Skip to main content

Raymii.org Raymii.org Logo

Quis custodiet ipsos custodes?
Home | About | All pages | Cluster Status | RSS Feed | Gopher

Postfix snippets - not finished

Published: 09-07-2012 | Author: Remy van Elst | Text only version of this article


❗ This post is over nine years old. It may no longer be up to date. Opinions may have changed.

Table of Contents

  • Dovecot

  • I'm developing a desktop monitoring app, Leaf Node Monitoring, open source, but paid. For Windows, Linux & Android, go check it out.

    Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.

    You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $100 credit for 60 days.

    /etc/postfix/master.cf
    smtp inet n - - - - smtpd 
      -o smtpd_tls_security_level=encrypt 
      -o smtpd_sasl_auth_enable=yes 
      -o smtpd_sasl_type=dovecot 
      -o smtpd_sasl_path=private/auth 
      -o smtpd_sasl_security_options=noanonymous 
      -o smtpd_sasl_local_domain=$myhostname 
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination 
    #  -o smtpd_sender_restrictions=reject_sender_login_mismatch
      -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject_unauth_destination
    
      submission inet n - - - - smtpd
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_sasl_type=dovecot
      -o smtpd_sasl_path=private/auth
      -o smtpd_sasl_security_options=noanonymous
      -o smtpd_sasl_local_domain=$myhostname
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
    #  -o smtpd_sender_restrictions=reject_sender_login_mismatch
      -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject_unauth_destination
    
    /etc/postfix/main.cf
    smtpd_banner = SMTP
    biff = no
    append_dot_mydomain = no
    readme_directory = no
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    smtpd_tls_cert_file=/etc/ssl/certs/postfix-public.pem
    smtpd_tls_key_file=/etc/ssl/private/postfix-private.key
    smtpd_use_tls=yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_loglevel = 3
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    smtpd_tls_auth_only = yes
    myhostname = vps7.sparklingclouds.nl
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = sparklingclouds.nl, vps7.sparklingclouds.nl, localhost.sparklingclouds.nl, localhost
    relayhost =
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4
    home_mailbox = Maildir/
    mailbox_command =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    #smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
    

    Dovecot

    /etc/dovecot/dovecot.conf
    protocols = imaps
    disable_plaintext_auth = yes
    log_timestamp = "%Y-%m-%d %H:%M:%S "
    ssl = required
    login_greeting = MAPI.
    mail_location = maildir:~/Maildir
    mail_privileged_group = mail
    mmap_disable = yes
    protocol imap {
    }
    protocol managesieve {
    }
    auth default {
      mechanisms = plain
      passdb pam {
      }
      userdb passwd {
      }
      user = root
    socket listen {
            client {
              path = /var/spool/postfix/private/auth
              mode = 0660
              user = postfix
              group = postfix
            }
    }
    }
    dict {
    }
    plugin {
    }
    
    Tags: dovecot , imap , imaps , mail , postfix , sasl , smtp , smtps , snippets