|
@ -11,6 +11,7 @@ address_verify_map = btree:$data_directory/verify_cache |
|
|
address_verify_negative_cache = yes |
|
|
address_verify_negative_cache = yes |
|
|
address_verify_negative_expire_time = 3d |
|
|
address_verify_negative_expire_time = 3d |
|
|
address_verify_negative_refresh_time = 3h |
|
|
address_verify_negative_refresh_time = 3h |
|
|
|
|
|
address_verify_pending_request_limit = 5000 |
|
|
address_verify_poll_count = ${stress?{1}:{3}} |
|
|
address_verify_poll_count = ${stress?{1}:{3}} |
|
|
address_verify_poll_delay = 3s |
|
|
address_verify_poll_delay = 3s |
|
|
address_verify_positive_expire_time = 31d |
|
|
address_verify_positive_expire_time = 31d |
|
@ -92,6 +93,7 @@ default_recipient_limit = 20000 |
|
|
default_recipient_refill_delay = 5s |
|
|
default_recipient_refill_delay = 5s |
|
|
default_recipient_refill_limit = 100 |
|
|
default_recipient_refill_limit = 100 |
|
|
default_transport = smtp |
|
|
default_transport = smtp |
|
|
|
|
|
default_transport_rate_delay = 0s |
|
|
default_verp_delimiters = += |
|
|
default_verp_delimiters = += |
|
|
defer_code = 450 |
|
|
defer_code = 450 |
|
|
defer_service_name = defer |
|
|
defer_service_name = defer |
|
@ -108,6 +110,7 @@ disable_mime_input_processing = no |
|
|
disable_mime_output_conversion = no |
|
|
disable_mime_output_conversion = no |
|
|
disable_verp_bounces = no |
|
|
disable_verp_bounces = no |
|
|
disable_vrfy_command = no |
|
|
disable_vrfy_command = no |
|
|
|
|
|
dns_ncache_ttl_fix_enable = no |
|
|
dnsblog_reply_delay = 0s |
|
|
dnsblog_reply_delay = 0s |
|
|
dnsblog_service_name = dnsblog |
|
|
dnsblog_service_name = dnsblog |
|
|
dont_remove = 0 |
|
|
dont_remove = 0 |
|
@ -135,6 +138,7 @@ error_recipient_limit = $default_recipient_limit |
|
|
error_recipient_refill_delay = $default_recipient_refill_delay |
|
|
error_recipient_refill_delay = $default_recipient_refill_delay |
|
|
error_recipient_refill_limit = $default_recipient_refill_limit |
|
|
error_recipient_refill_limit = $default_recipient_refill_limit |
|
|
error_service_name = error |
|
|
error_service_name = error |
|
|
|
|
|
error_transport_rate_delay = $default_transport_rate_delay |
|
|
execution_directory_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ |
|
|
execution_directory_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ |
|
|
expand_owner_alias = no |
|
|
expand_owner_alias = no |
|
|
export_environment = TZ MAIL_CONFIG LANG |
|
|
export_environment = TZ MAIL_CONFIG LANG |
|
@ -205,6 +209,7 @@ lmtp_dns_resolver_options = |
|
|
lmtp_dns_support_level = |
|
|
lmtp_dns_support_level = |
|
|
lmtp_enforce_tls = no |
|
|
lmtp_enforce_tls = no |
|
|
lmtp_extra_recipient_limit = $default_extra_recipient_limit |
|
|
lmtp_extra_recipient_limit = $default_extra_recipient_limit |
|
|
|
|
|
lmtp_fallback_relay = |
|
|
lmtp_generic_maps = |
|
|
lmtp_generic_maps = |
|
|
lmtp_header_checks = |
|
|
lmtp_header_checks = |
|
|
lmtp_host_lookup = dns |
|
|
lmtp_host_lookup = dns |
|
@ -281,6 +286,7 @@ lmtp_tls_session_cache_timeout = 3600s |
|
|
lmtp_tls_trust_anchor_file = |
|
|
lmtp_tls_trust_anchor_file = |
|
|
lmtp_tls_verify_cert_match = hostname |
|
|
lmtp_tls_verify_cert_match = hostname |
|
|
lmtp_tls_wrappermode = no |
|
|
lmtp_tls_wrappermode = no |
