X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=etc%2Fpostfix%2Fmaster.cf;h=600ffe466cde56e701697520c5f16158cf2ec51c;hb=97a28e8679b645710a7439a48a216935b6bc9163;hp=604f9fe1fc9eeb63a12fb19149db2e5b70b5287e;hpb=b75d4503ef9c919231c0c02daf5a1ed1e57c73af;p=lhc%2Fateliers.git diff --git a/etc/postfix/master.cf b/etc/postfix/master.cf index 604f9fe..600ffe4 100644 --- a/etc/postfix/master.cf +++ b/etc/postfix/master.cf @@ -5,17 +5,58 @@ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== + +amavis unix - - n - 2 lmtp + -o lmtp_data_done_timeout=1200 + -o lmtp_send_xforward_command=yes + -o lmtp_tls_note_starttls_offer=no + +# +## Net2Loc: envoi vers amavis +### smtp inet n - - - - smtpd -submission inet n - - - - smtpd - -o milter_macro_daemon_name=ORIGINATING - -o smtpd_sasl_auth_enable=yes - -o smtpd_tls_ask_ccert=yes - -o smtpd_tls_auth_only=yes - -o smtpd_tls_ccert_verifydepth=2 - -o smtpd_tls_loglevel=1 - -o smtpd_tls_req_ccert=yes - -o smtpd_tls_security_level=encrypt + -o cleanup_service_name=pre-amavis-cleanup + -o content_filter=amavis:[127.0.0.1]:10024 + -o smtpd_sender_restrictions=reject_unauth_pipelining,reject_non_fqdn_sender,permit + -o receive_override_options=no_address_mappings +# +## Net2Loc: réception d’amavis +### +127.0.0.1:10025 inet n - n - - smtpd + -o cleanup_service_name=post-amavis-cleanup + -o content_filter= + -o local_header_rewrite_clients= + -o local_recipient_maps= + -o mynetworks=127.0.0.0/8 + -o receive_override_options=no_header_body_checks,no_milters,no_unknown_recipient_checks + -o relay_recipient_maps= + -o smtpd_client_connection_count_limit=0 + -o smtpd_client_connection_rate_limit=0 + -o smtpd_client_restrictions=permit_mynetworks,reject + -o smtpd_data_restrictions=reject_unauth_pipelining + -o smtpd_delay_reject=no + -o smtpd_end_of_data_restrictions= + -o smtpd_error_sleep_time=0 + -o smtpd_hard_error_limit=1000 + -o smtpd_helo_restrictions= + -o smtpd_milters= + -o smtpd_recipient_restrictions=permit_mynetworks,reject + -o smtpd_restriction_classes= + -o smtpd_sender_restrictions= + -o smtpd_soft_error_limit=1001 + -o strict_rfc821_envelopes=yes + + + +# +## Loc2Net: envoi vers amavis +### +pickup fifo n - - 60 1 pickup + -o content_filter=amavis:[127.0.0.1]:10026 + -o cleanup_service_name=no-amavis-cleanup smtps inet n - - - - smtpd + -o content_filter=amavis:[127.0.0.1]:10026 + -o cleanup_service_name=no-amavis-cleanup -o milter_macro_daemon_name=ORIGINATING -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sasl_auth_enable=yes @@ -26,17 +67,70 @@ smtps inet n - - - - smtpd -o smtpd_tls_req_ccert=no -o smtpd_tls_security_level=encrypt -o smtpd_tls_wrappermode=yes +submission inet n - - - - smtpd + -o content_filter=amavis:[127.0.0.1]:10026 + -o cleanup_service_name=no-amavis-cleanup + -o milter_macro_daemon_name=ORIGINATING + -o receive_override_options=no_address_mappings + -o smtpd_sender_restrictions=permit_tls_clientcerts,reject + -o smtpd_tls_ask_ccert=yes + -o smtpd_tls_auth_only=yes + -o smtpd_tls_ccert_verifydepth=2 + -o smtpd_tls_loglevel=1 + -o smtpd_tls_req_ccert=yes + -o smtpd_tls_security_level=encrypt +# +## Loc2Net: réception d’amavis +### +127.0.0.1:10027 inet n - n - - smtpd + -o cleanup_service_name=post-amavis-cleanup + -o content_filter= + -o local_header_rewrite_clients= + -o local_recipient_maps= + -o mynetworks=127.0.0.0/8 + -o receive_override_options=no_header_body_checks,no_milters,no_unknown_recipient_checks + -o relay_recipient_maps= + -o smtpd_client_connection_count_limit=0 + -o smtpd_client_connection_rate_limit=0 + -o smtpd_client_restrictions=permit_mynetworks,reject + -o smtpd_data_restrictions=reject_unauth_pipelining + -o smtpd_delay_reject=no + -o smtpd_end_of_data_restrictions= + -o smtpd_error_sleep_time=0 + -o smtpd_hard_error_limit=1000 + -o smtpd_helo_restrictions= + -o smtpd_milters= + #-o smtpd_sender_restrictions=permit_mynetworks,reject + -o smtpd_recipient_restrictions=permit + -o smtpd_restriction_classes= + -o smtpd_soft_error_limit=1001 + -o strict_rfc821_envelopes=yes + + + #628 inet n - - - - qmqpd -pickup fifo n - - 60 1 pickup -cleanup unix n - - - 0 cleanup +no-amavis-cleanup unix n - - - 0 cleanup +pre-amavis-cleanup unix n - - - 0 cleanup + -o virtual_alias_maps= +post-amavis-cleanup unix n - - - 0 cleanup + -o mime_header_checks= + -o nested_header_checks= + -o body_checks= + -o header_checks= qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite +local unix - n n - - local + -o cleanup_service_name=no-amavis-cleanup bounce unix - - - - 0 bounce + -o cleanup_service_name=no-amavis-cleanup defer unix - - - - 0 bounce + -o cleanup_service_name=no-amavis-cleanup trace unix - - - - 0 bounce + -o cleanup_service_name=no-amavis-cleanup verify unix - - - - 1 verify + -o cleanup_service_name=no-amavis-cleanup flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap @@ -49,7 +143,6 @@ showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard -local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil