maybe chmod 0644 'postfix/aliases'
maybe chgrp 'postfix' 'postfix/body_checks.pcre'
maybe chmod 0640 'postfix/body_checks.pcre'
+maybe chmod 0644 'postfix/command_filter.pcre'
maybe chmod 0644 'postfix/dynamicmaps.cf'
maybe chmod 0755 'postfix/dynamicmaps.cf.d'
maybe chmod 0644 'postfix/header_checks'
+maybe chgrp 'postfix' 'postfix/helo_access.pcre'
+maybe chmod 0640 'postfix/helo_access.pcre'
maybe chmod 0644 'postfix/main.cf'
maybe chmod 0644 'postfix/main.cf.proto'
maybe chmod 0644 'postfix/master.cf'
maybe chmod 0644 'postfix/master.cf.orig'
maybe chmod 0644 'postfix/master.cf.proto'
+maybe chmod 0755 'postfix/mysql'
+maybe chgrp 'postfix' 'postfix/mysql/catchall_maps.cf'
+maybe chmod 0640 'postfix/mysql/catchall_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/domain_alias_catchall_maps.cf'
+maybe chmod 0640 'postfix/mysql/domain_alias_catchall_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/domain_alias_maps.cf'
+maybe chmod 0640 'postfix/mysql/domain_alias_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/recipient_bcc_maps_domain.cf'
+maybe chmod 0640 'postfix/mysql/recipient_bcc_maps_domain.cf'
+maybe chgrp 'postfix' 'postfix/mysql/recipient_bcc_maps_user.cf'
+maybe chmod 0640 'postfix/mysql/recipient_bcc_maps_user.cf'
+maybe chgrp 'postfix' 'postfix/mysql/relay_domains.cf'
+maybe chmod 0640 'postfix/mysql/relay_domains.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_bcc_maps_domain.cf'
+maybe chmod 0640 'postfix/mysql/sender_bcc_maps_domain.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_bcc_maps_user.cf'
+maybe chmod 0640 'postfix/mysql/sender_bcc_maps_user.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_dependent_relayhost_maps.cf'
+maybe chmod 0640 'postfix/mysql/sender_dependent_relayhost_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_login_maps.cf'
+maybe chmod 0640 'postfix/mysql/sender_login_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/transport_maps_domain.cf'
+maybe chmod 0640 'postfix/mysql/transport_maps_domain.cf'
+maybe chgrp 'postfix' 'postfix/mysql/transport_maps_maillist.cf'
+maybe chmod 0640 'postfix/mysql/transport_maps_maillist.cf'
+maybe chgrp 'postfix' 'postfix/mysql/transport_maps_user.cf'
+maybe chmod 0640 'postfix/mysql/transport_maps_user.cf'
+maybe chgrp 'postfix' 'postfix/mysql/virtual_alias_maps.cf'
+maybe chmod 0640 'postfix/mysql/virtual_alias_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/virtual_mailbox_domains.cf'
+maybe chmod 0640 'postfix/mysql/virtual_mailbox_domains.cf'
+maybe chgrp 'postfix' 'postfix/mysql/virtual_mailbox_maps.cf'
+maybe chmod 0640 'postfix/mysql/virtual_mailbox_maps.cf'
maybe chmod 0755 'postfix/post-install'
maybe chmod 0644 'postfix/postfix-files'
maybe chmod 0755 'postfix/postfix-files.d'
maybe chmod 0755 'postfix/postfix-script'
maybe chmod 0644 'postfix/postscreen_access.cidr'
maybe chmod 0644 'postfix/postscreen_dnsbl_reply'
+maybe chmod 0644 'postfix/recipient_bcc'
maybe chmod 0755 'postfix/sasl'
+maybe chmod 0644 'postfix/sender_bcc'
+maybe chmod 0644 'postfix/sender_dependent_relayhost'
+maybe chmod 0644 'postfix/transport'
maybe chmod 0644 'postfix/virtual'
maybe chmod 0755 'ppp'
maybe chmod 0755 'ppp/ip-down.d'
maybe chmod 0755 'ssl/certs'
maybe chmod 0644 'ssl/certs/ca-certificates.crt'
maybe chmod 0644 'ssl/certs/ssl-cert-snakeoil.pem'
+maybe chmod 0644 'ssl/dh2048_param.pem'
+maybe chmod 0644 'ssl/dh512_param.pem'
maybe chmod 0755 'ssl/dkim'
maybe chmod 0600 'ssl/dkim/mail-2025-01-14.dpx.private'
maybe chmod 0644 'ssl/dkim/mail-2025-01-14.dpx.pub'