|
|
|
|
|
lmtp_transport_rate_delay = $default_transport_rate_delay |
|
|
lmtp_use_tls = no |
|
|
lmtp_use_tls = no |
|
|
lmtp_xforward_timeout = 300s |
|
|
lmtp_xforward_timeout = 300s |
|
|
local_command_shell = |
|
|
local_command_shell = |
|
@ -303,11 +309,12 @@ local_recipient_maps = proxy:unix:passwd.byname $alias_maps |
|
|
local_recipient_refill_delay = $default_recipient_refill_delay |
|
|
local_recipient_refill_delay = $default_recipient_refill_delay |
|
|
local_recipient_refill_limit = $default_recipient_refill_limit |
|
|
local_recipient_refill_limit = $default_recipient_refill_limit |
|
|
local_transport = local:$myhostname |
|
|
local_transport = local:$myhostname |
|
|
|
|
|
local_transport_rate_delay = $default_transport_rate_delay |
|
|
luser_relay = |
|
|
luser_relay = |
|
|
mail_name = Postfix |
|
|
mail_name = Postfix |
|
|
mail_owner = postfix |
|
|
mail_owner = postfix |
|
|
mail_release_date = 20151010 |
|
|
|
|
|
mail_version = 3.0.3 |
|
|
|
|
|
|
|
|
mail_release_date = 20160224 |
|
|
|
|
|
mail_version = 3.1.0 |
|
|
mailbox_command = |
|
|
mailbox_command = |
|
|
mailbox_command_maps = |
|
|
mailbox_command_maps = |
|
|
mailbox_delivery_lock = fcntl, dotlock |
|
|
mailbox_delivery_lock = fcntl, dotlock |
|
@ -339,6 +346,7 @@ milter_end_of_header_macros = i |
|
|
milter_header_checks = |
|
|
milter_header_checks = |
|
|
milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} |
|
|
milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} |
|
|
milter_macro_daemon_name = $myhostname |
|
|
milter_macro_daemon_name = $myhostname |
|
|
|
|
|
milter_macro_defaults = |
|
|
milter_macro_v = $mail_name $mail_version |
|
|
milter_macro_v = $mail_name $mail_version |
|
|
milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} |
|
|
milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} |
|
|
milter_protocol = 6 |
|
|
milter_protocol = 6 |
|
@ -360,6 +368,7 @@ nested_header_checks = $header_checks |
|
|
non_fqdn_reject_code = 504 |
|
|
non_fqdn_reject_code = 504 |
|
|
non_smtpd_milters = |
|
|
non_smtpd_milters = |
|
|
notify_classes = resource, software |
|
|
notify_classes = resource, software |
|
|
|
|
|
openssl_path = openssl |
|
|
owner_request_special = yes |
|
|
owner_request_special = yes |
|
|
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps |
|
|
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps |
|
|
permit_mx_backup_networks = |
|
|
permit_mx_backup_networks = |
|
@ -385,11 +394,12 @@ postscreen_disable_vrfy_command = $disable_vrfy_command |
|
|
postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps |
|
|
postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps |
|
|
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords |
|
|
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords |
|
|
postscreen_dnsbl_action = ignore |
|
|
postscreen_dnsbl_action = ignore |
|
|
|
|
|
postscreen_dnsbl_max_ttl = ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h |
|
|
|
|
|
postscreen_dnsbl_min_ttl = 60s |
|
|
postscreen_dnsbl_reply_map = |
|
|
postscreen_dnsbl_reply_map = |
|
|
postscreen_dnsbl_sites = |
|
|
postscreen_dnsbl_sites = |
|
|
postscreen_dnsbl_threshold = 1 |
|
|
postscreen_dnsbl_threshold = 1 |
|
|
postscreen_dnsbl_timeout = 10s |
|
|
