domain.tld wild-card, or specify +# a user@domain.tld address. +# +#relay_recipient_maps = hash:/etc/postfix/relay_recipients + +# INPUT RATE CONTROL +# +# The in_flow_delay configuration parameter implements mail input +# flow control. This feature is turned on by default, although it +# still needs further development (it's disabled on SCO UNIX due +# to an SCO bug). +# +# A Postfix process will pause for $in_flow_delay seconds before +# accepting a new message, when the message arrival rate exceeds the +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more +# than the number of messages delivered per second. +# +# Specify 0 to disable the feature. Valid delays are 0..10. +# +#in_flow_delay = 1s + +# ADDRESS REWRITING +# +# The ADDRESS_REWRITING_README document gives information about +# address masquerading or other forms of address rewriting including +# username->Firstname.Lastname mapping. + +# ADDRESS REDIRECTION (VIRTUAL DOMAIN) +# +# The VIRTUAL_README document gives information about the many forms +# of domain hosting that Postfix supports. + +# "USER HAS MOVED" BOUNCE MESSAGES +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# TRANSPORT MAP +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# ALIAS DATABASE +# +# The alias_maps parameter specifies the list of alias databases used +# by the local delivery agent. The default list is system dependent. +# +# On systems with NIS, the default is to search the local alias +# database, then the NIS alias database. See aliases(5) for syntax +# details. +# +# If you change the alias database, run "postalias /etc/aliases" (or +# wherever your system stores the mail alias file), or simply run +# "newaliases" to build the necessary DBM or DB file. +# +# It will take a minute or so before changes become visible. Use +# "postfix reload" to eliminate the delay. +# +#alias_maps = dbm:/etc/aliases +#alias_maps = hash:/etc/aliases +#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = netinfo:/aliases + +# The alias_database parameter specifies the alias database(s) that +# are built with "newaliases" or "sendmail -bi". This is a separate +# configuration parameter, because alias_maps (see above) may specify +# tables that are not necessarily all under control by Postfix. +# +#alias_database = dbm:/etc/aliases +#alias_database = dbm:/etc/mail/aliases +#alias_database = hash:/etc/aliases +#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases + +# ADDRESS EXTENSIONS (e.g., user+foo) +# +# The recipient_delimiter parameter specifies the separator between +# user names and address extensions (user+foo). See canonical(5), +# local(8), relocated(5) and virtual(5) for the effects this has on +# aliases, canonical, virtual, relocated and .forward file lookups. +# Basically, the software tries user+foo and .forward+foo before +# trying user and .forward. +# +#recipient_delimiter = + + +# DELIVERY TO MAILBOX +# +# The home_mailbox parameter specifies the optional pathname of a +# mailbox file relative to a user's home directory. The default +# mailbox file is /var/spool/mail/user or /var/mail/user. Specify +# "Maildir/" for qmail-style delivery (the / is required). +# +#home_mailbox = Mailbox +#home_mailbox = Maildir/ + +# The mail_spool_directory parameter specifies the directory where +# UNIX-style mailboxes are kept. The default setting depends on the +# system type. +# +#mail_spool_directory = /var/mail +#mail_spool_directory = /var/spool/mail + +# The mailbox_command parameter specifies the optional external +# command to use instead of mailbox delivery. The command is run as +# the recipient with proper HOME, SHELL and LOGNAME environment settings. +# Exception: delivery for root is done as $default_user. +# +# Other environment variables of interest: USER (recipient username), +# EXTENSION (address extension), DOMAIN (domain part of address), +# and LOCAL (the address localpart). +# +# Unlike other Postfix configuration parameters, the mailbox_command +# parameter is not subjected to $parameter substitutions. This is to +# make it easier to specify shell syntax (see example below). +# +# Avoid shell meta characters because they will force Postfix to run +# an expensive shell process. Procmail alone is expensive enough. +# +# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN +# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. +# +#mailbox_command = /some/where/procmail +#mailbox_command = /some/where/procmail -a "$EXTENSION" + +# The mailbox_transport specifies the optional transport in master.cf +# to use after processing aliases and .forward files. This parameter +# has precedence over the mailbox_command, fallback_transport and +# luser_relay parameters. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#mailbox_transport = lmtp:unix:/file/name +#mailbox_transport = cyrus + +# The fallback_transport specifies the optional transport in master.cf +# to use for recipients that are not found in the UNIX passwd database. +# This parameter has precedence over the luser_relay parameter. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#fallback_transport = lmtp:unix:/file/name +#fallback_transport = cyrus +#fallback_transport = + +# The luser_relay parameter specifies an optional destination address +# for unknown recipients. By default, mail for unknown@$mydestination, +# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned +# as undeliverable. +# +# The following expansions are done on luser_relay: $user (recipient +# username), $shell (recipient shell), $home (recipient home directory), +# $recipient (full recipient address), $extension (recipient address +# extension), $domain (recipient domain), $local (entire recipient +# localpart), $recipient_delimiter. Specify ${name?value} or +# ${name:value} to expand value only when $name does (does not) exist. +# +# luser_relay works only for the default Postfix local delivery agent. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must specify "local_recipient_maps =" (i.e. empty) in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#luser_relay = $user@other.host +#luser_relay = $local@other.host +#luser_relay = admin+$local + +# JUNK MAIL CONTROLS +# +# The controls listed here are only a very small subset. The file +# SMTPD_ACCESS_README provides an overview. + +# The header_checks parameter specifies an optional table with patterns +# that each logical message header is matched against, including +# headers that span multiple physical lines. +# +# By default, these patterns also apply to MIME headers and to the +# headers of attached messages. With older Postfix versions, MIME and +# attached message headers were treated as body text. +# +# For details, see "man header_checks". +# +#header_checks = regexp:/etc/postfix/header_checks + +# FAST ETRN SERVICE +# +# Postfix maintains per-destination logfiles with information about +# deferred mail, so that mail can be flushed quickly with the SMTP +# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". +# See the ETRN_README document for a detailed description. +# +# The fast_flush_domains parameter controls what destinations are +# eligible for this service. By default, they are all domains that +# this server is willing to relay mail to. +# +#fast_flush_domains = $relay_domains + +# SHOW SOFTWARE VERSION OR NOT +# +# The smtpd_banner parameter specifies the text that follows the 220 +# code in the SMTP server's greeting banner. Some people like to see +# the mail version advertised. By default, Postfix shows no version. +# +# You MUST specify $myhostname at the start of the text. That is an +# RFC requirement. Postfix itself does not care. +# +#smtpd_banner = $myhostname ESMTP $mail_name +#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) + +# PARALLEL DELIVERY TO THE SAME DESTINATION +# +# How many parallel deliveries to the same user or domain? With local +# delivery, it does not make sense to do massively parallel delivery +# to the same user, because mailbox updates must happen sequentially, +# and expensive pipelines in .forward files can cause disasters when +# too many are run at the same time. With SMTP deliveries, 10 +# simultaneous connections to the same domain could be sufficient to +# raise eyebrows. +# +# Each message delivery transport has its XXX_destination_concurrency_limit +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. + +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 20 + +# DEBUGGING CONTROL +# +# The debug_peer_level parameter specifies the increment in verbose +# logging level when an SMTP client or server host name or address +# matches a pattern in the debug_peer_list parameter. +# +debug_peer_level = 2 + +# The debug_peer_list parameter specifies an optional list of domain +# or network patterns, /file/name patterns or type:name tables. When +# an SMTP client or server host name or address matches a pattern, +# increase the verbose logging level by the amount specified in the +# debug_peer_level parameter. +# +#debug_peer_list = 127.0.0.1 +#debug_peer_list = some.domain + +# The debugger_command specifies the external command that is executed +# when a Postfix daemon program is run with the -D option. +# +# Use "command .. & sleep 5" so that the debugger can attach before +# the process marches on. If you use an X-based debugger, be sure to +# set up your XAUTHORITY environment variable before starting Postfix. +# +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + +# If you can't use X, use this to capture the call stack when a +# daemon crashes. The result is in a file in the configuration +# directory, and is named after the process name and the process ID. +# +# debugger_command = +# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; +# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 +# >$config_directory/$process_name.$process_id.log & sleep 5 +# +# Another possibility is to run gdb under a detached screen session. +# To attach to the screen sesssion, su root and run "screen -r +# " where uniquely matches one of the detached +# sessions (from "screen -list"). +# +# debugger_command = +# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen +# -dmS $process_name gdb $daemon_directory/$process_name +# $process_id & sleep 1 + +# INSTALL-TIME CONFIGURATION INFORMATION +# +# The following parameters are used when installing a new Postfix version. +# +# sendmail_path: The full pathname of the Postfix sendmail command. +# This is the Sendmail-compatible mail posting interface. +# +sendmail_path = /usr/sbin/sendmail + +# newaliases_path: The full pathname of the Postfix newaliases command. +# This is the Sendmail-compatible command to build alias databases. +# +newaliases_path = /usr/bin/newaliases + +# mailq_path: The full pathname of the Postfix mailq command. This +# is the Sendmail-compatible mail queue listing command. +# +mailq_path = /usr/bin/mailq + +# setgid_group: The group for mail submission and queue management +# commands. This must be a group name with a numerical group ID that +# is not shared with other accounts, not even with the Postfix account. +# +setgid_group = postdrop + +# html_directory: The location of the Postfix HTML documentation. +# +html_directory = /usr/share/doc/postfix-2.8.7/html + +# manpage_directory: The location of the Postfix on-line manual pages. +# +manpage_directory = /usr/share/man + +# sample_directory: The location of the Postfix sample configuration files. +# This parameter is obsolete as of Postfix 2.1. +# +sample_directory = /etc/postfix + +# readme_directory: The location of the Postfix README files. +# +readme_directory = /usr/share/doc/postfix-2.8.7/readme +home_mailbox = .maildir/ -- 2.39.5