summaryrefslogtreecommitdiffstats
path: root/share/templates/master.cf.tpl
blob: 44c983aad21172fd1f8235df3dde4a0aa2a5b725 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
# Do not forget to execute "postfix reload" after editing this file.
# ==============================================================================
# service           type  private   unpriv  chroot  wakeup  maxproc     command
#                           (yes)    (yes)   (yes)   (never) (100)       + args
# ==============================================================================
smtp                inet        n       -       n       -       -       smtpd
#smtp               inet        n       -       n       -       1       postscreen
#smtpd              pass        -       -       n       -       -       smtpd
#dnsblog            unix        -       -       n       -       0       dnsblog
#tlsproxy           unix        -       -       n       -       0       tlsproxy
submission          inet        n       -       n       -       -       smtpd
    -o cleanup_service_name=cleanup_submission
    -o syslog_name=postfix/submission
    -o smtpd_tls_security_level=encrypt
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_sasl_authenticated_header=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    -o smtpd_data_restrictions=\$submission_data_restrictions
    -o smtpd_recipient_restrictions=\$submission_recipient_restrictions
    -o smtpd_sender_restrictions=\$submission_sender_restrictions

#smtps               inet        n       -       n       -       -       smtpd
#    -o syslog_name=postfix/smtps
#    -o smtpd_tls_wrappermode=yes
#    -o smtpd_sasl_auth_enable=yes
#    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#    -o milter_macro_daemon_name=ORIGINATING
#628                inet        n       -       n       -       -       qmqpd
pickup              fifo        n       -       n       60      1       pickup
cleanup             unix        n       -       n       -       0       cleanup
    -o header_checks=regexp:/etc/postfix/header_checks.inbound
    -o mime_header_checks=regexp:/etc/postfix/header_checks.inbound
cleanup_internal    unix        n       -       n       -       0       cleanup
    -o header_checks=regexp:/etc/postfix/header_checks.internal
    -o mime_header_checks=regexp:/etc/postfix/header_checks.internal
cleanup_submission  unix        n       -       n       -       0       cleanup
    -o header_checks=regexp:/etc/postfix/header_checks.submission
    -o mime_header_checks=regexp:/etc/postfix/header_checks.submission
qmgr                fifo        n       -       n       300     1       qmgr
#qmgr               fifo        n       -       n       300     1       oqmgr
tlsmgr              unix        -       -       n       1000?   1       tlsmgr
rewrite             unix        -       -       n       -       -       trivial-rewrite
bounce              unix        -       -       n       -       0       bounce
defer               unix        -       -       n       -       0       bounce
trace               unix        -       -       n       -       0       bounce
verify              unix        -       -       n       -       1       verify
flush               unix        n       -       n       1000?   0       flush
proxymap            unix        -       -       n       -       -       proxymap
proxywrite          unix        -       -       n       -       1       proxymap
smtp                unix        -       -       n       -       -       smtp
relay               unix        -       -       n       -       -       smtp
showq               unix        n       -       n       -       -       showq
error               unix        -       -       n       -       -       error
retry               unix        -       -       n       -       -       error
discard             unix        -       -       n       -       -       discard
local               unix        -       n       n       -       -       local
virtual             unix        -       n       n       -       -       virtual
lmtp                unix        -       -       n       -       -       lmtp
anvil               unix        -       -       n       -       1       anvil
scache              unix        -       -       n       -       1       scache

# Filter email through Amavisd
smtp-amavis         unix        -       -       n       -       3       smtp
    -o smtp_data_done_timeout=1800
    -o disable_dns_lookups=yes
    -o smtp_send_xforward_command=yes
    -o max_use=20
    -o smtp_bind_address=127.0.0.1

# Listener to re-inject email from Amavisd into Postfix
127.0.0.1:10025     inet        n       -       n       -       100     smtpd
    -o cleanup_service_name=cleanup_internal
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8

# Filter email through Wallace
smtp-wallace        unix        -       -       n       -       3       smtp
    -o smtp_data_done_timeout=1800
    -o disable_dns_lookups=yes
    -o smtp_send_xforward_command=yes
    -o max_use=20

# Listener to re-inject email from Wallace into Postfix
127.0.0.1:10027     inet        n       -       n       -       100     smtpd
    -o cleanup_service_name=cleanup_internal
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8

recipient_policy    unix        -       n       n       -       -       spawn
    user=kolab-n argv=/usr/libexec/postfix/kolab_smtp_access_policy --verify-recipient

recipient_policy_incoming unix  -       n       n       -       -       spawn
    user=kolab-n argv=/usr/libexec/postfix/kolab_smtp_access_policy --verify-recipient --allow-unauthenticated

sender_policy       unix        -       n       n       -       -       spawn
    user=kolab-n argv=/usr/libexec/postfix/kolab_smtp_access_policy --verify-sender

sender_policy_incoming unix     -       n       n       -       -       spawn
    user=kolab-n argv=/usr/libexec/postfix/kolab_smtp_access_policy --verify-sender --allow-unauthenticated

submission_policy   unix        -       n       n       -       -       spawn
    user=kolab-n argv=/usr/libexec/postfix/kolab_smtp_access_policy --verify-sender --verify-recipient