postscreen_dnsbl_timeout = 10s |
|
|
postscreen_dnsbl_ttl = 1h |
|
|
|
|
|
postscreen_dnsbl_whitelist_threshold = 0 |
|
|
postscreen_dnsbl_whitelist_threshold = 0 |
|
|
postscreen_enforce_tls = $smtpd_enforce_tls |
|
|
postscreen_enforce_tls = $smtpd_enforce_tls |
|
|
postscreen_expansion_filter = $smtpd_expansion_filter |
|
|
postscreen_expansion_filter = $smtpd_expansion_filter |
|
@ -415,7 +425,6 @@ postscreen_use_tls = $smtpd_use_tls |
|
|
postscreen_watchdog_timeout = 10s |
|
|
postscreen_watchdog_timeout = 10s |
|
|
postscreen_whitelist_interfaces = static:all |
|
|
postscreen_whitelist_interfaces = static:all |
|
|
prepend_delivered_header = command, file, forward |
|
|
prepend_delivered_header = command, file, forward |
|
|
process_id = 13574 |
|
|
|
|
|
process_id_directory = pid |
|
|
process_id_directory = pid |
|
|
process_name = postconf |
|
|
process_name = postconf |
|
|
propagate_unmatched_extensions = canonical, virtual |
|
|
propagate_unmatched_extensions = canonical, virtual |
|
@ -467,6 +476,7 @@ relay_recipient_maps = |
|
|
relay_recipient_refill_delay = $default_recipient_refill_delay |
|
|
relay_recipient_refill_delay = $default_recipient_refill_delay |
|
|
relay_recipient_refill_limit = $default_recipient_refill_limit |
|
|
relay_recipient_refill_limit = $default_recipient_refill_limit |
|
|
relay_transport = relay |
|
|
relay_transport = relay |
|
|
|
|
|
relay_transport_rate_delay = $default_transport_rate_delay |
|
|
relayhost = |
|
|
relayhost = |
|
|
relocated_maps = |
|
|
relocated_maps = |
|
|
remote_header_rewrite_domain = |
|
|
remote_header_rewrite_domain = |
|
@ -490,6 +500,7 @@ retry_minimum_delivery_slots = $default_minimum_delivery_slots |
|
|
retry_recipient_limit = $default_recipient_limit |
|
|
retry_recipient_limit = $default_recipient_limit |
|
|
retry_recipient_refill_delay = $default_recipient_refill_delay |
|
|
retry_recipient_refill_delay = $default_recipient_refill_delay |
|
|
retry_recipient_refill_limit = $default_recipient_refill_limit |
|
|
retry_recipient_refill_limit = $default_recipient_refill_limit |
|
|
|
|
|
retry_transport_rate_delay = $default_transport_rate_delay |
|
|
rewrite_service_name = rewrite |
|
|
rewrite_service_name = rewrite |
|
|
send_cyrus_sasl_authzid = no |
|
|
send_cyrus_sasl_authzid = no |
|
|
sender_bcc_maps = |
|
|
sender_bcc_maps = |
|
@ -587,6 +598,7 @@ smtp_tls_CApath = |
|
|
smtp_tls_block_early_mail_reply = no |
|
|
smtp_tls_block_early_mail_reply = no |
|
|
smtp_tls_cert_file = |
|
|
smtp_tls_cert_file = |
|
|
smtp_tls_ciphers = medium |
|
|
smtp_tls_ciphers = medium |
|
|
|
|
|
smtp_tls_dane_insecure_mx_policy = dane |
|
|
smtp_tls_dcert_file = |
|
|
smtp_tls_dcert_file = |
|
|
smtp_tls_dkey_file = $smtp_tls_dcert_file |
|
|
smtp_tls_dkey_file = $smtp_tls_dcert_file |
|
|
smtp_tls_eccert_file = |
|
|
smtp_tls_eccert_file = |
|
@ -613,12 +625,14 @@ smtp_tls_session_cache_timeout = 3600s |
|
|
smtp_tls_trust_anchor_file = |
|
|
smtp_tls_trust_anchor_file = |
|
|
smtp_tls_verify_cert_match = hostname |
|
|
smtp_tls_verify_cert_match = hostname |
|
|
smtp_tls_wrappermode = no |
|
|
smtp_tls_wrappermode = no |
|
|
|
|
|
smtp_transport_rate_delay = $default_transport_rate_delay |
|
|
smtp_use_tls = no |
|
|
smtp_use_tls = no |
|
|
