[[postfix:optimized-configuration]]
Trace: optimized-configuration
Show page
AdminRecent ChangesSitemap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
postfix:optimized-configuration [2010/01/26 08:52]
greebo 		postfix:optimized-configuration [2013/09/12 15:40] (current)
zagi
Line 1: Line 1:
 **main.cf** **main.cf**
 <code> <code>
-#soft_bounce = yes+#soft_bounce = yes
 smtpd_banner = $myhostname ESMTP (NO UCE)(NO UBE) http://www.rfc.net/rfc2821.html smtpd_banner = $myhostname ESMTP (NO UCE)(NO UBE) http://www.rfc.net/rfc2821.html
 biff = no biff = no
Line 9: Line 9:
  
 # Uncomment the next line to generate "delayed mail" warnings # Uncomment the next line to generate "delayed mail" warnings
-#delay_warning_time = 3h+#delay_warning_time = 3h
  
 readme_directory = no readme_directory = no
Line 46: Line 46:
 <code> <code>
 # TLS parameters # TLS parameters
-tls_random_source dev:/dev/urandom +smtp_tls_security_level=may 
-smtpd_tls_cert_file=/etc/ssl/certs/server.crt +#obsoletes smtp_use_tls smtp_enforce_tls  smtp_tls_enforce_peername 
-smtpd_tls_key_file=/etc/ssl/private/server.key+smtp_tls_note_starttls_offer=yes 
 + 
 +smtp_tls_CApath = /etc/ssl/certs 
 + 
 +smtpd_tls_security_level=may 
 +#obsoletes  smtpd_use_tls smtpd_enforce_tls 
 + 
 +smtp_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem 
 +smtp_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key 
 + 
 +smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem 
 +smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key 
 + 
 +# debuging tls 
 +smtp_tls_loglevel = 0 
 +smtpd_tls_loglevel = 0 
 + 
 +smtpd_tls_auth_only=yes 
 +smtpd_tls_received_header=yes 
 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
  
-###smtp_tls_policy_maps hash:/etc/postfix/tls_policy +tls_random_source dev:/dev/urandom
-smtp_tls_security_level = may +
-smtpd_tls_security_level = may+
  
 +###smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
 ###smtpd_tls_ask_ccert = yes ###smtpd_tls_ask_ccert = yes
 ###smtp_tls_verify_cert_match = hostname, nexthop, dot-nexthop ###smtp_tls_verify_cert_match = hostname, nexthop, dot-nexthop
- 
-# debuging tls 
-# smtpd_tls_loglevel = 3 
- 
-#obsolete#smtpd_use_tls=yes 
  
 smtp_tls_note_starttls_offer = yes smtp_tls_note_starttls_offer = yes
Line 74: Line 87:
 smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_exceptions_networks = $mynetworks
  
-smtpd_tls_auth_only = yes 
-smtpd_tls_received_header = yes 
  
  smtpd_sasl_authenticated_header = no  smtpd_sasl_authenticated_header = no
Line 177: Line 188:
 address_verify_sender = postar address_verify_sender = postar
 address_verify_map = btree:$(data_directory)/verify address_verify_map = btree:$(data_directory)/verify
 +
  
 home_mailbox = Maildir/ home_mailbox = Maildir/
Line 259: Line 271:
  
