Skip to main content

Raymii.org Logo (IEC resistor symbol) logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

Postfix snippets - not finished

Published: 09-07-2012 | Author: Remy van Elst | Text only version of this article


Table of Contents

  • Dovecot

  • If you like this article, consider sponsoring me by trying out a Digital Ocean VPS. With this link you'll get $100 credit for 60 days). (referral link)

    /etc/postfix/master.cf
    smtp inet n - - - - smtpd 
      -o smtpd_tls_security_level=encrypt 
      -o smtpd_sasl_auth_enable=yes 
      -o smtpd_sasl_type=dovecot 
      -o smtpd_sasl_path=private/auth 
      -o smtpd_sasl_security_options=noanonymous 
      -o smtpd_sasl_local_domain=$myhostname 
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination 
    #  -o smtpd_sender_restrictions=reject_sender_login_mismatch
      -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject_unauth_destination
    
      submission inet n - - - - smtpd
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_sasl_type=dovecot
      -o smtpd_sasl_path=private/auth
      -o smtpd_sasl_security_options=noanonymous
      -o smtpd_sasl_local_domain=$myhostname
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
    #  -o smtpd_sender_restrictions=reject_sender_login_mismatch
      -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject_unauth_destination
    
    /etc/postfix/main.cf
    smtpd_banner = SMTP
    biff = no
    append_dot_mydomain = no
    readme_directory = no
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    smtpd_tls_cert_file=/etc/ssl/certs/postfix-public.pem
    smtpd_tls_key_file=/etc/ssl/private/postfix-private.key
    smtpd_use_tls=yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_loglevel = 3
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    smtpd_tls_auth_only = yes
    myhostname = vps7.sparklingclouds.nl
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = sparklingclouds.nl, vps7.sparklingclouds.nl, localhost.sparklingclouds.nl, localhost
    relayhost =
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4
    home_mailbox = Maildir/
    mailbox_command =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    #smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
    

    Dovecot

    /etc/dovecot/dovecot.conf
    protocols = imaps
    disable_plaintext_auth = yes
    log_timestamp = "%Y-%m-%d %H:%M:%S "
    ssl = required
    login_greeting = MAPI.
    mail_location = maildir:~/Maildir
    mail_privileged_group = mail
    mmap_disable = yes
    protocol imap {
    }
    protocol managesieve {
    }
    auth default {
      mechanisms = plain
      passdb pam {
      }
      userdb passwd {
      }
      user = root
    socket listen {
            client {
              path = /var/spool/postfix/private/auth
              mode = 0660
              user = postfix
              group = postfix
            }
    }
    }
    dict {
    }
    plugin {
    }
    
    Tags: dovecot , imap , imaps , mail , postfix , sasl , smtp , smtps , snippets