From d16e324336538cd5d55bbc2c3d10cdd0a5753032 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Wed, 15 Jan 2025 17:58:39 +0100 Subject: [PATCH] Current state postfix --- .etckeeper | 3 +++ postfix/main.cf | 25 +++++++++++++++++++++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/.etckeeper b/.etckeeper index 26316c3..8e36b20 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1002,6 +1002,7 @@ maybe chgrp 'postfix' 'postfix/body_checks.pcre' maybe chmod 0640 'postfix/body_checks.pcre' maybe chmod 0644 'postfix/dynamicmaps.cf' maybe chmod 0755 'postfix/dynamicmaps.cf.d' +maybe chmod 0644 'postfix/header_checks' maybe chmod 0644 'postfix/main.cf' maybe chmod 0644 'postfix/main.cf.proto' maybe chmod 0644 'postfix/master.cf' @@ -1015,6 +1016,8 @@ maybe chmod 0644 'postfix/postfix-files.d/mysql.files' maybe chmod 0644 'postfix/postfix-files.d/pcre.files' maybe chmod 0644 'postfix/postfix-files.d/sqlite.files' maybe chmod 0755 'postfix/postfix-script' +maybe chmod 0644 'postfix/postscreen_access.cidr' +maybe chmod 0644 'postfix/postscreen_dnsbl_reply' maybe chmod 0755 'postfix/sasl' maybe chmod 0644 'postfix/virtual' maybe chmod 0755 'ppp' diff --git a/postfix/main.cf b/postfix/main.cf index c2c8534..016c666 100644 --- a/postfix/main.cf +++ b/postfix/main.cf @@ -15,7 +15,7 @@ append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h -readme_directory = no +#readme_directory = no # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on # fresh installs. @@ -40,11 +40,28 @@ alias_database = hash:/etc/postfix/aliases myorigin = /etc/mailname mydestination = $myhostname, dev-mail-fbrehm.pixelpark.com, localhost.pixelpark.com, , localhost relayhost = -mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 -mailbox_command = procmail -a "$EXTENSION" -mailbox_size_limit = 0 +mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, 217.66.51.28 +# mailbox_command = procmail -a "$EXTENSION" +mailbox_size_limit = 524288000 recipient_delimiter = + inet_interfaces = all inet_protocols = all body_checks = pcre:/etc/postfix/body_checks.pcre disable_vrfy_command = yes +dovecot_destination_recipient_limit = 1 +enable_long_queue_ids = yes +enable_original_recipient = yes +header_checks = pcre:/etc/postfix/header_checks +lmtp_tls_mandatory_protocols = >=TLSv1 +lmtp_tls_protocols = >=TLSv1 +message_size_limit = 52428800 +mlmmj_destination_recipient_limit = 1 +mydomain = pixelpark.com +postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr +postscreen_blacklist_action = enforce +postscreen_dnsbl_action = enforc +postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply +postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3 b.barracudacentral.org=127.0.0.2*2 +postscreen_dnsbl_threshold = 2 +postscreen_greet_action = enforce +postscreen_dnsbl_whitelist_threshold = -2 -- 2.39.5