smtp_xforward_timeout = 300s |
|
|
smtp_xforward_timeout = 300s |
|
|
smtpd_authorized_verp_clients = $authorized_verp_clients |
|
|
smtpd_authorized_verp_clients = $authorized_verp_clients |
|
|
smtpd_authorized_xclient_hosts = |
|
|
smtpd_authorized_xclient_hosts = |
|
|
smtpd_authorized_xforward_hosts = |
|
|
smtpd_authorized_xforward_hosts = |
|
|
smtpd_banner = $myhostname ESMTP $mail_name |
|
|
smtpd_banner = $myhostname ESMTP $mail_name |
|
|
|
|
|
smtpd_client_auth_rate_limit = 0 |
|
|
smtpd_client_connection_count_limit = 50 |
|
|
smtpd_client_connection_count_limit = 50 |
|
|
smtpd_client_connection_rate_limit = 0 |
|
|
smtpd_client_connection_rate_limit = 0 |
|
|
smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks} |
|
|
smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks} |
|
@ -654,6 +668,7 @@ smtpd_per_record_deadline = ${stress?{yes}:{no}} |
|
|
smtpd_policy_service_default_action = 451 4.3.5 Server configuration problem |
|
|
smtpd_policy_service_default_action = 451 4.3.5 Server configuration problem |
|
|
smtpd_policy_service_max_idle = 300s |
|
|
smtpd_policy_service_max_idle = 300s |
|
|
smtpd_policy_service_max_ttl = 1000s |
|
|
smtpd_policy_service_max_ttl = 1000s |
|
|
|
|
|
smtpd_policy_service_policy_context = |
|
|
smtpd_policy_service_request_limit = 0 |
|
|
smtpd_policy_service_request_limit = 0 |
|
|
smtpd_policy_service_retry_delay = 1s |
|
|
smtpd_policy_service_retry_delay = 1s |
|
|
smtpd_policy_service_timeout = 100s |
|
|
smtpd_policy_service_timeout = 100s |
|
@ -741,11 +756,11 @@ tls_dane_trust_anchor_digest_enable = yes |
|
|
tls_disable_workarounds = |
|
|
tls_disable_workarounds = |
|
|
tls_eecdh_strong_curve = prime256v1 |
|
|
tls_eecdh_strong_curve = prime256v1 |
|
|
tls_eecdh_ultra_curve = secp384r1 |
|
|
tls_eecdh_ultra_curve = secp384r1 |
|
|
tls_export_cipherlist = aNULL:-aNULL:ALL:+RC4:@STRENGTH |
|
|
|
|
|
tls_high_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH |
|
|
|
|
|
|
|
|
tls_export_cipherlist = aNULL:-aNULL:HIGH:MEDIUM:LOW:EXPORT:+RC4:@STRENGTH |
|
|
|
|
|
tls_high_cipherlist = aNULL:-aNULL:HIGH:@STRENGTH |
|
|
tls_legacy_public_key_fingerprints = no |
|
|
tls_legacy_public_key_fingerprints = no |
|
|
tls_low_cipherlist = aNULL:-aNULL:ALL:!EXPORT:+RC4:@STRENGTH |
|
|
|
|
|
tls_medium_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH |
|
|
|
|
|
|
|
|
tls_low_cipherlist = aNULL:-aNULL:HIGH:MEDIUM:LOW:+RC4:@STRENGTH |
|
|
|
|
|
tls_medium_cipherlist = aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH |
|
|
tls_null_cipherlist = eNULL:!aNULL |
|
|
tls_null_cipherlist = eNULL:!aNULL |
|
|
tls_preempt_cipherlist = no |
|
|
tls_preempt_cipherlist = no |
|
|
tls_random_bytes = 32 |
|
|
tls_random_bytes = 32 |
|
@ -837,4 +852,5 @@ virtual_recipient_limit = $default_recipient_limit |
|
|
virtual_recipient_refill_delay = $default_recipient_refill_delay |
|
|
virtual_recipient_refill_delay = $default_recipient_refill_delay |
|
|
virtual_recipient_refill_limit = $default_recipient_refill_limit |
|
|
virtual_recipient_refill_limit = $default_recipient_refill_limit |
|
|
virtual_transport = virtual |
|
|
virtual_transport = virtual |
|
|
|
|
|
virtual_transport_rate_delay = $default_transport_rate_delay |
|
|
virtual_uid_maps = |
|
|
virtual_uid_maps = |