2016-02-24 08:44:49 +02:00
|
|
|
# service type private unpriv chroot wakeup maxproc command + args
|
|
|
|
# (yes) (yes) (yes) (never) (100)
|
|
|
|
|
2017-10-22 15:00:16 +02:00
|
|
|
# Exposed SMTP service
|
2023-01-03 16:57:57 +02:00
|
|
|
smtp inet n - n - 1 smtpd
|
2016-08-29 22:41:31 +02:00
|
|
|
|
2017-10-22 15:00:16 +02:00
|
|
|
# Internal SMTP service
|
2023-01-03 16:57:57 +02:00
|
|
|
10025 inet n - n - 1 smtpd
|
2017-10-22 19:44:58 +02:00
|
|
|
-o smtpd_sasl_auth_enable=yes
|
2023-06-05 08:47:22 +02:00
|
|
|
-o smtpd_discard_ehlo_keywords=pipelining,silent-discard
|
2021-08-09 14:58:58 +02:00
|
|
|
-o smtpd_client_restrictions=$check_ratelimit,reject_unlisted_sender,reject_authenticated_sender_login_mismatch,permit
|
2018-10-04 20:31:04 +02:00
|
|
|
-o smtpd_reject_unlisted_recipient={% if REJECT_UNLISTED_RECIPIENT %}{{ REJECT_UNLISTED_RECIPIENT }}{% else %}no{% endif %}
|
2017-10-22 15:00:16 +02:00
|
|
|
-o cleanup_service_name=outclean
|
|
|
|
outclean unix n - n - 0 cleanup
|
2017-10-22 11:31:55 +02:00
|
|
|
-o header_checks=pcre:/etc/postfix/outclean_header_filter.cf
|
2021-03-09 20:43:08 +02:00
|
|
|
-o nested_header_checks=
|
2016-02-24 08:44:49 +02:00
|
|
|
|
2022-02-19 19:37:37 +02:00
|
|
|
# Polite policy
|
|
|
|
polite unix - - n - - smtp
|
|
|
|
-o syslog_name=postfix-polite
|
|
|
|
-o polite_destination_concurrency_limit=3
|
|
|
|
-o polite_destination_rate_delay=0
|
|
|
|
-o polite_destination_recipient_limit=20
|
|
|
|
-o polite_destination_concurrency_failed_cohort_limit=10
|
|
|
|
|
|
|
|
# Turtle policy
|
|
|
|
turtle unix - - n - - smtp
|
|
|
|
-o syslog_name=postfix-turtle
|
|
|
|
-o turtle_destination_concurrency_limit=1
|
|
|
|
-o turtle_destination_rate_delay=1
|
|
|
|
-o turtle_destination_recipient_limit=5
|
|
|
|
-o turtle_destination_concurrency_failed_cohort_limit=10
|
|
|
|
|
2016-02-24 08:44:49 +02:00
|
|
|
# Internal postfix services
|
|
|
|
pickup unix n - n 60 1 pickup
|
|
|
|
cleanup unix n - n - 0 cleanup
|
|
|
|
qmgr unix n - n 300 1 qmgr
|
|
|
|
tlsmgr unix - - n 1000? 1 tlsmgr
|
|
|
|
rewrite unix - - n - - trivial-rewrite
|
|
|
|
bounce unix - - n - 0 bounce
|
|
|
|
defer unix - - n - 0 bounce
|
|
|
|
trace unix - - n - 0 bounce
|
|
|
|
verify unix - - n - 1 verify
|
|
|
|
flush unix n - n 1000? 0 flush
|
|
|
|
proxymap unix - - n - - proxymap
|
|
|
|
smtp unix - - n - - smtp
|
2022-12-28 16:21:28 +02:00
|
|
|
smtpd pass - - n - - smtpd
|
2016-02-24 08:44:49 +02:00
|
|
|
relay unix - - n - - smtp
|
|
|
|
error unix - - n - - error
|
|
|
|
retry unix - - n - - error
|
|
|
|
discard unix - - n - - discard
|
|
|
|
lmtp unix - - n - - lmtp
|
|
|
|
anvil unix - - n - 1 anvil
|
|
|
|
scache unix - - n - 1 scache
|
2023-04-21 14:42:25 +02:00
|
|
|
postlog unix-dgram n - n - 1 postlogd
|
2023-04-08 12:27:32 +02:00
|
|
|
|
|
|
|
{# Ensure that the rendered file ends with a newline #}
|
|
|
|
{{- "\n" }}
|