1 |
I have that line.... |
2 |
|
3 |
|
4 |
|
5 |
|
6 |
# Global Postfix configuration file. This file lists only a subset |
7 |
# of all 300+ parameters. See the postconf(5) manual page for a |
8 |
# complete list. |
9 |
# |
10 |
# The general format of each line is: parameter = value. Lines |
11 |
# that begin with whitespace continue the previous line. A value can |
12 |
# contain references to other $names or ${name}s. |
13 |
# |
14 |
# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF |
15 |
# POSTFIX STILL WORKS AFTER EVERY CHANGE. |
16 |
|
17 |
# SOFT BOUNCE |
18 |
# |
19 |
# The soft_bounce parameter provides a limited safety net for |
20 |
# testing. When soft_bounce is enabled, mail will remain queued that |
21 |
# would otherwise bounce. This parameter disables locally-generated |
22 |
# bounces, and prevents the SMTP server from rejecting mail permanently |
23 |
# (by changing 5xx replies into 4xx replies). However, soft_bounce |
24 |
# is no cure for address rewriting mistakes or mail routing mistakes. |
25 |
# |
26 |
#soft_bounce = no |
27 |
|
28 |
# LOCAL PATHNAME INFORMATION |
29 |
# |
30 |
# The queue_directory specifies the location of the Postfix queue. |
31 |
# This is also the root directory of Postfix daemons that run chrooted. |
32 |
# See the files in examples/chroot-setup for setting up Postfix chroot |
33 |
# environments on different UNIX systems. |
34 |
# |
35 |
queue_directory = /var/spool/postfix |
36 |
|
37 |
# The command_directory parameter specifies the location of all |
38 |
# postXXX commands. |
39 |
# |
40 |
command_directory = /usr/sbin |
41 |
|
42 |
# The daemon_directory parameter specifies the location of all Postfix |
43 |
# daemon programs (i.e. programs listed in the master.cf file). This |
44 |
# directory must be owned by root. |
45 |
# |
46 |
daemon_directory = /usr/lib/postfix |
47 |
|
48 |
# QUEUE AND PROCESS OWNERSHIP |
49 |
# |
50 |
# The mail_owner parameter specifies the owner of the Postfix queue |
51 |
# and of most Postfix daemon processes. Specify the name of a user |
52 |
# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS |
53 |
# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In |
54 |
# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED |
55 |
# USER. |
56 |
# |
57 |
mail_owner = postfix |
58 |
|
59 |
# The default_privs parameter specifies the default rights used by |
60 |
# the local delivery agent for delivery to external file or command. |
61 |
# These rights are used in the absence of a recipient user context. |
62 |
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. |
63 |
# |
64 |
#default_privs = nobody |
65 |
|
66 |
|
67 |
# INTERNET HOST AND DOMAIN NAMES |
68 |
# |
69 |
# The myhostname parameter specifies the internet hostname of this |
70 |
# mail system. The default is to use the fully-qualified domain name |
71 |
# from gethostname(). $myhostname is used as a default value for many |
72 |
# other configuration parameters. |
73 |
# |
74 |
#myhostname = host.domain.tld |
75 |
#myhostname = virtual.domain.tld |
76 |
myhostname = op.oxpub.com |
77 |
|
78 |
# The mydomain parameter specifies the local internet domain name. |
79 |
# The default is to use $myhostname minus the first component. |
80 |
# $mydomain is used as a default value for many other configuration |
81 |
# parameters. |
82 |
# |
83 |
#mydomain = domain.tld |
84 |
mydomain = ***** |
85 |
|
86 |
# SENDING MAIL |
87 |
# |
88 |
# The myorigin parameter specifies the domain that locally-posted |
89 |
# mail appears to come from. The default is to append $myhostname, |
90 |
# which is fine for small sites. If you run a domain with multiple |
91 |
# machines, you should (1) change this to $mydomain and (2) set up |
92 |
# a domain-wide alias database that aliases each user to |
93 |
# user@××××××××××.mailhost. |
94 |
# |
95 |
# For the sake of consistency between sender and recipient addresses, |
96 |
# myorigin also specifies the default domain name that is appended |
97 |
# to recipient addresses that have no @domain part. |
98 |
# |
99 |
#myorigin = $myhostname |
100 |
#myorigin = $mydomain |
101 |
|
102 |
# RECEIVING MAIL |
103 |
|
104 |
# The inet_interfaces parameter specifies the network interface |
105 |
# addresses that this mail system receives mail on. By default, |
106 |
# the software claims all active interfaces on the machine. The |
107 |
