X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=etc%2Fpostfix%2Fmain.cf;h=b5d3da3a34d7d8b7ec8d57a8e6ea851a1cf1e934;hb=4bb74a5c4930cdb8b57f1d07ba7f458192ded1f9;hp=58edb3e17101413c039c9d2974addecdea0c72a2;hpb=b27661cf8e40872543f86a00922d18573ef83612;p=lhc%2Fateliers.git diff --git a/etc/postfix/main.cf b/etc/postfix/main.cf index 58edb3e..b5d3da3 100644 --- a/etc/postfix/main.cf +++ b/etc/postfix/main.cf @@ -31,7 +31,8 @@ maximal_queue_lifetime = 5d message_size_limit = 20480000 mime_header_checks = milter_header_checks = -mynetworks = 127.0.0.0/8 #, [::1]/128 +mynetworks = 127.0.0.0/8 + #[::1]/128 nested_header_checks = non_smtpd_milters = parent_domain_matches_subdomains = @@ -63,7 +64,6 @@ recipient_delimiter = + relay_clientcerts = hash:/etc/postfix/$mydomain/smtpd/relay_clientcerts relay_domains = $mydestination - sympa.$mydomain # NOTE: ajouter les domaines pour lesquels on est backup MX ici, pas dans mydestination ou virtual_alias... smtp_body_checks = #smtp_cname_overrides_servername = no @@ -134,7 +134,7 @@ smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination # NOTE: ne pas passer par SPFCheck / Postgrey si le mail n'est pas pour nous ou quelqu'un pour lequel on tient lieu de backup_mx - check_policy_service unix:/run/postgrey/socket + check_policy_service unix:postgrey/socket # NOTE: Postgrey (greylisting) check_policy_service unix:private/spfcheck permit_auth_destination @@ -162,16 +162,16 @@ smtpd_sender_restrictions = permit smtpd_starttls_timeout = 300s #smtpd_tls_always_issue_session_ids = yes -smtpd_tls_CAfile = /etc/postfix/$mydomain/x509/smtpd/ca/crt.pem -smtpd_tls_CApath = /etc/postfix/$mydomain/x509/smtpd/ca/ +smtpd_tls_CAfile = /etc/postfix/$mydomain/smtpd/x509/ca/crt.pem +smtpd_tls_CApath = /etc/postfix/$mydomain/smtpd/x509/ca/ smtpd_tls_ask_ccert = no smtpd_tls_auth_only = yes # NOTE: pas d'AUTH SASL sans TLS smtpd_tls_ccert_verifydepth = 5 -smtpd_tls_cert_file = /etc/postfix/$mydomain/x509/smtpd/crt+crl.self-signed.pem +smtpd_tls_cert_file = /etc/postfix/$mydomain/smtpd/x509/crt+crl.self-signed.pem smtpd_tls_ciphers = high smtpd_tls_fingerprint_digest = sha512 -smtpd_tls_key_file = /etc/postfix/$mydomain/x509/smtpd/key.pem +smtpd_tls_key_file = /etc/postfix/$mydomain/smtpd/x509/key.pem smtpd_tls_loglevel = 1 smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_protocols = TLSv1 @@ -199,11 +199,14 @@ sympabounce_destination_recipient_limit = 1 # NOTE: non-blocking transport_maps = hash:/etc/postfix/$mydomain/transport - #regexp:/etc/sympa/transport + hash:/etc/postfix/$mydomain/transport-pending-transition-from-lautrenet + regexp:/etc/sympa/transport #virtual_alias_domains = virtual_alias_maps = hash:/etc/postfix/$mydomain/virtual_alias - #regexp:/etc/sympa/virtual_alias + hash:/etc/postfix/$mydomain/virtual_alias-pending-transition-from-lautrenet + hash:/etc/postfix/cyclocoop.org/virtual_alias + regexp:/etc/sympa/virtual_alias # NOTE: do not specify virtual alias domain names in the main.cf # mydestination or relay_domains configuration parameters. #