|
|
|
@ -2,6 +2,7 @@ compatibility_level=2
|
|
|
|
|
|
|
|
|
|
# basic domain settings
|
|
|
|
|
myhostname = {{ HOSTNAME }}
|
|
|
|
|
mailname = {{ HOSTNAME }}
|
|
|
|
|
mydomain = {{ MYDOMAIN }}
|
|
|
|
|
mydestination = $myhostname, localhost
|
|
|
|
|
# mynetworks = 192.168.1.0/24, 127.0.0.0/8
|
|
|
|
@ -15,7 +16,7 @@ relayhost = {{ RELAYHOST }}
|
|
|
|
|
|
|
|
|
|
# enable auth via Dovecot
|
|
|
|
|
smtpd_sasl_auth_enable = yes
|
|
|
|
|
smtpd_sasl_path = inet:{{ DOVECOT_HOST }}:2525
|
|
|
|
|
smtpd_sasl_path = inet:{{ DOVECOT_HOST }}
|
|
|
|
|
smtpd_sasl_type = dovecot
|
|
|
|
|
|
|
|
|
|
message_size_limit = 52428800
|
|
|
|
@ -39,7 +40,7 @@ smtpd_tls_auth_only = yes
|
|
|
|
|
smtpd_tls_security_level = encrypt
|
|
|
|
|
smtpd_tls_key_file = /cert/tls.key
|
|
|
|
|
smtpd_tls_cert_file = /cert/tls.crt
|
|
|
|
|
smtpd_tls_CAfile = /cert/ca.crt
|
|
|
|
|
#smtpd_tls_CAfile = /cert/ca.crt
|
|
|
|
|
|
|
|
|
|
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
|
|
|
|
|
|
|
|
|
@ -48,9 +49,12 @@ smtp_tls_security_level = encrypt
|
|
|
|
|
|
|
|
|
|
# security and basic spam protection
|
|
|
|
|
smtpd_recipient_restrictions =
|
|
|
|
|
reject_unauth_destination
|
|
|
|
|
reject_non_fqdn_recipient
|
|
|
|
|
reject_unknown_recipient_domain
|
|
|
|
|
permit_sasl_authenticated
|
|
|
|
|
permit_mynetworks
|
|
|
|
|
reject_unauth_destination
|
|
|
|
|
reject
|
|
|
|
|
smtpd_relay_restrictions =
|
|
|
|
|
permit_mynetworks
|
|
|
|
|
permit_sasl_authenticated
|
|
|
|
|