# parameter also controls delivery of mail to user@[ip.address]. |
108 |
# |
109 |
# See also the proxy_interfaces parameter, for network addresses that |
110 |
# are forwarded to us via a proxy or network address translator. |
111 |
# |
112 |
# Note: you need to stop/start Postfix when this parameter changes. |
113 |
# |
114 |
inet_interfaces = all |
115 |
#inet_interfaces = $myhostname |
116 |
#inet_interfaces = $myhostname, localhost |
117 |
|
118 |
# The proxy_interfaces parameter specifies the network interface |
119 |
# addresses that this mail system receives mail on by way of a |
120 |
# proxy or network address translation unit. This setting extends |
121 |
# the address list specified with the inet_interfaces parameter. |
122 |
# |
123 |
# You must specify your proxy/NAT addresses when your system is a |
124 |
# backup MX host for other domains, otherwise mail delivery loops |
125 |
# will happen when the primary MX host is down. |
126 |
# |
127 |
#proxy_interfaces = |
128 |
#proxy_interfaces = 1.2.3.4 |
129 |
|
130 |
# The mydestination parameter specifies the list of domains that this |
131 |
# machine considers itself the final destination for. |
132 |
# |
133 |
# These domains are routed to the delivery agent specified with the |
134 |
# local_transport parameter setting. By default, that is the UNIX |
135 |
# compatible delivery agent that lookups all recipients in /etc/passwd |
136 |
# and /etc/aliases or their equivalent. |
137 |
# |
138 |
# The default is $myhostname + localhost.$mydomain. On a mail domain |
139 |
# gateway, you should also include $mydomain. |
140 |
# |
141 |
# Do not specify the names of virtual domains - those domains are |
142 |
# specified elsewhere (see VIRTUAL_README). |
143 |
# |
144 |
# Do not specify the names of domains that this machine is backup MX |
145 |
# host for. Specify those names via the relay_domains settings for |
146 |
# the SMTP server, or use permit_mx_backup if you are lazy (see |
147 |
# STANDARD_CONFIGURATION_README). |
148 |
# |
149 |
# The local machine is always the final destination for mail addressed |
150 |
# to user@[the.net.work.address] of an interface that the mail system |
151 |
# receives mail on (see the inet_interfaces parameter). |
152 |
# |
153 |
# Specify a list of host or domain names, /file/name or type:table |
154 |
# patterns, separated by commas and/or whitespace. A /file/name |
155 |
# pattern is replaced by its contents; a type:table is matched when |
156 |
# a name matches a lookup key (the right-hand side is ignored). |
157 |
# Continue long lines by starting the next line with whitespace. |
158 |
# |
159 |
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". |
160 |
# |
161 |
#mydestination = $myhostname, localhost.$mydomain, localhost |
162 |
mydestination = op, op.$mydomain, $mydomain |
163 |
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, |
164 |
# mail.$mydomain, www.$mydomain, ftp.$mydomain |
165 |
|
166 |
# REJECTING MAIL FOR UNKNOWN LOCAL USERS |
167 |
# |
168 |
# The local_recipient_maps parameter specifies optional lookup tables |
169 |
# with all names or addresses of users that are local with respect |
170 |
# to $mydestination, $inet_interfaces or $proxy_interfaces. |
171 |
# |
172 |
# If this parameter is defined, then the SMTP server will reject |
173 |
# mail for unknown local users. This parameter is defined by default. |
174 |
# |
175 |
# To turn off local recipient checking in the SMTP server, specify |
176 |
# local_recipient_maps = (i.e. empty). |
177 |
# |
178 |
# The default setting assumes that you use the default Postfix local |
179 |
# delivery agent for local delivery. You need to update the |
180 |
# local_recipient_maps setting if: |
181 |
# |
182 |
# - You define $mydestination domain recipients in files other than |
183 |
# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. |
184 |
# For example, you define $mydestination domain recipients in |
185 |
# the $virtual_mailbox_maps files. |
186 |
# |
187 |
# - You redefine the local delivery agent in master.cf. |
188 |
# |
189 |
# - You redefine the "local_transport" setting in main.cf. |
190 |
# |
191 |
# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" |
192 |
# feature of the Postfix local delivery agent (see local(8)). |
193 |
# |
194 |
# Details are described in the LOCAL_RECIPIENT_README file. |
195 |
