# appending .domain is the MUA's job.
append_dot_mydomain = yes
-smtpd_banner = $myhostname [% pmg.mail.banner %]
+smtpd_banner = $myhostname [% pmg.mail.banner %]
biff = no
[% IF pmg.mail.dwarning %]
[% END %]
postscreen_access_list =
- permit_mynetworks,
- cidr:/etc/postfix/postscreen_access
+ permit_mynetworks,
+ cidr:/etc/postfix/postscreen_access
-[% IF pmg.mail.dnsbl_sites %]
-postscreen_dnsbl_sites = [% pmg.mail.dnsbl_sites %]
+[% IF postfix.dnsbl_sites %]
+postscreen_dnsbl_sites = [% postfix.dnsbl_sites %]
+postscreen_dnsbl_threshold = [% postfix.dnsbl_threshold %]
[% END %]
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
-smtpd_sender_restrictions =
+smtpd_sender_restrictions =
permit_mynetworks
- reject_non_fqdn_sender
- check_client_access cidr:/etc/postfix/clientaccess
- check_sender_access regexp:/etc/postfix/senderaccess
- check_recipient_access regexp:/etc/postfix/rcptaccess
+ reject_non_fqdn_sender
+ check_client_access cidr:/etc/postfix/clientaccess
+ check_sender_access regexp:/etc/postfix/senderaccess
+ check_recipient_access regexp:/etc/postfix/rcptaccess
[%- IF pmg.mail.rejectunknown %] reject_unknown_client_hostname[% END %]
[%- IF pmg.mail.rejectunknownsender %] reject_unknown_sender_domain[% END %]
-smtpd_recipient_restrictions =
- permit_mynetworks
- reject_unauth_destination
- reject_non_fqdn_recipient
- check_recipient_access regexp:/etc/postfix/rcptaccess
+smtpd_recipient_restrictions =
+ permit_mynetworks
+ reject_unauth_destination
+ reject_non_fqdn_recipient
+ check_recipient_access regexp:/etc/postfix/rcptaccess
[%- IF postfix.usepolicy %] check_sender_access regexp:/etc/postfix/senderaccess[% END %]
[%- IF postfix.usepolicy %] check_client_access cidr:/etc/postfix/clientaccess[% END %]
[%- IF postfix.usepolicy %] check_policy_service inet:127.0.0.1:10022[% END %]
[% IF pmg.mail.tls %]
smtp_tls_security_level = may
-smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
+smtp_tls_policy_maps = hash:/etc/pmg/tls_policy
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
+[% IF pmg.mail.hide_received %]
+unverified_recipient_reject_reason = Recipient address lookup failed
+[% END %]
+
default_destination_concurrency_limit = 40
lmtp_destination_concurrency_limit = 20