 **/etc/postfix/bogon_networks** **/etc/postfix/bogon_networks**
-  0.0.0.0/8       REJECT IP address of MX host is a bogus address +<code> 
-  1.0.0.0/      REJECT IP address of MX host is a bogus address +# http://www.cymru.com/Documents/bogon-bn-agg.txt 
-  2.0.0.0/      REJECT IP address of MX host is a bogus address +0.0.0.0/      REJECT IP address of MX host is a bogus address 
-  5.0.0.0/      REJECT IP address of MX host is a bogus address +5.0.0.0/      REJECT IP address of MX host is a bogus address 
-  10.0.0.0/     REJECT IP address of MX host is a bogus address +10.0.0.0/     REJECT IP address of MX host is a bogus address 
-  14.0.0.0/     REJECT IP address of MX host is a bogus address +14.0.0.0/     REJECT IP address of MX host is a bogus address 
-  23.0.0.0/     REJECT IP address of MX host is a bogus address +23.0.0.0/     REJECT IP address of MX host is a bogus address 
-  27.0.0.0/     REJECT IP address of MX host is a bogus address +31.0.0.0/     REJECT IP address of MX host is a bogus address 
-  31.0.0.0/     REJECT IP address of MX host is a bogus address +36.0.0.0/     REJECT IP address of MX host is a bogus address 
-  36.0.0.0/     REJECT IP address of MX host is a bogus address +39.0.0.0/     REJECT IP address of MX host is a bogus address 
-  37.0.0.0/     REJECT IP address of MX host is a bogus address +42.0.0.0/     REJECT IP address of MX host is a bogus address 
-  39.0.0.0/     REJECT IP address of MX host is a bogus address +49.0.0.0/     REJECT IP address of MX host is a bogus address 
-  42.0.0.0/     REJECT IP address of MX host is a bogus address +100.0.0.0/    REJECT IP address of MX host is a bogus address 
-  46.0.0.0/     REJECT IP address of MX host is a bogus address +104.0.0.0/    REJECT IP address of MX host is a bogus address 
-  49.0.0.0/     REJECT IP address of MX host is a bogus address +106.0.0.0/    REJECT IP address of MX host is a bogus address 
-  50.0.0.0/     REJECT IP address of MX host is a bogus address +127.0.0.0/    REJECT IP address of MX host is a bogus address 
-  100.0.0.0/    REJECT IP address of MX host is a bogus address +169.254.0.0/16  REJECT IP address of MX host is a bogus address 
-  101.0.0.0/    REJECT IP address of MX host is a bogus address +172.16.0.0/12   REJECT IP address of MX host is a bogus address 
-  102.0.0.0/    REJECT IP address of MX host is a bogus address +176.0.0.0/    REJECT IP address of MX host is a bogus address 
-  103.0.0.0/    REJECT IP address of MX host is a bogus address +179.0.0.0/    REJECT IP address of MX host is a bogus address 
-  104.0.0.0/    REJECT IP address of MX host is a bogus address +181.0.0.0/    REJECT IP address of MX host is a bogus address 
-  105.0.0.0/    REJECT IP address of MX host is a bogus address +185.0.0.0/    REJECT IP address of MX host is a bogus address 
-  106.0.0.0/    REJECT IP address of MX host is a bogus address +192.0.2.0/24    REJECT IP address of MX host is a bogus address 
-  107.0.0.0/    REJECT IP address of MX host is a bogus address +192.168.0.0/16  REJECT IP address of MX host is a bogus address 
-  108.0.0.0/    REJECT IP address of MX host is a bogus address +198.18.0.0/15   REJECT IP address of MX host is a bogus address 
-  109.0.0.0/    REJECT IP address of MX host is a bogus address +198.51.100.0/24 REJECT IP address of MX host is a bogus address 
-  110.0.0.0/    REJECT IP address of MX host is a bogus address +203.0.113.0/24  REJECT IP address of MX host is a bogus address 
-  111.0.0.0/    REJECT IP address of MX host is a bogus address +223.0.0.0/8     REJECT IP address of MX host is a bogus address 
-  127.0.0.0/    REJECT IP address of MX host is a bogus address +224.0.0.0/    REJECT IP address of MX host is a bogus address 
-  169.254.0.0/16  REJECT IP address of MX host is a bogus address +</code>
-  172.16.0.0/12   REJECT IP address of MX host is a bogus address +
-  175.0.0.0/    REJECT IP address of MX host is a bogus address +
-  176.0.0.0/    REJECT IP address of MX host is a bogus address +
-  177.0.0.0/    REJECT IP address of MX host is a bogus address +
-  178.0.0.0/    REJECT IP address of MX host is a bogus address +
-  179.0.0.0/    REJECT IP address of MX host is a bogus address +
-  180.0.0.0/    REJECT IP address of MX host is a bogus address +
-  181.0.0.0/    REJECT IP address of MX host is a bogus address +
-  182.0.0.0/    REJECT IP address of MX host is a bogus address +
-  183.0.0.0/    REJECT IP address of MX host is a bogus address +
-  184.0.0.0/    REJECT IP address of MX host is a bogus address +
-  185.0.0.0/    REJECT IP address of MX host is a bogus address +
-  192.0.2.0/24    REJECT IP address of MX host is a bogus address +
-  192.168.0.0/16  REJECT IP address of MX host is a bogus address +
-  197.0.0.0/    REJECT IP address of MX host is a bogus address +
-  198.18.0.0/15   REJECT IP address of MX host is a bogus address +
-  223.0.0.0/8     REJECT IP address of MX host is a bogus address +
-  224.0.0.0/3     REJECT IP address of MX host is a bogus address +
-  240.0.0.0/12    REJECT IP address of MX host is a reserved address +
-  255.0.0.0/    REJECT IP address of MX host is a bogus address +
  
 **/etc/postfix/discard_ehelo_map** **/etc/postfix/discard_ehelo_map**
postfix/optimized-configuration.1264492342.txt.gz · Last modified: 2010/01/26 08:52 by greebo
Show pageOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready