]>
Commit | Line | Data |
---|---|---|
f609bf7f DM |
1 | # |
2 | # Postfix master process configuration file. Each logical line | |
3 | # describes how a Postfix daemon program should be run. | |
4 | # | |
8609f465 | 5 | # A logical line starts with non-whitespace, non-comment text. |
f609bf7f DM |
6 | # Empty lines and whitespace-only lines are ignored, as are comment |
7 | # lines whose first non-whitespace character is a `#'. | |
8 | # A line that starts with whitespace continues a logical line. | |
9 | # | |
10 | # The fields that make up each line are described below. A "-" field | |
11 | # value requests that a default value be used for that field. | |
12 | # | |
13 | # Service: any name that is valid for the specified transport type | |
14 | # (the next field). With INET transports, a service is specified as | |
15 | # host:port. The host part (and colon) may be omitted. Either host | |
16 | # or port may be given in symbolic form or in numeric form. Examples | |
17 | # for the SMTP server: localhost:smtp receives mail via the loopback | |
18 | # interface only; 10025 receives mail on port 10025. | |
19 | # | |
20 | # Transport type: "inet" for Internet sockets, "unix" for UNIX-domain | |
21 | # sockets, "fifo" for named pipes. | |
22 | # | |
23 | # Private: whether or not access is restricted to the mail system. | |
24 | # Default is private service. Internet (inet) sockets can't be private. | |
25 | # | |
26 | # Unprivileged: whether the service runs with root privileges or as | |
27 | # the owner of the Postfix system (the owner name is controlled by the | |
28 | # mail_owner configuration variable in the main.cf file). Only the | |
29 | # pipe, virtual and local delivery daemons require privileges. | |
30 | # | |
31 | # Chroot: whether or not the service runs chrooted to the mail queue | |
32 | # directory (pathname is controlled by the queue_directory configuration | |
33 | # variable in the main.cf file). Presently, all Postfix daemons can run | |
34 | # chrooted, except for the pipe, virtual and local delivery daemons. | |
35 | # The proxymap server can run chrooted, but doing so defeats most of | |
36 | # the purpose of having that service in the first place. | |
37 | # The files in the examples/chroot-setup subdirectory describe how | |
38 | # to set up a Postfix chroot environment for your type of machine. | |
39 | # | |
40 | # Wakeup time: automatically wake up the named service after the | |
41 | # specified number of seconds. A ? at the end of the wakeup time | |
42 | # field requests that wake up events be sent only to services that | |
43 | # are actually being used. Specify 0 for no wakeup. Presently, only | |
44 | # the pickup, queue manager and flush daemons need a wakeup timer. | |
45 | # | |
46 | # Max procs: the maximum number of processes that may execute this | |
47 | # service simultaneously. Default is to use a globally configurable | |
48 | # limit (the default_process_limit configuration parameter in main.cf). | |
49 | # Specify 0 for no process count limit. | |
50 | # | |
51 | # Command + args: the command to be executed. The command name is | |
52 | # relative to the Postfix program directory (pathname is controlled by | |
53 | # the daemon_directory configuration variable). Adding one or more | |
54 | # -v options turns on verbose logging for that service; adding a -D | |
55 | # option enables symbolic debugging (see the debugger_command variable | |
56 | # in the main.cf configuration file). See individual command man pages | |
57 | # for specific command-line options, if any. | |
58 | # | |
1359baef | 59 | # In order to use the "uucp" message transport below, set up entries |
f609bf7f DM |
60 | # in the transport table. |
61 | # | |
62 | # In order to use the "cyrus" message transport below, configure it | |
63 | # in main.cf as the mailbox_transport. | |
64 | # | |
65 | # SPECIFY ONLY PROGRAMS THAT ARE WRITTEN TO RUN AS POSTFIX DAEMONS. | |
66 | # ALL DAEMONS SPECIFIED HERE MUST SPEAK A POSTFIX-INTERNAL PROTOCOL. | |
67 | # | |
68 | # DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES. | |
69 | # | |
70 | # ========================================================================== | |
71 | # service type private unpriv chroot wakeup maxproc command + args | |
72 | # (yes) (yes) (yes) (never) (100) | |
73 | # ========================================================================== | |
74 | ||
e0cbdf9f | 75 | [% IF ! pmg.mail.before_queue_filtering -%] |
f609bf7f | 76 | scan unix - - n - [% pmg.mail.max_filters %] lmtp |
8609f465 WB |
77 | -o lmtp_send_xforward_command=yes |
78 | -o lmtp_connection_cache_on_demand=no | |
79 | -o disable_dns_lookups=yes | |
e0cbdf9f | 80 | [% END -%] |
f609bf7f | 81 | |
75a20f14 | 82 | [% pmg.mail.int_port %] inet n - - - [% pmg.mail.max_smtpd_out %] smtpd |
e0cbdf9f SI |
83 | [% IF pmg.mail.before_queue_filtering -%] |
84 | -o smtpd_proxy_filter=127.0.0.1:10023 | |
85 | -o smtpd_proxy_options=speed_adjust | |
86 | -o smtpd_client_connection_count_limit=[% pmg.mail.conn_count_limit div 5 %] | |
87 | [%- ELSE -%] | |
8609f465 | 88 | -o content_filter=scan:127.0.0.1:10023 |
e0cbdf9f | 89 | [%- END %] |
8609f465 WB |
90 | -o smtpd_recipient_restrictions=permit_mynetworks,reject_unauth_destination |
91 | -o smtpd_helo_restrictions= | |
92 | -o smtpd_client_restrictions= | |
93 | -o smtpd_sender_restrictions= | |
77e44f91 | 94 | -o smtpd_data_restrictions= |
4f3c6d95 | 95 | -o smtpd_forbid_bare_newline = no |
f609bf7f | 96 | |
75a20f14 | 97 | [% pmg.mail.ext_port %] inet n - - - 1 postscreen |
f609bf7f | 98 | |
f609bf7f | 99 | smtpd pass - - - - [% pmg.mail.max_smtpd_in %] smtpd |
e0cbdf9f SI |
100 | [% IF pmg.mail.before_queue_filtering -%] |
101 | -o smtpd_proxy_filter=127.0.0.1:10024 | |
102 | -o smtpd_proxy_options=speed_adjust | |
103 | -o smtpd_client_connection_count_limit=[% pmg.mail.conn_count_limit div 5 %] | |
104 | [%- ELSE -%] | |
8609f465 | 105 | -o content_filter=scan:127.0.0.1:10024 |
e0cbdf9f | 106 | [%- END %] |
8609f465 WB |
107 | -o receive_override_options=no_address_mappings |
108 | -o smtpd_discard_ehlo_keywords=silent-discard,dsn | |
109 | -o mynetworks=127.0.0.0/8,[% postfix.int_ip %] | |
f609bf7f DM |
110 | |
111 | 127.0.0.1:10025 inet n - n - - smtpd | |
8609f465 WB |
112 | -o content_filter= |
113 | -o local_recipient_maps= | |
114 | -o relay_recipient_maps= | |
115 | -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks | |
116 | -o smtpd_helo_restrictions= | |
117 | -o smtpd_client_restrictions= | |
118 | -o smtpd_restriction_classes= | |
119 | -o smtpd_sender_restrictions= | |
120 | -o smtpd_recipient_restrictions=permit_mynetworks,reject | |
121 | -o mynetworks=127.0.0.0/8 | |
122 | -o smtpd_error_sleep_time=0 | |
123 | -o smtpd_client_connection_count_limit=0 | |
124 | -o smtpd_client_connection_rate_limit=0 | |
125 | -o smtpd_tls_security_level=none | |
126 | -o smtpd_authorized_xforward_hosts=127.0.0.0/8 | |
127 | -o message_size_limit=[% (pmg.mail.maxsize*2) %] | |
f609bf7f | 128 | |
8609f465 WB |
129 | pickup fifo n - - 60 1 pickup |
130 | cleanup unix n - - - 0 cleanup | |
131 | -o message_size_limit=[% (pmg.mail.maxsize*2) %] | |
132 | ||
133 | qmgr fifo n - - 300 1 qmgr | |
134 | rewrite unix - - - - - trivial-rewrite | |
135 | bounce unix - - - - 0 bounce | |
136 | defer unix - - - - 0 bounce | |
137 | flush unix n - - 1000? 0 flush | |
138 | proxymap unix - - n - - proxymap | |
139 | smtp unix - - - - - smtp | |
140 | relay unix - - - - - smtp | |
141 | showq unix n - - - - showq | |
142 | error unix - - - - - error | |
143 | local unix - n n - - local | |
144 | virtual unix - n n - - virtual | |
145 | lmtp unix - - n - - lmtp | |
f609bf7f | 146 | verify unix - - - - 1 verify |
8609f465 | 147 | trace unix - - n - 0 bounce |
f609bf7f DM |
148 | tlsmgr unix - - - 1000? 1 tlsmgr |
149 | anvil unix - - - - 1 anvil | |
150 | scache unix - - - - 1 scache | |
151 | discard unix - - - - - discard | |
152 | retry unix - - - - - error | |
153 | dnsblog unix - - - - 0 dnsblog | |
154 | tlsproxy unix - - - - 0 tlsproxy | |
155 |