# is /etc/mailname.
#myorigin = /etc/mailname
-smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+smtpd_banner = $myhostname ESMTP $mail_name $mail_version
biff = no
# appending .domain is the MUA's job.
# TLS parameters
-smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
-smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_tls_cert_file = /etc/ssl/tls/certs/wildcard.pixelpark.com-cert.pem
+smtpd_tls_key_file = /etc/ssl/tls/private/wildcard.pixelpark.com-key.pem
smtpd_tls_security_level=may
smtp_tls_CApath=/etc/ssl/certs
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
myorigin = /etc/mailname
-mydestination = $myhostname, dev-mail-fbrehm.pixelpark.com, localhost.pixelpark.com, , localhost
-relayhost =
+mydestination = $myhostname, dev-mail-fbrehm, dev-mail-fbrehm.pixelpark.com, dev-mail-fbrehm.$mydomain, localhost.pixelpark.com, localhost, localhost.localdomain, localhost.$mydomain
+relayhost = [prd-mail.pixelpark.com]
mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, 217.66.51.28
# mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 524288000
lmtp_tls_mandatory_protocols = >=TLSv1
lmtp_tls_protocols = >=TLSv1
message_size_limit = 52428800
+milter_default_action = accept
mlmmj_destination_recipient_limit = 1
mydomain = pixelpark.com
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = enforce
-postscreen_dnsbl_action = enforc
+postscreen_dnsbl_action = enforce
postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply
-postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3 b.barracudacentral.org=127.0.0.2*2
+postscreen_dnsbl_sites =
postscreen_dnsbl_threshold = 2
postscreen_greet_action = enforce
postscreen_dnsbl_whitelist_threshold = -2
+recipient_bcc_maps = $default_database_type:/etc/postfix/recipient_bcc, proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
+proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps
+relay_domains = $mydestination proxy:mysql:/etc/postfix/mysql/relay_domains.cf
+sender_bcc_maps = $default_database_type:/etc/postfix/sender_bcc, proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
+sender_dependent_relayhost_maps = $default_database_type:/etc/postfix/sender_dependent_relayhost, proxy:mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf
+setgid_group = postdrop
+show_user_unknown_table_name = yes
+# smtp_tls_CAfile = $smtpd_tls_CAfile
+smtp_tls_loglevel = 1
+smtp_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
+smtp_tls_note_starttls_offer = yes
+smtp_tls_protocols = $smtpd_tls_protocols
+smtpd_tls_loglevel = 1
+smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
+smtpd_tls_protocols = !SSLv2 !SSLv3
+smtpd_command_filter = pcre:/etc/postfix/command_filter.pcre
+smtpd_data_restrictions = reject_unauth_pipelining
+smtpd_forbid_bare_newline = yes
+smtpd_forbid_bare_newline_exclusions = $mynetworks
+smtpd_helo_required = yes
+smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated check_helo_access pcre:/etc/postfix/helo_access.pcre reject_non_fqdn_helo_hostname reject_unknown_helo_hostname
+smtpd_milters = inet:localhost:11332
+smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unlisted_recipient permit_mynetworks permit_sasl_authenticated reject_unauth_destination
+smtpd_reject_unlisted_recipient = yes
+smtpd_reject_unlisted_sender = yes
+smtpd_sasl_authenticated_header = yes
+smtpd_sasl_path = private/dovecot-auth
+smtpd_sasl_type = dovecot
+smtpd_tls_CApath = /etc/ssl/certs
+smtpd_tls_dh1024_param_file = /etc/ssl/dh2048_param.pem
+smtpd_tls_dh512_param_file = /etc/ssl/dh512_param.pem
+smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
+smtpd_tls_received_header = yes
+swap_bangpath = yes
+tls_random_source = dev:/dev/urandom
+transport_maps = $default_database_type:/etc/postfix/transport, proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf, proxy:mysql:/etc/postfix/mysql/transport_maps_maillist.cf, proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
+unknown_local_recipient_reject_code = 550
+virtual_alias_domains =
+virtual_alias_maps = $default_database_type:/etc/postfix/virtual, proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/catchall_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
+virtual_gid_maps = static:2000
+virtual_mailbox_base = /var/vmail
+virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
+virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
+virtual_minimum_uid = 2000
+virtual_transport = dovecot
+virtual_uid_maps = static:2000
+smtp_tls_cert_file = $smtpd_tls_cert_file
+smtp_tls_key_file = $smtpd_tls_key_file
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT forwardings.forwarding FROM forwardings,domain WHERE forwardings.address='%d' AND '%u' NOT LIKE '%%+%%' AND forwardings.address=domain.domain AND forwardings.active=1 AND domain.active=1 AND domain.backupmx=0
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT forwardings.forwarding FROM forwardings,alias_domain,domain WHERE alias_domain.alias_domain='%d' AND forwardings.address=alias_domain.target_domain AND alias_domain.target_domain=domain.domain AND forwardings.active=1 AND alias_domain.active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT forwardings.forwarding FROM forwardings,alias_domain,domain WHERE alias_domain.alias_domain='%d' AND forwardings.address=CONCAT('%u', '@', alias_domain.target_domain) AND alias_domain.target_domain=domain.domain AND forwardings.active=1 AND alias_domain.active=1 AND domain.backupmx=0
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT bcc_address FROM recipient_bcc_domain WHERE domain='%d' AND active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT recipient_bcc_user.bcc_address FROM recipient_bcc_user,domain WHERE recipient_bcc_user.username='%s' AND recipient_bcc_user.domain='%d' AND recipient_bcc_user.domain=domain.domain AND domain.backupmx=0 AND domain.active=1 AND recipient_bcc_user.active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT domain FROM domain WHERE domain='%s' AND backupmx=1 AND active=1 LIMIT 1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT bcc_address FROM sender_bcc_domain WHERE domain='%d' AND active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT sender_bcc_user.bcc_address FROM sender_bcc_user,domain WHERE sender_bcc_user.username='%s' AND sender_bcc_user.domain='%d' AND sender_bcc_user.domain=domain.domain AND domain.backupmx=0 AND domain.active=1 AND sender_bcc_user.active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+# '%s' will be replaced by the envelope sender address or @domain.
+query = SELECT relayhost FROM sender_relayhost WHERE account='%s' LIMIT 1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT mailbox.username FROM mailbox,domain WHERE mailbox.username='%s' AND mailbox.domain='%d' AND mailbox.domain=domain.domain AND mailbox.enablesmtp=1 AND mailbox.active=1 AND domain.backupmx=0 AND domain.active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT transport FROM domain WHERE domain='%s' AND active=1 LIMIT 1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT maillists.transport FROM maillists,domain WHERE maillists.address='%s' AND maillists.active=1 AND maillists.domain = domain.domain AND domain.active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT mailbox.transport FROM mailbox,domain WHERE mailbox.username='%s' AND mailbox.domain='%d' AND mailbox.domain=domain.domain AND mailbox.transport<>'' AND mailbox.active=1 AND mailbox.enabledeliver=1 AND domain.backupmx=0 AND domain.active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT forwardings.forwarding FROM forwardings,domain WHERE forwardings.address='%s' AND forwardings.domain=domain.domain AND forwardings.active=1 AND domain.backupmx=0 AND domain.active=1
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = (SELECT domain FROM domain WHERE domain='%s' AND backupmx=0 AND active=1 LIMIT 1) UNION (SELECT alias_domain.alias_domain FROM alias_domain,domain WHERE alias_domain.alias_domain='%s' AND alias_domain.active=1 AND alias_domain.target_domain=domain.domain AND domain.active=1 AND domain.backupmx=0 LIMIT 1)
--- /dev/null
+hosts = 127.0.0.1:3306
+user = vmail
+password = Dw9xvZrLjCBfB5IobpRPTQjIg40LCz9i
+dbname = vmail
+query = SELECT CONCAT(mailbox.storagenode, '/', mailbox.maildir, '/Maildir/') FROM mailbox,domain WHERE mailbox.username='%s' AND mailbox.active=1 AND mailbox.enabledeliver=1 AND domain.domain = mailbox.domain AND domain.active=1
projects / config / dev-mail-fbrehm / etc.git / commitdiff