# |
196 |
# Beware: if the Postfix SMTP server runs chrooted, you probably have |
197 |
# to access the passwd file via the proxymap service, in order to |
198 |
# overcome chroot restrictions. The alternative, having a copy of |
199 |
# the system passwd file in the chroot jail is just not practical. |
200 |
# |
201 |
# The right-hand side of the lookup tables is conveniently ignored. |
202 |
# In the left-hand side, specify a bare username, an @domain.tld |
203 |
# wild-card, or specify a user@××××××.tld address. |
204 |
# |
205 |
#local_recipient_maps = unix:passwd.byname $alias_maps |
206 |
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps |
207 |
#local_recipient_maps = |
208 |
|
209 |
# The unknown_local_recipient_reject_code specifies the SMTP server |
210 |
# response code when a recipient domain matches $mydestination or |
211 |
# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty |
212 |
# and the recipient address or address local-part is not found. |
213 |
# |
214 |
# The default setting is 550 (reject mail) but it is safer to start |
215 |
# with 450 (try again later) until you are certain that your |
216 |
# local_recipient_maps settings are OK. |
217 |
# |
218 |
unknown_local_recipient_reject_code = 450 |
219 |
|
220 |
# TRUST AND RELAY CONTROL |
221 |
|
222 |
# The mynetworks parameter specifies the list of "trusted" SMTP |
223 |
# clients that have more privileges than "strangers". |
224 |
# |
225 |
# In particular, "trusted" SMTP clients are allowed to relay mail |
226 |
# through Postfix. See the smtpd_recipient_restrictions parameter |
227 |
# in postconf(5). |
228 |
# |
229 |
# You can specify the list of "trusted" network addresses by hand |
230 |
# or you can let Postfix do it for you (which is the default). |
231 |
# |
232 |
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP |
233 |
# clients in the same IP subnetworks as the local machine. |
234 |
# On Linux, this does works correctly only with interfaces specified |
235 |
# with the "ifconfig" command. |
236 |
# |
237 |
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP |
238 |
# clients in the same IP class A/B/C networks as the local machine. |
239 |
# Don't do this with a dialup site - it would cause Postfix to "trust" |
240 |
# your entire provider's network. Instead, specify an explicit |
241 |
# mynetworks list by hand, as described below. |
242 |
# |
243 |
# Specify "mynetworks_style = host" when Postfix should "trust" |
244 |
# only the local machine. |
245 |
# |
246 |
#mynetworks_style = class |
247 |
#mynetworks_style = subnet |
248 |
#mynetworks_style = host |
249 |
|
250 |
# Alternatively, you can specify the mynetworks list by hand, in |
251 |
# which case Postfix ignores the mynetworks_style setting. |
252 |
# |
253 |
# Specify an explicit list of network/netmask patterns, where the |
254 |
# mask specifies the number of bits in the network part of a host |
255 |
# address. |
256 |
# |
257 |
# You can also specify the absolute pathname of a pattern file instead |
258 |
# of listing the patterns here. Specify type:table for table-based lookups |
259 |
# (the value on the table right-hand side is not used). |
260 |
# |
261 |
mynetworks = 192.168.1.0/24, 127.0.0.0/8, 64.89.173.226, 64.89.173.227 |
262 |
#mynetworks = $config_directory/mynetworks |
263 |
#mynetworks = hash:/etc/postfix/network_table |
264 |
|
265 |
# The relay_domains parameter restricts what destinations this system will |
266 |
# relay mail to. See the smtpd_recipient_restrictions description in |
267 |
# postconf(5) for detailed information. |
268 |
# |
269 |
# By default, Postfix relays mail |
270 |
# - from "trusted" clients (IP address matches $mynetworks) to any destination, |
271 |
# - from "untrusted" clients to destinations that match $relay_domains or |
272 |
# subdomains thereof, except addresses with sender-specified routing. |
273 |
# The default relay_domains value is $mydestination. |
274 |
# |
275 |
# In addition to the above, the Postfix SMTP server by default accepts mail |
276 |
# that Postfix is final destination for: |
277 |
# - destinations that match $inet_interfaces or $proxy_interfaces, |
278 |
# - destinations that match $mydestination |
279 |
# - destinations that match $virtual_alias_domains, |
280 |
# - destinations that match $virtual_mailbox_domains. |
281 |
# These destinations do not need to be listed in $relay_domains. |
282 |
# |
283 |
# Specify a list of hosts or domains, /file/name patterns or type:name |
284 |
# lookup tables, separated by commas and/or whitespace. Continue |
285 |
# long lines by starting the next line with whitespace. A file name |
286 |
# is replaced by its contents; a type:name table is matched when a |
287 |
# (parent) domain appears as lookup key. |
288 |
# |
289 |
# NOTE: Postfix will not automatically forward mail for domains that |
290 |
# list this system as their primary or backup MX host. See the |
291 |
# permit_mx_backup restriction description in postconf(5). |
292 |
# |
293 |
#relay_domains = $mydestination |
294 |
|
295 |
# INTERNET OR INTRANET |
296 |
|
297 |
# The relayhost parameter specifies the default host to send mail to |
298 |
# when no entry is matched in the optional transport(5) table. When |
299 |
# no relayhost is given, mail is routed directly to the destination. |
300 |
# |
301 |
# On an intranet, specify the organizational domain name. If your |
302 |
# internal DNS uses no MX records, specify the name of the intranet |
303 |
# gateway host instead. |
304 |
# |
305 |
# In the case of SMTP, specify a domain, host, host:port, [host]:port, |
306 |
# [address] or [address]:port; the form [host] turns off MX lookups. |
307 |
# |
308 |
# If you're connected via UUCP, see also the default_transport parameter. |
309 |
# |
310 |
#relayhost = $mydomain |
311 |
#relayhost = [gateway.my.domain] |
312 |
#relayhost = [mailserver.isp.tld] |
313 |
#relayhost = uucphost |
314 |
#relayhost = [an.ip.add.ress] |
315 |
|
316 |
# REJECTING UNKNOWN RELAY USERS |
317 |
# |
318 |
# The relay_recipient_maps parameter specifies optional lookup tables |
319 |
# with all addresses in the domains that match $relay_domains. |
320 |
# |
321 |
# If this parameter is defined, then the SMTP server will reject |
322 |
# mail for unknown relay users. This feature is off by default. |
323 |
# |
324 |
# The right-hand side of the lookup tables is conveniently ignored. |
325 |
# In the left-hand side, specify an @domain.tld wild-card, or specify |
326 |
# a user@××××××.tld address. |
327 |
# |
328 |
#relay_recipient_maps = hash:/etc/postfix/relay_recipients |
329 |
|
330 |
# INPUT RATE CONTROL |
331 |
# |
332 |
# The in_flow_delay configuration parameter implements mail input |
333 |
# flow control. This feature is turned on by default, although it |
334 |
# still needs further development (it's disabled on SCO UNIX due |
335 |
# to an SCO bug). |
336 |
# |
337 |
# A Postfix process will pause for $in_flow_delay seconds before |
338 |
# accepting a new message, when the message arrival rate exceeds the |
339 |
# message delivery rate. With the default 100 SMTP server process |
340 |
# limit, this limits the mail inflow to 100 messages a second more |
341 |
# than the number of messages delivered per second. |
342 |
# |
343 |
# Specify 0 to disable the feature. Valid delays are 0..10. |
344 |
# |
345 |
#in_flow_delay = 1s |
346 |
|
347 |
# ADDRESS REWRITING |
348 |
# |
349 |
# The ADDRESS_REWRITING_README document gives information about |
350 |
# address masquerading or other forms of address rewriting including |
351 |
# username->Firstname.Lastname mapping. |
352 |
|
353 |
# ADDRESS REDIRECTION (VIRTUAL DOMAIN) |
354 |
# |
355 |
# The VIRTUAL_README document gives information about the many forms |
356 |
# of domain hosting that Postfix supports. |
357 |
|
358 |
# "USER HAS MOVED" BOUNCE MESSAGES |
359 |
# |
360 |
# See the discussion in the ADDRESS_REWRITING_README document. |
361 |
|
362 |
# TRANSPORT MAP |
363 |
# |
364 |
# See the discussion in the ADDRESS_REWRITING_README document. |
365 |
|
366 |
# ALIAS DATABASE |
367 |
# |
368 |
# The alias_maps parameter specifies the list of alias databases used |
369 |
# by the local delivery agent. The default list is system dependent. |
370 |
# |
371 |
# On systems with NIS, the default is to search the local alias |
372 |
# database, then the NIS alias database. See aliases(5) for syntax |
373 |
# details. |
374 |
# |
375 |
# If you change the alias database, run "postalias /etc/aliases" (or |
376 |
# wherever your system stores the mail alias file), or simply run |
377 |
# "newaliases" to build the necessary DBM or DB file. |
378 |
# |
379 |
# It will take a minute or so before changes become visible. Use |
380 |
# "postfix reload" to eliminate the delay. |
381 |
# |
382 |
#alias_maps = dbm:/etc/aliases |
383 |
#alias_maps = hash:/etc/aliases |
384 |
#alias_maps = hash:/etc/aliases, nis:mail.aliases |
385 |
#alias_maps = netinfo:/aliases |
386 |
|
387 |
# The alias_database parameter specifies the alias database(s) that |
388 |
# are built with "newaliases" or "sendmail -bi". This is a separate |
389 |
# configuration parameter, because alias_maps (see above) may specify |
390 |
# tables that are not necessarily all under control by Postfix. |
391 |
# |
392 |
#alias_database = dbm:/etc/aliases |
393 |
#alias_database = dbm:/etc/mail/aliases |
394 |
#alias_database = hash:/etc/aliases |
395 |
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases |
396 |
|
397 |
# ADDRESS EXTENSIONS (e.g., user+foo) |
398 |
# |
399 |
# The recipient_delimiter parameter specifies the separator between |
400 |
# user names and address extensions (user+foo). See canonical(5), |
401 |
# local(8), relocated(5) and virtual(5) for the effects this has on |
402 |
# aliases, canonical, virtual, relocated and .forward file lookups. |
403 |
# Basically, the software tries user+foo and .forward+foo before |
404 |
# trying user and .forward. |
405 |
# |
406 |
#recipient_delimiter = + |
407 |
|
408 |
# DELIVERY TO MAILBOX |
409 |
# |
410 |
# The home_mailbox parameter specifies the optional pathname of a |
411 |
# mailbox file relative to a user's home directory. The default |
412 |
# mailbox file is /var/spool/mail/user or /var/mail/user. Specify |
413 |
# "Maildir/" for qmail-style delivery (the / is required). |
414 |
# |
415 |
#home_mailbox = Mailbox |
416 |
home_mailbox = .maildir/ |
417 |
|
418 |
# The mail_spool_directory parameter specifies the directory where |
419 |
# UNIX-style mailboxes are kept. The default setting depends on the |
420 |
# system type. |
421 |
# |
422 |
#mail_spool_directory = /var/mail |
423 |
#mail_spool_directory = /var/spool/mail |
424 |
|
425 |
# The mailbox_command parameter specifies the optional external |
426 |
# command to use instead of mailbox delivery. The command is run as |
427 |
# the recipient with proper HOME, SHELL and LOGNAME environment settings. |
428 |
# Exception: delivery for root is done as $default_user. |
429 |
# |
430 |
# Other environment variables of interest: USER (recipient username), |
431 |
# EXTENSION (address extension), DOMAIN (domain part of address), |
432 |
# and LOCAL (the address localpart). |
433 |
# |
434 |
# Unlike other Postfix configuration parameters, the mailbox_command |
435 |
# parameter is not subjected to $parameter substitutions. This is to |
436 |
# make it easier to specify shell syntax (see example below). |
437 |
# |
438 |
# Avoid shell meta characters because they will force Postfix to run |
439 |
# an expensive shell process. Procmail alone is expensive enough. |
440 |
# |
441 |
# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN |
442 |
# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. |
443 |
# |
444 |
#mailbox_command = /some/where/procmail |
445 |
#mailbox_command = /some/where/procmail -a "$EXTENSION" |
446 |
|
447 |
# The mailbox_transport specifies the optional transport in master.cf |
448 |
# to use after processing aliases and .forward files. This parameter |
449 |
# has precedence over the mailbox_command, fallback_transport and |
450 |
# luser_relay parameters. |
451 |
# |
452 |
# Specify a string of the form transport:nexthop, where transport is |
453 |
# the name of a mail delivery transport defined in master.cf. The |
454 |
# :nexthop part is optional. For more details see the sample transport |
455 |
# configuration file. |
456 |
# |
457 |
# NOTE: if you use this feature for accounts not in the UNIX password |
458 |
# file, then you must update the "local_recipient_maps" setting in |
459 |
# the main.cf file, otherwise the SMTP server will reject mail for |
460 |
# non-UNIX accounts with "User unknown in local recipient table". |
461 |
# |
462 |
#mailbox_transport = lmtp:unix:/file/name |
463 |
#mailbox_transport = cyrus |
464 |
|
465 |
# The fallback_transport specifies the optional transport in master.cf |
466 |
# to use for recipients that are not found in the UNIX passwd database. |
467 |
# This parameter has precedence over the luser_relay parameter. |
468 |
# |
469 |
# Specify a string of the form transport:nexthop, where transport is |
470 |
# the name of a mail delivery transport defined in master.cf. The |
471 |
# :nexthop part is optional. For more details see the sample transport |
472 |
# configuration file. |
473 |
# |
474 |
# NOTE: if you use this feature for accounts not in the UNIX password |
475 |
# file, then you must update the "local_recipient_maps" setting in |
476 |
# the main.cf file, otherwise the SMTP server will reject mail for |
477 |
# non-UNIX accounts with "User unknown in local recipient table". |
478 |
# |
479 |
#fallback_transport = lmtp:unix:/file/name |
480 |
#fallback_transport = cyrus |
481 |
#fallback_transport = |
482 |
|
483 |
# The luser_relay parameter specifies an optional destination address |
484 |
# for unknown recipients. By default, mail for unknown@$mydestination, |
485 |
# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned |
486 |
# as undeliverable. |
487 |
# |
488 |
# The following expansions are done on luser_relay: $user (recipient |
489 |
# username), $shell (recipient shell), $home (recipient home directory), |
490 |
# $recipient (full recipient address), $extension (recipient address |
491 |
# extension), $domain (recipient domain), $local (entire recipient |
492 |
# localpart), $recipient_delimiter. Specify ${name?value} or |
493 |
# ${name:value} to expand value only when $name does (does not) exist. |
494 |
# |
495 |
# luser_relay works only for the default Postfix local delivery agent. |
496 |
# |
497 |
# NOTE: if you use this feature for accounts not in the UNIX password |
498 |
# file, then you must specify "local_recipient_maps =" (i.e. empty) in |
499 |
# the main.cf file, otherwise the SMTP server will reject mail for |
500 |
# non-UNIX accounts with "User unknown in local recipient table". |
501 |
# |
502 |
#luser_relay = $user@×××××.host |
503 |
#luser_relay = $local@×××××.host |
504 |
#luser_relay = admin+$local |
505 |
|
506 |
# JUNK MAIL CONTROLS |
507 |
# |
508 |
# The controls listed here are only a very small subset. The file |
509 |
# SMTPD_ACCESS_README provides an overview. |
510 |
|
511 |
# The header_checks parameter specifies an optional table with patterns |
512 |
# that each logical message header is matched against, including |
513 |
# headers that span multiple physical lines. |
514 |
# |
515 |
# By default, these patterns also apply to MIME headers and to the |
516 |
# headers of attached messages. With older Postfix versions, MIME and |
517 |
# attached message headers were treated as body text. |
518 |
# |
519 |
# For details, see "man header_checks". |
520 |
# |
521 |
#header_checks = regexp:/etc/postfix/header_checks |
522 |
|
523 |
# FAST ETRN SERVICE |
524 |
# |
525 |
# Postfix maintains per-destination logfiles with information about |
526 |
# deferred mail, so that mail can be flushed quickly with the SMTP |
527 |
# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". |
528 |
# See the ETRN_README document for a detailed description. |
529 |
# |
530 |
# The fast_flush_domains parameter controls what destinations are |
531 |
# eligible for this service. By default, they are all domains that |
532 |
# this server is willing to relay mail to. |
533 |
# |
534 |
#fast_flush_domains = $relay_domains |
535 |
|
536 |
# SHOW SOFTWARE VERSION OR NOT |
537 |
# |
538 |
# The smtpd_banner parameter specifies the text that follows the 220 |
539 |
# code in the SMTP server's greeting banner. Some people like to see |
540 |
# the mail version advertised. By default, Postfix shows no version. |
541 |
# |
542 |
# You MUST specify $myhostname at the start of the text. That is an |
543 |
# RFC requirement. Postfix itself does not care. |
544 |
# |
545 |
#smtpd_banner = $myhostname ESMTP $mail_name |
546 |
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) |
547 |
|
548 |
# PARALLEL DELIVERY TO THE SAME DESTINATION |
549 |
# |
550 |
# How many parallel deliveries to the same user or domain? With local |
551 |
# delivery, it does not make sense to do massively parallel delivery |
552 |
# to the same user, because mailbox updates must happen sequentially, |
553 |
# and expensive pipelines in .forward files can cause disasters when |
554 |
# too many are run at the same time. With SMTP deliveries, 10 |
555 |
# simultaneous connections to the same domain could be sufficient to |
556 |
