X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=etc%2Fpostfix%2Fmain.cf;h=9423ae401668b3e67ced9a6355c2f8fceaf00fbf;hp=1b24e31a74fbede710028a811730ae0d48efc379;hb=097751f5bd05dd28314024cf185b7eb38a9acda7;hpb=b75d4503ef9c919231c0c02daf5a1ed1e57c73af diff --git a/etc/postfix/main.cf b/etc/postfix/main.cf index 1b24e31..9423ae4 100644 --- a/etc/postfix/main.cf +++ b/etc/postfix/main.cf @@ -52,8 +52,8 @@ parent_domain_matches_subdomains = #qmqpd_authorized_clients #smtpd_access_maps permit_mx_backup_networks = -policy-spf_time_limit = 3600s -propagate_unmatched_extensions = canonical, virtual +#policy-spf_time_limit = 3600s +propagate_unmatched_extensions = canonical, virtual, alias queue_minfree = 0 readme_directory = no #receive_override_options = no_address_mappings @@ -75,6 +75,7 @@ relay_clientcerts = hash:/etc/postfix/$mydomain/smtpd/relay_clientcerts relay_domains = $mydestination # NOTE: ajouter les domaines pour lesquels on est backup MX ici, pas dans mydestination ou virtual_alias... +relay_recipient_maps = smtp_body_checks = #smtp_cname_overrides_servername = no smtp_connect_timeout = 60s @@ -144,6 +145,8 @@ smtpd_recipient_restrictions = permit_sasl_authenticated reject_unverified_recipient # NOTE: $fallback_transport est garant de l'existence du destinataire + # ATTENTION: verify(8) tient un cache, consultable ainsi si verify(8) est stoppé : + # postmap -s btree:/var/lib/postfix/verify_cache reject_unauth_destination # NOTE: ne pas passer par SPFCheck / Postgrey si le mail n'est pas pour nous ou quelqu'un pour lequel on tient lieu de backup_mx check_policy_service unix:private/spfcheck @@ -199,8 +202,8 @@ smtpd_tls_session_cache_database = btree:$data_directory/smtpd_tls_session_cache #smtpd_tls_session_cache_timeout = 3600s strict_rfc821_envelopes = yes # NOTE: this stops mail from poorly written software. -sympa_destination_recipient_limit = 1 -sympabounce_destination_recipient_limit = 1 +#sympa_destination_recipient_limit = 1 +#sympabounce_destination_recipient_limit = 1 #tls_high_cipherlist = AES256-SHA # NOTE: postconf(5) déconseille de changer ceci #tls_random_bytes = 32 @@ -212,15 +215,27 @@ sympabounce_destination_recipient_limit = 1 # NOTE: non-blocking transport_maps = hash:/etc/postfix/$mydomain/transport - hash:/etc/postfix/$mydomain/transport-pending-transition-from-lautrenet hash:/etc/dovecot/transport regexp:/etc/sympa/transport virtual_alias_domains = + chatperche.org cyclocoop.org + lesjantesdunord.org + ptitvelo.net + sympa.etudesetchantiers.org + sympa.velosenville.org + sympa.vieuxbiclou.org + veli-velo.org + wiklou.org virtual_alias_maps = hash:/etc/postfix/$mydomain/virtual_alias - hash:/etc/postfix/$mydomain/virtual_alias-pending-transition-from-lautrenet + hash:/etc/postfix/chatperche.org/virtual_alias hash:/etc/postfix/cyclocoop.org/virtual_alias + hash:/etc/postfix/lesjantesdunord.org/virtual_alias + hash:/etc/postfix/ptitvelo.net/virtual_alias + hash:/etc/postfix/sympa.etudesetchantiers.org/virtual_alias + hash:/etc/postfix/veli-velo.org/virtual_alias + hash:/etc/postfix/wiklou.org/virtual_alias hash:/etc/mail/dovecot/virtual_alias regexp:/etc/sympa/virtual_alias # NOTE: do not specify virtual alias domain names in the main.cf