dépôts / lhc / ateliers.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Correction : postgrey : socket dans le chroot de postfix.
[lhc/ateliers.git] / etc / postfix / main.cf
diff --git a/etc/postfix/main.cf b/etc/postfix/main.cf
index 58edb3e..b5d3da3 100644 (file)
--- a/etc/postfix/main.cf
+++ b/etc/postfix/main.cf
@@ -31,7 +31,8 @@ maximal_queue_lifetime = 5d
 message_size_limit = 20480000
 mime_header_checks =
 milter_header_checks =
-mynetworks = 127.0.0.0/8 #, [::1]/128
+mynetworks = 127.0.0.0/8
+       #[::1]/128
 nested_header_checks =
 non_smtpd_milters =
 parent_domain_matches_subdomains =
@@ -63,7 +64,6 @@ recipient_delimiter = +
 relay_clientcerts = hash:/etc/postfix/$mydomain/smtpd/relay_clientcerts
 relay_domains =
        $mydestination
-       sympa.$mydomain
        # NOTE: ajouter les domaines pour lesquels on est backup MX ici, pas dans mydestination ou virtual_alias...
 smtp_body_checks =
 #smtp_cname_overrides_servername = no
@@ -134,7 +134,7 @@ smtpd_recipient_restrictions =
        permit_sasl_authenticated
        reject_unauth_destination
                # NOTE: ne pas passer par SPFCheck / Postgrey si le mail n'est pas pour nous ou quelqu'un pour lequel on tient lieu de backup_mx
-       check_policy_service unix:/run/postgrey/socket
+       check_policy_service unix:postgrey/socket
                # NOTE: Postgrey (greylisting)
        check_policy_service unix:private/spfcheck
        permit_auth_destination
@@ -162,16 +162,16 @@ smtpd_sender_restrictions =
        permit
 smtpd_starttls_timeout = 300s
 #smtpd_tls_always_issue_session_ids = yes
-smtpd_tls_CAfile = /etc/postfix/$mydomain/x509/smtpd/ca/crt.pem
-smtpd_tls_CApath = /etc/postfix/$mydomain/x509/smtpd/ca/
+smtpd_tls_CAfile = /etc/postfix/$mydomain/smtpd/x509/ca/crt.pem
+smtpd_tls_CApath = /etc/postfix/$mydomain/smtpd/x509/ca/
 smtpd_tls_ask_ccert = no
 smtpd_tls_auth_only = yes
        # NOTE: pas d'AUTH SASL sans TLS
 smtpd_tls_ccert_verifydepth = 5
-smtpd_tls_cert_file = /etc/postfix/$mydomain/x509/smtpd/crt+crl.self-signed.pem
+smtpd_tls_cert_file = /etc/postfix/$mydomain/smtpd/x509/crt+crl.self-signed.pem
 smtpd_tls_ciphers = high
 smtpd_tls_fingerprint_digest = sha512
-smtpd_tls_key_file = /etc/postfix/$mydomain/x509/smtpd/key.pem
+smtpd_tls_key_file = /etc/postfix/$mydomain/smtpd/x509/key.pem
 smtpd_tls_loglevel = 1
 smtpd_tls_mandatory_ciphers = high
 smtpd_tls_mandatory_protocols = TLSv1
@@ -199,11 +199,14 @@ sympabounce_destination_recipient_limit = 1
        # NOTE: non-blocking
 transport_maps =
        hash:/etc/postfix/$mydomain/transport
-       #regexp:/etc/sympa/transport
+       hash:/etc/postfix/$mydomain/transport-pending-transition-from-lautrenet
+       regexp:/etc/sympa/transport
 #virtual_alias_domains =
 virtual_alias_maps =
        hash:/etc/postfix/$mydomain/virtual_alias
-       #regexp:/etc/sympa/virtual_alias
+       hash:/etc/postfix/$mydomain/virtual_alias-pending-transition-from-lautrenet
+       hash:/etc/postfix/cyclocoop.org/virtual_alias
+       regexp:/etc/sympa/virtual_alias
        # NOTE: do not specify virtual alias domain names in  the  main.cf
        #       mydestination or relay_domains configuration parameters.
        #
outils d'administration d'ateliers.heureux-cyclage.org