Mercurial > shinyoukai > mailserver

diff postfix/main.cf @ 0:e3de72cc63b9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
I have no interest in an ordinary menu
author Shin'ya Minazuki <shinyoukai@laidback.moe>
date Mon, 10 Nov 2025 21:14:26 +0900
parents
children 007252fb6449
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/postfix/main.cf	Mon Nov 10 21:14:26 2025 +0900
@@ -0,0 +1,61 @@
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific:  Specifying a file name will cause the first
+# line of that file to be used as the name.  The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+setgid_group = maildrop
+smtpd_banner = $myhostname ESMTP $mail_name (NetBSD)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on
+# fresh installs.
+compatibility_level = 3.6
+
+
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/letsencrypt/live/example.net/fullchain.pem
+smtpd_tls_key_file=/etc/letsencrypt/live/example.net/privkey.pem
+smtpd_tls_security_level=may
+
+smtp_tls_CApath=/etc/openssl/certs
+smtp_tls_security_level=may
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+
+smtpd_sasl_auth_enable = yes
+
+smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
+smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, defer_unauth_destination
+myhostname = mail.example.net
+mydomain = example.net
+myorigin = /etc/mailname
+alias_maps = hash:/etc/mail/aliases
+alias_database = hash:/etc/mail/aliases
+mydestination = $myhostname, $mydomain, mail.example.net, localhost
+relayhost = 
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+home_mailbox = Maildir/
+recipient_delimiter = +
+inet_interfaces = all
+inet_protocols = all
+cyrus_sasl_config_path = /etc/sasl2
+smtpd_sasl_local_domain = $myhostname
+broken_sasl_auth_clients = yes
+smtpd_sasl_security_options = noanonymous
+
+smtpd_milters = inet:127.0.0.1:11332
+milter_default_action = accept
+
+smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, KRB5-DES, CBC3-SHA