[postfix-users] Hilfe bei Einstellung von Postfix
Matthias Schmidt
beta at admilon.net
Mo Dez 31 06:15:08 CET 2012
Alex,
ich versuch's mal mit meinen OSX-Server Einstellungen, die Du u.U. anpassen wirst müssen ;-)
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
permit_tls_clientcerts
check_sender_access hash:/etc/postfix/whitelist
check_sender_access regexp:/etc/postfix/tag_as_originating.re
check_sender_access regexp:/etc/postfix/tag_as_foreign.re
reject_non_fqdn_hostname
reject_unknown_reverse_client_hostname
reject_unauth_destination
reject_rbl_client cbl.abuseat.org
reject_rbl_client zen.spamhaus.org
smtpd_helo_restrictions =
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
smtpd_sender_restrictions =
smtpd_client_restrictions =
(das wurde mir geraten alles unter smtpd_recipient_restrictions reinzupacken, was auch gut funzt)
smtpd_data_restrictions =
reject_unauth_pipelining
Dir auch einen guten Rutsch
Matthias
Am 31.12.2012 um 01:03 schrieb Alexander Elsner:
> Hallo,
> ich benötige etwas Hilfe bei der Einstellung von Postfix main.cf
>
> Ins besonders unsicher bin ich bei den Einstellungen für:
> smtpd_recipient_restrictions =
> smtpd_helo_restrictions =
> smtpd_sender_restrictions =
> smtpd_client_restrictions =
> smtpd_data_restrictions =
>
> Besten Dank für die Hilfe & guten Rutsch
> Alex
>
>
> Meine aktuelle Config:
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> biff = no
> append_dot_mydomain = no
> readme_directory = no
>
> masquerade_exceptions = root
> masquerade_classes = envelope_sender, header_sender, header_recipient
> masquerade_domains = no
> maximal_queue_lifetime = 2d
> bounce_queue_lifetime = 1d
> minimal_backoff_time = 1000s
> queue_run_delay = 1000s
>
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_local_domain = $myhostname
> broken_sasl_auth_clients = yes
> smtpd_tls_security_level = may
>
>
>
> strict_rfc821_envelopes = yes
> disable_vrfy_command = yes
>
> smtpd_delay_reject = no
> smtpd_client_message_rate_limit = 50
> smtpd_client_connection_count_limit = 20
> smtpd_client_connection_rate_limit = 60
> smtpd_client_new_tls_session_rate_limit = 60
>
> smtpd_error_sleep_time = 10s
> smtpd_soft_error_limit = 10
> smtpd_hard_error_limit = 20
> smtpd_helo_required = yes
> address_verify_map = btree:$data_directory/verify_cache
> unverified_recipient_reject_reason = Address lookup failed
> unverified_sender_reject_reason = Address verification failed
> address_verify_map = btree:/var/lib/postfix/verify
> address_verify_map = btree:$data_directory/verify_cache
>
> smtpd_recipient_restrictions =
> reject_non_fqdn_sender,
> reject_unknown_recipient_domain,
> permit_mynetworks,
> permit_sasl_authenticated,
> reject_unauth_destination,
>
> reject_unknown_sender_domain,
> reject_unlisted_recipient,
> reject_unknown_reverse_client_hostname,
> reject_non_fqdn_recipient,
> reject_invalid_helo_hostname,
> reject_non_fqdn_helo_hostname,
> reject_sender_login_mismatch,
> reject_rbl_client sbl-xbl.spamhaus.org,
>
>
> #warn_if_reject reject_unlisted_sender,
> #warn_if_reject reject_unknown_reverse_client_hostname,
>
> permit
>
> smtpd_helo_restrictions =
> reject_invalid_hostname
>
>
> smtpd_sender_restrictions =
> reject_unknown_sender_domain
>
> smtpd_client_restrictions =
>
> smtpd_data_restrictions =
> permit_sasl_authenticated,
> reject_unauth_pipelining,
> check_client_access regexp:/etc/postfix/add_auth_header.regexp
>
>
> smtpd_use_tls = yes
> smtpd_tls_auth_only = no
> smtpd_tls_CAfile = /etc/apache2/ssl.crt/ca-admin.crt
> smtpd_tls_key_file= /etc/apache2/ssl.key/admin.key
> smtpd_tls_cert_file= /etc/apache2/ssl.crt/admin.crt
> smtpd_tls_loglevel = 0
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> tls_random_source = dev:/dev/urandom
>
> relayhost =
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
> mydestination = $myhostname, localhost.$mydomain, localhost
>
>
>
>
> _______________________________________________
> postfix-users mailing list
> postfix-users at de.postfix.org
> http://de.postfix.org/cgi-bin/mailman/listinfo/postfix-users
Mehr Informationen über die Mailingliste postfix-users