# // Directories //
html_directory = no
readme_directory = no
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
message_size_limit = 20480000
# // Listen on interface //
inet_interfaces = all
mynetworks_style = host
mynetworks = 127.0.0.0/8
myhostname = mail.<mydomain.com>
mydomain = <mydomain.com>
myorigin = $myhostname
mydestination = $myhostname, localhost.$mydomain, localhost
# // Antispam and mail Security //
relay_domains =
content_filter = scan:[127.0.0.1]:10025
receive_override_options = no_address_mappings
invalid_hostname_reject_code = 550
non_fqdn_reject_code = 550
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
smtpd_helo_required = yes
# // Aliases //
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
#alias_database = hash:$config_directory/db/aliases
#alias_maps = $alias_database
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#smtpd_banner = $myhostname ESMTP
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
# //////////// Security ////////////
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unknown_client_hostname,
reject_unauth_destination,
reject_unauth_pipelining,
reject_unverified_recipient,
check_client_access pcre:$config_directory/db/access_client.pcre,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl-xbl.spamhaus.org
# reject_rbl_client dnsbl.sorbs.net
# reject_rhsbl_sender rhsbl.sorbs.net
# reject_rbl_client sbl-xbl.spamhaus.org,
# reject_rbl_client bl.csma.biz,
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
#smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem
#smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem
#smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem
smtpd_tls_key_file = /etc/ssl/postfix/smtpd.key
smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.crt
smtpd_tls_CAfile = /etc/ssl/postfix/cacert.pem
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
# //////////// VIRTUAL MAILBOX /////////////
virtual_mailbox_base = /common/mail/box/
virtual_minimum_uid = 125
virtual_uid_maps = static:125
virtual_gid_maps = static:125
virtual_alias_maps = proxy:mysql:$config_directory/sql/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:$config_directory/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:$config_directory/sql/mysql_virtual_mailbox_maps.cf
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_auth_enable = yes
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth