Add postfix configs
This commit is contained in:
parent
de343d9b88
commit
a871f01188
|
@ -0,0 +1,24 @@
|
|||
# Contributor: Alex Denes <caskd@redxen.eu>
|
||||
# Maintainer: Alex Denes <caskd@redxen.eu>
|
||||
pkgname=redxen-config-postfix
|
||||
pkgver=2021.01.05
|
||||
pkgrel=5
|
||||
pkgdesc="Postfix configuration files"
|
||||
url="https://git.redxen.eu/RedXen"
|
||||
arch="noarch"
|
||||
license="none"
|
||||
depends="postfix redxen-secret-letsencrypt-chain redxen-secret-letsencrypt-private"
|
||||
options="!check"
|
||||
install="$pkgname.pre-install"
|
||||
source="
|
||||
master.cf
|
||||
main.cf
|
||||
"
|
||||
|
||||
package() {
|
||||
install -Dm644 master.cf "$pkgdir"/etc/postfix.redxen/master.cf
|
||||
install -Dm644 main.cf "$pkgdir"/etc/postfix.redxen/main.cf
|
||||
}
|
||||
|
||||
sha512sums="b50bfb986c3ac6c2f14b15c101772312128869d3e6a77075a67e913115a43ace484a1f50604c79296c224410bbff86769abf9b0352aa97a5b646c4a627f0edad master.cf
|
||||
1d7112b6fd6a0c0a9a7507ca33dc78607b8bb0cad88cf0f13b1be6cd496d389fa0b946088e2fdb30300a39e20951c0d7c76b51e98fc5c09b014701e8bbddec0b main.cf"
|
|
@ -0,0 +1,68 @@
|
|||
# General
|
||||
smtpd_banner = $myhostname ESMTP RedXen Mail. DO NOT MESS WITH US OR WE WILL CUT YOUR BALLS OFF!
|
||||
|
||||
inet_interfaces = all
|
||||
inet_protocols = all
|
||||
|
||||
myorigin = redxen.eu
|
||||
myhostname = mail.$myorigin
|
||||
mydomain = $myorigin
|
||||
mydestination = mail.redxen.eu, smtp.redxen.eu, redxen.eu
|
||||
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
|
||||
|
||||
relayhost =
|
||||
relay_domains = $mydestination
|
||||
|
||||
alias_maps = hash:/etc/aliases
|
||||
alias_database = hash:/etc/aliases
|
||||
|
||||
biff = no
|
||||
append_dot_mydomain = no
|
||||
delay_warning_time = 1h
|
||||
readme_directory = no
|
||||
compatibility_level = 2
|
||||
mailbox_size_limit = 0
|
||||
recipient_delimiter = +
|
||||
notify_classes = resource, software, bounce
|
||||
|
||||
# SMTP TLS
|
||||
smtp_tls_CApath = /etc/ssl/certs
|
||||
smtp_tls_security_level = may
|
||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||
|
||||
smtpd_use_tls = yes
|
||||
smtpd_tls_cert_file = /etc/ssl/redxen/letsencrypt/chain.crt
|
||||
smtpd_tls_key_file = /etc/ssl/redxen/letsencrypt/private.key
|
||||
smtpd_tls_security_level = encrypt
|
||||
|
||||
# Restrictions
|
||||
smtpd_sender_restrictions = reject_unknown_sender_domain
|
||||
smtpd_relay_restrictions = permit_sasl_authenticated,
|
||||
reject_unauth_destination
|
||||
smtpd_recipient_restrictions = permit_sasl_authenticated,
|
||||
reject_non_fqdn_recipient,
|
||||
reject_unknown_recipient_domain,
|
||||
reject_unknown_reverse_client_hostname,
|
||||
reject_rbl_client sbl.spamhaus.org,
|
||||
reject_rbl_client xbl.spamhaus.org,
|
||||
reject_rhsbl_client dbl.spamhaus.org,
|
||||
reject_rhsbl_reverse_client dbl.spamhaus.org,
|
||||
reject_rhsbl_sender dbl.spamhaus.org
|
||||
smtpd_helo_restrictions = reject_rhsbl_helo dbl.spamhaus.org
|
||||
|
||||
# Dovecot auth
|
||||
smtpd_sasl_type = dovecot
|
||||
smtpd_sasl_path = /run/dovecot/auth
|
||||
smtpd_sasl_security_options=noanonymous
|
||||
smtpd_sasl_local_domain=$myhostname
|
||||
|
||||
# Dovecot LMTP
|
||||
mailbox_transport = lmtp:unix:/run/dovecot/lmtp
|
||||
|
||||
# OpenDKIM & RSpamD
|
||||
#milter_default_action = tempfail
|
||||
#milter_protocol = 6
|
||||
|
||||
#smtpd_milters = local:/run/opendkim/opendkim.sock inet:127.0.0.1:11332
|
||||
#non_smtpd_milters = local:/run/opendkim/opendkim.sock inet:127.0.0.1:11332
|
||||
#internal_mail_filter_classes = bounce, notify
|
|
@ -0,0 +1,37 @@
|
|||
# ==========================================================================
|
||||
# service type private unpriv chroot wakeup maxproc command + args
|
||||
# (yes) (yes) (no) (never) (100)
|
||||
# ==========================================================================
|
||||
submission inet n - y - - smtpd
|
||||
-o smtpd_sasl_auth_enable=yes
|
||||
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
||||
smtp unix - - n - - smtp
|
||||
smtp inet n - n - - smtpd
|
||||
-o smtpd_sasl_auth_enable=yes
|
||||
smtps inet n - n - - smtpd
|
||||
-o smtpd_sasl_auth_enable=yes
|
||||
-o syslog_name=postfix/$service_name
|
||||
-o smtpd_tls_wrappermode=yes
|
||||
pickup unix n - y 60 1 pickup
|
||||
cleanup unix n - y - 0 cleanup
|
||||
qmgr unix n - n 300 1 qmgr
|
||||
tlsmgr unix - - y 1000? 1 tlsmgr
|
||||
rewrite unix - - y - - trivial-rewrite
|
||||
bounce unix - - y - 0 bounce
|
||||
defer unix - - y - 0 bounce
|
||||
trace unix - - y - 0 bounce
|
||||
verify unix - - y - 1 verify
|
||||
flush unix n - y 1000? 0 flush
|
||||
proxymap unix - - n - - proxymap
|
||||
proxywrite unix - - n - 1 proxymap
|
||||
relay unix - - y - - smtp
|
||||
-o syslog_name=postfix/$service_name
|
||||
showq unix n - y - - showq
|
||||
error unix - - y - - error
|
||||
retry unix - - y - - error
|
||||
discard unix - - y - - discard
|
||||
local unix - n n - - local
|
||||
lmtp unix - - y - - lmtp
|
||||
anvil unix - - y - 1 anvil
|
||||
scache unix - - y - 1 scache
|
||||
postlog unix-dgram n - n - 1 postlogd
|
|
@ -0,0 +1,5 @@
|
|||
#!/bin/sh
|
||||
|
||||
adduser dovecot rxletsenc
|
||||
|
||||
return 0
|
Loading…
Reference in New Issue