relay_clientcerts = hash:/etc/postfix/$mydomain/smtpd/relay_clientcerts
relay_domains =
$mydestination
- sympa.$mydomain
# NOTE: ajouter les domaines pour lesquels on est backup MX ici, pas dans mydestination ou virtual_alias...
smtp_body_checks =
#smtp_cname_overrides_servername = no
reject_unauth_pipelining
reject_non_fqdn_sender
#reject_unknown_sender_domain
- permit
+ reject
smtpd_starttls_timeout = 300s
#smtpd_tls_always_issue_session_ids = yes
-smtpd_tls_CAfile = /etc/postfix/$mydomain/x509/smtpd/ca/crt.pem
-smtpd_tls_CApath = /etc/postfix/$mydomain/x509/smtpd/ca/
+smtpd_tls_CAfile = /etc/postfix/$mydomain/smtpd/x509/ca/crt.pem
+smtpd_tls_CApath = /etc/postfix/$mydomain/smtpd/x509/ca/
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = yes
# NOTE: pas d'AUTH SASL sans TLS
smtpd_tls_ccert_verifydepth = 5
-smtpd_tls_cert_file = /etc/postfix/$mydomain/x509/smtpd/crt+crl.self-signed.pem
+smtpd_tls_cert_file = /etc/postfix/$mydomain/smtpd/x509/crt+crl.self-signed.pem
smtpd_tls_ciphers = high
smtpd_tls_fingerprint_digest = sha512
-smtpd_tls_key_file = /etc/postfix/$mydomain/x509/smtpd/key.pem
+smtpd_tls_key_file = /etc/postfix/$mydomain/smtpd/x509/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = TLSv1
# NOTE: non-blocking
transport_maps =
hash:/etc/postfix/$mydomain/transport
- #regexp:/etc/sympa/transport
+ hash:/etc/postfix/$mydomain/transport-pending-transition-from-lautrenet
+ regexp:/etc/sympa/transport
#virtual_alias_domains =
virtual_alias_maps =
hash:/etc/postfix/$mydomain/virtual_alias
- #regexp:/etc/sympa/virtual_alias
+ hash:/etc/postfix/$mydomain/virtual_alias-pending-transition-from-lautrenet
+ regexp:/etc/sympa/virtual_alias
# NOTE: do not specify virtual alias domain names in the main.cf
# mydestination or relay_domains configuration parameters.
#