]>
Commit | Line | Data |
---|---|---|
f609bf7f DM |
1 | # auto-generated by proxmox |
2 | ||
3 | compatibility_level = 2 | |
4 | command_directory = /usr/sbin | |
5 | daemon_directory = /usr/lib/postfix/sbin | |
6 | data_directory = /var/lib/postfix | |
7 | ||
8 | # appending .domain is the MUA's job. | |
9 | append_dot_mydomain = yes | |
10 | ||
8609f465 | 11 | smtpd_banner = $myhostname [% pmg.mail.banner %] |
f609bf7f DM |
12 | biff = no |
13 | ||
14 | [% IF pmg.mail.dwarning %] | |
15 | delay_warning_time = [% pmg.mail.dwarning %]h | |
16 | [% END %] | |
17 | ||
18 | best_mx_transport = local | |
19 | message_size_limit = [% pmg.mail.maxsize %] | |
20 | mailbox_size_limit = [% ((pmg.mail.maxsize*2 > 51200000) ? pmg.mail.maxsize*2 : 51200000) %] | |
21 | ||
22 | mydomain = [% dns.domain %] | |
23 | myhostname = [% dns.hostname %].[% dns.domain %] | |
24 | ||
25 | parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,smtpd_access_maps | |
26 | ||
27 | alias_maps = hash:/etc/aliases | |
28 | alias_database = hash:/etc/aliases | |
29 | mydestination = localhost, $myhostname | |
30 | mynetworks = [% postfix.mynetworks %] | |
31 | ||
8af15c8e | 32 | relay_domains = hash:/etc/pmg/domains |
f609bf7f | 33 | |
cd533938 | 34 | transport_maps = hash:/etc/pmg/transport |
f609bf7f DM |
35 | |
36 | [% IF pmg.mail.relay %] | |
37 | [% IF pmg.mail.relaynomx %] | |
38 | relay_transport = smtp:[[% pmg.mail.relay %]]:[% pmg.mail.relayport %] | |
39 | [% ELSE %] | |
40 | relay_transport = smtp:[% pmg.mail.relay %]:[% pmg.mail.relayport %] | |
41 | [% END %] | |
42 | [% END %] | |
43 | ||
44 | [% IF pmg.mail.smarthost %] | |
45 | default_transport = smtp:[% pmg.mail.smarthost %] | |
46 | [% END %] | |
47 | ||
48 | content_filter=scan:127.0.0.1:10024 | |
49 | ||
50 | mail_name = Proxmox | |
51 | ||
52 | [% IF pmg.mail.helotests %] | |
53 | smtpd_helo_required = yes | |
54 | smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_invalid_helo_hostname | |
55 | [% ELSE %] | |
56 | smtpd_helo_restrictions = | |
57 | [% END %] | |
58 | ||
59 | postscreen_access_list = | |
8609f465 WB |
60 | permit_mynetworks, |
61 | cidr:/etc/postfix/postscreen_access | |
f609bf7f | 62 | |
20125a71 DM |
63 | [% IF postfix.dnsbl_sites %] |
64 | postscreen_dnsbl_sites = [% postfix.dnsbl_sites %] | |
11247512 | 65 | postscreen_dnsbl_threshold = [% postfix.dnsbl_threshold %] |
f609bf7f DM |
66 | [% END %] |
67 | ||
68 | postscreen_dnsbl_action = enforce | |
69 | postscreen_greet_action = enforce | |
f609bf7f | 70 | |
8609f465 | 71 | smtpd_sender_restrictions = |
f609bf7f | 72 | permit_mynetworks |
8609f465 WB |
73 | reject_non_fqdn_sender |
74 | check_client_access cidr:/etc/postfix/clientaccess | |
75 | check_sender_access regexp:/etc/postfix/senderaccess | |
76 | check_recipient_access regexp:/etc/postfix/rcptaccess | |
f609bf7f DM |
77 | [%- IF pmg.mail.rejectunknown %] reject_unknown_client_hostname[% END %] |
78 | [%- IF pmg.mail.rejectunknownsender %] reject_unknown_sender_domain[% END %] | |
79 | ||
8609f465 WB |
80 | smtpd_recipient_restrictions = |
81 | permit_mynetworks | |
82 | reject_unauth_destination | |
83 | reject_non_fqdn_recipient | |
84 | check_recipient_access regexp:/etc/postfix/rcptaccess | |
f609bf7f DM |
85 | [%- IF postfix.usepolicy %] check_sender_access regexp:/etc/postfix/senderaccess[% END %] |
86 | [%- IF postfix.usepolicy %] check_client_access cidr:/etc/postfix/clientaccess[% END %] | |
87 | [%- IF postfix.usepolicy %] check_policy_service inet:127.0.0.1:10022[% END %] | |
88 | [%- IF pmg.mail.verifyreceivers %] reject_unknown_recipient_domain[% END %] | |
89 | [%- IF pmg.mail.verifyreceivers %] reject_unverified_recipient[% END %] | |
90 | ||
91 | [% IF pmg.mail.verifyreceivers %] | |
92 | unverified_recipient_reject_code = [% pmg.mail.verifyreceivers %] | |
93 | [% END %] | |
94 | ||
95 | smtpd_client_connection_count_limit = [% pmg.mail.conn_count_limit %] | |
96 | smtpd_client_connection_rate_limit = [% pmg.mail.conn_rate_limit %] | |
97 | smtpd_client_message_rate_limit = [% pmg.mail.message_rate_limit %] | |
98 | ||
99 | [% IF pmg.mail.tls %] | |
100 | smtp_tls_security_level = may | |
959aaeba | 101 | smtp_tls_policy_maps = hash:/etc/pmg/tls_policy |
f609bf7f DM |
102 | smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt |
103 | smtpd_tls_security_level = may | |
3278b571 | 104 | smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem |
f609bf7f DM |
105 | smtpd_tls_key_file = $smtpd_tls_cert_file |
106 | [% IF pmg.mail.tlslog %] | |
107 | smtpd_tls_loglevel = 1 | |
108 | smtp_tls_loglevel = 1 | |
109 | [% END %] | |
110 | [% IF pmg.mail.tlsheader %] | |
111 | smtpd_tls_received_header = yes | |
112 | [% END %] | |
113 | [% END %] | |
114 | ||
115 | smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache | |
116 | smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache | |
117 | ||
118 | ||
119 | default_destination_concurrency_limit = 40 | |
120 | lmtp_destination_concurrency_limit = 20 | |
121 | relay_destination_concurrency_limit = 20 | |
122 | smtp_destination_concurrency_limit = 20 | |
123 | virtual_destination_concurrency_limit = 20 | |
124 | ||
125 | recipient_delimiter = + |