# Global Postfix configuration file. This file lists only a subset
# of all parameters. For the syntax, and for a complete parameter
# list, see the postconf(5) manual page (command: "man 5 postconf").
#
# For common configuration examples, see BASIC_CONFIGURATION_README
# and STANDARD_CONFIGURATION_README. To find these documents, use
# the command "postconf html_directory readme_directory", or go to
# [url]http://www.postfix.org/[/url].
#
# For best results, change no more than 2-3 parameters at a time,
# and test if Postfix still works after every change.
#soft_bounce = no
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
myhostname = b.mx.[redacted].org
mydomain = [redacted].org
mydestination = $myhostname
#mydestination = b.mx.[redacted].org, 127.0.0.1
myorigin = b.mx.[redacted].org
inet_interfaces = all
disable_vrfy_command = yes
mynetworks_style = 172.16.10.0/24, 172.16.1.0/24, 192.168.10.0/24, 127.0.0.0/8
mynetworks = 172.16.10.0/24, 172.16.1.0/24, 192.168.10.0/24, 127.0.0.0/8
relay_domains = 172.16.10.0/24, 172.16.1.0/24, 192.168.10.0/24, hash:/usr/local/etc/postfix/transport.map
#relayhost = [mailserver.isp.tld]
#relayhost = uucphost
#relayhost = [an.ip.add.ress]
#relay_recipient_maps = hash:/usr/local/etc/postfix/relay_recipients
#in_flow_delay = 1s
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/usr/local/etc/postfix/helo_host.map, reject_unknown_hostname, reject_non_fqdn_hostname, reject_invalid_hostname, reject_unknown_client
smtpd_recipient_restrictions =
permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_non_fqdn_hostname,
reject_unknown_recipient_domain,
reject_unknown_sender_domain,
reject_unauth_destination,
check_client_access hash:/usr/local/etc/postfix/mta_clients_bw.map,
pcre:/usr/local/etc/postfix/to_recipients_bw.regexp,
check_helo_access regexp:/usr/local/etc/postfix/helo_hostnames.regexp,
check_sender_access regexp:/usr/local/etc/postfix/from_senders.regexp,
check_sender_access hash:/usr/local/etc/postfix/from_senders_bw.map,
check_helo_access hash:/usr/local/etc/postfix/helo_hostnames.map,
check_sender_access hash:/usr/local/etc/postfix/from_senders_slet.map,
check_sender_access hash:/usr/local/etc/postfix/from_senders_bogus.map,
check_sender_access hash:/usr/local/etc/postfix/from_senders_mybogus.map,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client korea.services.net,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client pbl.spamhaus.org
warn_if_reject check_helo_access pcre:/usr/local/etc/postfix/helo_world.regexp,
permit
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
header_checks = pcre:/usr/local/etc/postfix/header_checks.regexp
body_checks = pcre:/usr/local/etc/postfix/body_checks.regexp
strict_rfc821_envelopes = yes
#local_recipient_maps = $virtual_mailbox_maps unix:passwd.byname
#smtpd_recipient_restrictions = permit_mynetworks,permit
#smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,check_recipient_access mysql:/usr/local/etc/postfix/mysql-recipient.cf,reject_unauth_destination,permit
#Smtpd_sender_restrictions = check_sender_access mysql:/usr/local/etc/postfix/mysql-sender.cf
#smtpd_client_restrictions = check_client_access mysql:/usr/local/etc/postfix/mysql-client.cf
alias_maps = mysql:/usr/local/etc/postfix/mysql-aliases.cf
#relocated_maps = mysql:/usr/local/etc/postfix/mysql-relocated.cf
#for redirection
#transport_maps = mysql:/usr/local/etc/postfix/mysql-transport.cf
maildrop_destination_recipient_limit = 1
#virtual_transport = maildrop
#Domain storage
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql-virtual-domains.cf
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql-alias-maps.cf
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql-virtual-maps.cf
virtual_mailbox_base = /home/mail
#virtual_minimum_uid = 100
virtual_minimum_uid = 80
virtual_uid_maps = static:88
virtual_gid_maps = static:465
#virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql-alias-maps.cf
#virtual_transport = maildrop
#virtual_mailbox_domains = unixnet.us
#virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox
content_filter=smtp-amavis:[127.0.0.1]:10024
#virtual_mailbox_base = /home/mail
#Email storage
#virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql-virtual-maps.cf
#virtual_minimum_uid = 100
#virtual_uid_maps = static:1003
#virtual_gid_maps = static:1003
#Relayed domains
#relay_domains = mysql:/usr/local/etc/postfix/mysql-relay-domains.cf
# If you want to use TLS add three lines below
smtpd_use_tls = yes
smtpd_tls_cert_file = /usr/local/etc/postfix/postfix.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
unknown_local_recipient_reject_code = 550
# OPTIONAL PART
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_etrn_restrictions = reject
#Send user unknown for non-existent records.
show_user_unknown_table_name = no
mail_spool_directory = /var/mail
smtpd_banner = b.mx.[redacted].org - ESMTP - Attn: UCE trespassers will be pursued.
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no
queue_minfree = 20480000
smtp_always_send_ehlo = yes
biff = no
#maximal_queue_lifetime = 10s
delay_warning_time = 1
smtpd_hard_error_limit = 2
strict_rfc821_envelopes = yes
strict_7bit_headers = no
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
delay_warning_time = 1
bounce_size_limit = 5000
header_size_limit = 256
message_size_limit = 20480000
smtpd_junk_command_limit = 2
ignore_mx_lookup_error = yes
queue_minfree = 20480000
smtpd_timeout = 20s
smtp_connect_timeout = 60s
smtp_data_done_timeout = 60s
smtp_data_init_timeout = 60s
smtp_data_xfer_timeout = 60s
smtp_helo_timeout = 60s
smtp_mail_timeout = 60s
smtp_quit_timeout = 60s
smtp_rcpt_timeout = 60s
smtp_rset_timeout = 60s
2bounce_notice_recipient = [email][redacted]@[redacted].org[/email]