# raise eyebrows. |
557 |
# |
558 |
# Each message delivery transport has its XXX_destination_concurrency_limit |
559 |
# parameter. The default is $default_destination_concurrency_limit for |
560 |
# most delivery transports. For the local delivery agent the default is 2. |
561 |
|
562 |
#local_destination_concurrency_limit = 2 |
563 |
#default_destination_concurrency_limit = 20 |
564 |
|
565 |
# DEBUGGING CONTROL |
566 |
# |
567 |
# The debug_peer_level parameter specifies the increment in verbose |
568 |
# logging level when an SMTP client or server host name or address |
569 |
# matches a pattern in the debug_peer_list parameter. |
570 |
# |
571 |
debug_peer_level = 2 |
572 |
|
573 |
# The debug_peer_list parameter specifies an optional list of domain |
574 |
# or network patterns, /file/name patterns or type:name tables. When |
575 |
# an SMTP client or server host name or address matches a pattern, |
576 |
# increase the verbose logging level by the amount specified in the |
577 |
# debug_peer_level parameter. |
578 |
# |
579 |
#debug_peer_list = 127.0.0.1 |
580 |
#debug_peer_list = some.domain |
581 |
|
582 |
# The debugger_command specifies the external command that is executed |
583 |
# when a Postfix daemon program is run with the -D option. |
584 |
# |
585 |
# Use "command .. & sleep 5" so that the debugger can attach before |
586 |
# the process marches on. If you use an X-based debugger, be sure to |
587 |
# set up your XAUTHORITY environment variable before starting Postfix. |
588 |
# |
589 |
debugger_command = |
590 |
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin |
591 |
xxgdb $daemon_directory/$process_name $process_id & sleep 5 |
592 |
|
593 |
# If you don't have X installed on the Postfix machine, try: |
594 |
# debugger_command = |
595 |
# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; |
596 |
# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 |
597 |
# >$config_directory/$process_name.$process_id.log & sleep 5 |
598 |
|
599 |
# INSTALL-TIME CONFIGURATION INFORMATION |
600 |
# |
601 |
# The following parameters are used when installing a new Postfix version. |
602 |
# |
603 |
# sendmail_path: The full pathname of the Postfix sendmail command. |
604 |
# This is the Sendmail-compatible mail posting interface. |
605 |
# |
606 |
sendmail_path = /usr/sbin/sendmail |
607 |
|
608 |
# newaliases_path: The full pathname of the Postfix newaliases command. |
609 |
# This is the Sendmail-compatible command to build alias databases. |
610 |
# |
611 |
newaliases_path = /usr/bin/newaliases |
612 |
|
613 |
# mailq_path: The full pathname of the Postfix mailq command. This |
614 |
# is the Sendmail-compatible mail queue listing command. |
615 |
# |
616 |
mailq_path = /usr/bin/mailq |
617 |
|
618 |
# setgid_group: The group for mail submission and queue management |
619 |
# commands. This must be a group name with a numerical group ID that |
620 |
# is not shared with other accounts, not even with the Postfix account. |
621 |
# |
622 |
setgid_group = postdrop |
623 |
|
624 |
# html_directory: The location of the Postfix HTML documentation. |
625 |
# |
626 |
html_directory = no |
627 |
|
628 |
# manpage_directory: The location of the Postfix on-line manual pages. |
629 |
# |
630 |
manpage_directory = /usr/share/man |
631 |
|
632 |
# sample_directory: The location of the Postfix sample configuration files. |
633 |
# This parameter is obsolete as of Postfix 2.1. |
634 |
# |
635 |
sample_directory = /etc/postfix |
636 |
|
637 |
# readme_directory: The location of the Postfix README files. |
638 |
# |
639 |
readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme |
640 |
default_destination_concurrency_limit = 2 |
641 |
alias_database = hash:/etc/mail/aliases |
642 |
local_destination_concurrency_limit = 2 |
643 |
alias_maps = hash:/etc/mail/aliases |
644 |
home_mailbox = .maildir/ |
645 |
|
646 |
#smtpd_client_restrictions = permit_sasl_authenticated, reject |
647 |
smptd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks |
648 |
smtp_use_tls = yes |
649 |
smtpd_use_tls = yes |
650 |
smtpd_tls_auth_only = yes |
651 |
smtpd_tls_key_file = /etc/ssl/postfix/server.key |
652 |
smtpd_tls_cert_file = /etc/ssl/postfix/server.crt |
653 |
smtpd_tls_CAfile = /etc/ssl/postfix/server.pem |
654 |
smtpd_tls_loglevel = 3 |
655 |
smtpd_tls_received_header = yes |
656 |
