# DOC: http://postfix.traduc.org/index.php/TLS_README.html
-alias_database = hash:/etc/postfix/aliases
-alias_maps = hash:/etc/postfix/aliases
+alias_database =
+ hash:/etc/postfix/aliases
+ hash:/etc/mail/sympa/aliases
+alias_maps =
+ hash:/etc/postfix/aliases
+ hash:/etc/mail/sympa/aliases
append_dot_mydomain = no
# NOTE: appending .domain is the MUA's job.
biff = no
message_size_limit = 20480000
mime_header_checks =
milter_header_checks =
-mynetworks = 127.0.0.0/8 #, [::1]/128
+mynetworks = 127.0.0.0/8
+ #[::1]/128
nested_header_checks =
non_smtpd_milters =
parent_domain_matches_subdomains =
# NOTE: séparateur entre le nom d’utilisateur et les extensions d’adresse.
#relayhost =
relay_clientcerts = hash:/etc/postfix/$mydomain/smtpd/relay_clientcerts
-relay_domains = $mydestination
+relay_domains =
+ $mydestination
# NOTE: ajouter les domaines pour lesquels on est backup MX ici, pas dans mydestination ou virtual_alias...
smtp_body_checks =
#smtp_cname_overrides_servername = no
permit_sasl_authenticated
reject_unauth_destination
# NOTE: ne pas passer par SPFCheck / Postgrey si le mail n'est pas pour nous ou quelqu'un pour lequel on tient lieu de backup_mx
- check_policy_service unix:/run/postgrey/socket
+ check_policy_service unix:postgrey/socket
# NOTE: Postgrey (greylisting)
check_policy_service unix:private/spfcheck
permit_auth_destination
permit
smtpd_starttls_timeout = 300s
#smtpd_tls_always_issue_session_ids = yes
-smtpd_tls_CAfile = /etc/postfix/$mydomain/x509/smtpd/ca/crt.pem
-smtpd_tls_CApath = /etc/postfix/$mydomain/x509/smtpd/ca/
+smtpd_tls_CAfile = /etc/postfix/$mydomain/smtpd/x509/ca/crt.pem
+smtpd_tls_CApath = /etc/postfix/$mydomain/smtpd/x509/ca/
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = yes
# NOTE: pas d'AUTH SASL sans TLS
smtpd_tls_ccert_verifydepth = 5
-smtpd_tls_cert_file = /etc/postfix/$mydomain/x509/smtpd/crt+crl.self-signed.pem
+smtpd_tls_cert_file = /etc/postfix/$mydomain/smtpd/x509/crt+crl.self-signed.pem
smtpd_tls_ciphers = high
smtpd_tls_fingerprint_digest = sha512
-smtpd_tls_key_file = /etc/postfix/$mydomain/x509/smtpd/key.pem
+smtpd_tls_key_file = /etc/postfix/$mydomain/smtpd/x509/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = TLSv1
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
#smtpd_tls_session_cache_timeout = 3600s
strict_rfc821_envelopes = yes
+sympa_destination_recipient_limit = 1
+sympabounce_destination_recipient_limit = 1
#tls_high_cipherlist = AES256-SHA
# NOTE: postconf(5) déconseille de changer ceci
#tls_random_bytes = 32
#tls_random_reseed_period = 3600s
#tls_random_source = dev:/dev/urandom
# NOTE: non-blocking
-transport_maps = hash:/etc/postfix/$mydomain/transport
+transport_maps =
+ hash:/etc/postfix/$mydomain/transport
+ hash:/etc/postfix/$mydomain/transport-pending-transition-from-lautrenet
+ regexp:/etc/sympa/transport
#virtual_alias_domains =
virtual_alias_maps =
hash:/etc/postfix/$mydomain/virtual_alias
+ hash:/etc/postfix/$mydomain/virtual_alias-pending-transition-from-lautrenet
+ hash:/etc/postfix/cyclocoop.org/virtual_alias
+ regexp:/etc/sympa/virtual_alias
# NOTE: do not specify virtual alias domain names in the main.cf
# mydestination or relay_domains configuration parameters.
#
dépôts / lhc / ateliers.git / blobdiff