|
|
|
|
@ -46,17 +46,24 @@ smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
|
|
|
|
|
# TLS client (sending)
|
|
|
|
|
smtp_tls_security_level = encrypt
|
|
|
|
|
|
|
|
|
|
# Don't talk to mail systems that don't know their own hostname.
|
|
|
|
|
smtpd_helo_restrictions = reject_unknown_helo_hostname
|
|
|
|
|
|
|
|
|
|
# Don't accept mail from domains that don't exist.
|
|
|
|
|
smtpd_sender_restrictions = reject_unknown_sender_domain
|
|
|
|
|
|
|
|
|
|
# Block clients that speak too early.
|
|
|
|
|
smtpd_data_restrictions = reject_unauth_pipelining
|
|
|
|
|
|
|
|
|
|
# security and basic spam protection
|
|
|
|
|
smtpd_recipient_restrictions =
|
|
|
|
|
reject_unauth_destination
|
|
|
|
|
reject_non_fqdn_recipient
|
|
|
|
|
reject_unknown_recipient_domain
|
|
|
|
|
permit_sasl_authenticated
|
|
|
|
|
permit_mynetworks
|
|
|
|
|
reject
|
|
|
|
|
permit_sasl_authenticated,
|
|
|
|
|
reject_unauth_destination,
|
|
|
|
|
reject_non_fqdn_recipient,
|
|
|
|
|
reject_unknown_recipient_domain,
|
|
|
|
|
reject
|
|
|
|
|
smtpd_relay_restrictions =
|
|
|
|
|
permit_mynetworks
|
|
|
|
|
permit_sasl_authenticated
|
|
|
|
|
defer_unauth_destination
|
|
|
|
|
permit_sasl_authenticated,
|
|
|
|
|
reject_unauth_destination
|
|
|
|
|
smtpd_client_restrictions =
|
|
|
|
|
permit_sasl_authenticated
|
|
|
|
|
permit_sasl_authenticated
|