smtpd_tls_session_cache_timeout = 3600s |
657 |
tls_random_source = dev:/dev/urandom |
658 |
|
659 |
virtual_alias_domains = saludmagazine.com |
660 |
virtual_alias_maps = hash:/etc/postfix/virtual |
661 |
|
662 |
#Gentoo gateway guide |
663 |
biff = no |
664 |
empty_address_recipient = MAILER-DAEMON |
665 |
queue_minfree = 120000000 |
666 |
|
667 |
content_filter = smtp-amavis:[127.0.0.1]:10024 |
668 |
|
669 |
|
670 |
# TRANSPORT MAP |
671 |
# |
672 |
# Insert text from sample-transport.cf if you need explicit routing. |
673 |
#transport_maps = hash:/etc/postfix/transport |
674 |
smtpd_sasl_auth_enable = yes |
675 |
smtpd_sasl_security_options = noanonymous |
676 |
smtpd_sasl_local_domain = $myhostname |
677 |
broken_sasl_auth_clients = yes |
678 |
relay_domains = $mydestination |
679 |
smtpd_recipient_restrictions = |
680 |
permit_sasl_authenticated, |
681 |
permit_mynetworks, |
682 |
check_relay_domains |
683 |
#smtpd_recipient_restrictions = |
684 |
# permit_sasl_authenticated, |
685 |
# permit_mynetworks, |
686 |
# check_relay_domains |
687 |
|
688 |
|
689 |
|
690 |
|
691 |
>X-Original-To: jstrusz@×××××.com |
692 |
>Delivered-To: jstrusz@×××××.com |
693 |
>Delivered-To: <gentoo-security@l.g.o> |
694 |
>X-Qmail-Scanner-Mail-From: scook@×××××.net via schroeder.kinex.net |
695 |
>X-Qmail-Scanner: 1.25 (Clear:RC:1(12.155.103.158):. Processed in |
696 |
>0.045317 secs) |
697 |
>From: "Sean Cook" <scook@×××××.net> |
698 |
>To: <gentoo-security@l.g.o> |
699 |
>Subject: RE: [gentoo-security] postfix and SASL |
700 |
>Date: Tue, 4 Oct 2005 16:37:27 -0400 |
701 |
>List-Post: <mailto:gentoo-security@l.g.o> |
702 |
>List-Help: <mailto:gentoo-security+help@g.o> |
703 |
>List-Unsubscribe: <mailto:gentoo-security+unsubscribe@g.o> |
704 |
>List-Subscribe: <mailto:gentoo-security+subscribe@g.o> |
705 |
>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org> |
706 |
>X-BeenThere: gentoo-security@g.o |
707 |
>Reply-To: gentoo-security@l.g.o |
708 |
>X-Mailer: Microsoft Office Outlook, Build 11.0.5510 |
709 |
>thread-index: AcXJIv/xXt93E14eS1a0LsJEk1yZQQAABY6A |
710 |
>X-Qmail-Scanner-Message-ID: <112845824768623995@×××××××××××××××.net> |
711 |
>X-Virus-Scanned: amavisd-new at kinex.net |
712 |
>X-Virus-Scanned: This message was scanned for viruses by ClamAV. |
713 |
>X-Spam-Status: No, hits=-2.599 tagged_above=-100 required=6.5 tests=BAYES_00 |
714 |
>X-Spam-Level: |
715 |
> |
716 |
>You have to enable tls support in the main.cf |
717 |
> |
718 |
># this line alone should cause that EHLO to respond with appropriate detail |
719 |
>smtpd_sasl_auth_enable = yes |
720 |
> |
721 |
> |
722 |
>smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, |
723 |
> |
724 |
> reject_unauth_destination |
725 |
>smtpd_sasl_security_options = noanonymous |
726 |
>smtpd_sasl_local_domain = $myhostname |
727 |
>broken_sasl_auth_clients = yes |
728 |
> |
729 |
> |
730 |
>-----Original Message----- |
731 |
>From: Joe Strusz [mailto:jstrusz@×××××.com] |
732 |
>Sent: Tuesday, October 04, 2005 4:31 PM |
733 |
>To: gentoo-security@l.g.o |
734 |
>Subject: [gentoo-security] postfix and SASL |
735 |
> |
736 |
>I have confirmed postfix is indeed compiled with SASL support. And i |
737 |
>have TLS working great. However when i telnet to port 25 and |
738 |
>issuethe ehlo command, i do receive the starttls etc... yet no AUTH |
739 |
>PLAIN lines... |
740 |
> |
741 |
>I have been through every gentoo forum on this subject over and over |
742 |
>again... same result. Ive googled, and googled, and even resorted to |
743 |
>the postfix handbook.. |
744 |
> |
745 |
>Could someone shed some light on this for me? |
746 |
> |
747 |
> |
748 |
>Joe Strusz |
749 |
> |
750 |
>IT Assistant |
751 |
>Oxford Publishing, Inc. |
752 |
>307 West Jackson Avenue |
753 |
>Oxford, MS 38655-2154 |
754 |
>800-247-3881 |
755 |
>662-236-5510x40 |
756 |
>jstrusz@×××××.com |
757 |
>http://www.nightclub.com |
758 |
> |
759 |
> |
760 |
>-- |
761 |
>gentoo-security@g.o mailing list |
762 |
> |
763 |
> |
764 |
>-- |
765 |
>gentoo-security@g.o mailing list |
766 |
|
767 |
|
768 |
Joe Strusz |
769 |
|
770 |
IT Assistant |
771 |
Oxford Publishing, Inc. |
772 |
307 West Jackson Avenue |
773 |
Oxford, MS 38655-2154 |
774 |
800-247-3881 |
775 |
662-236-5510x40 |
776 |
jstrusz@×××××.com |
777 |
http://www.nightclub.com |
778 |
|
779 |
|
780 |
-- |
781 |
gentoo-security@g.o mailing list |