|
|
|
# service type private unpriv chroot wakeup maxproc command + args
|
|
|
|
# (yes) (yes) (yes) (never) (100)
|
|
|
|
|
|
|
|
# Exposed SMTP service
|
|
|
|
smtp inet n - n - 1 smtpd
|
|
|
|
|
|
|
|
# Internal SMTP service
|
|
|
|
10025 inet n - n - 1 smtpd
|
|
|
|
-o smtpd_sasl_auth_enable=yes
|
|
|
|
-o smtpd_discard_ehlo_keywords=pipelining
|
|
|
|
-o smtpd_client_restrictions=$check_ratelimit,reject_unlisted_sender,reject_authenticated_sender_login_mismatch,permit
|
|
|
|
-o smtpd_reject_unlisted_recipient={% if REJECT_UNLISTED_RECIPIENT %}{{ REJECT_UNLISTED_RECIPIENT }}{% else %}no{% endif %}
|
|
|
|
-o cleanup_service_name=outclean
|
|
|
|
-o smtpd_authorized_xclient_hosts={{ SUBNET}},{{ SUBNET6 }}
|
|
|
|
outclean unix n - n - 0 cleanup
|
|
|
|
-o header_checks=pcre:/etc/postfix/outclean_header_filter.cf
|
|
|
|
-o nested_header_checks=
|
|
|
|
|
|
|
|
# Polite policy
|
|
|
|
polite unix - - n - - smtp
|
|
|
|
-o syslog_name=postfix-polite
|
|
|
|
-o polite_destination_concurrency_limit=3
|
|
|
|
-o polite_destination_rate_delay=0
|
|
|
|
-o polite_destination_recipient_limit=20
|
|
|
|
-o polite_destination_concurrency_failed_cohort_limit=10
|
|
|
|
|
|
|
|
# Turtle policy
|
|
|
|
turtle unix - - n - - smtp
|
|
|
|
-o syslog_name=postfix-turtle
|
|
|
|
-o turtle_destination_concurrency_limit=1
|
|
|
|
-o turtle_destination_rate_delay=1
|
|
|
|
-o turtle_destination_recipient_limit=5
|
|
|
|
-o turtle_destination_concurrency_failed_cohort_limit=10
|
|
|
|
|
|
|
|
# Internal postfix services
|
|
|
|
pickup unix n - n 60 1 pickup
|
|
|
|
cleanup unix n - n - 0 cleanup
|
|
|
|
qmgr unix n - n 300 1 qmgr
|
|
|
|
tlsmgr unix - - n 1000? 1 tlsmgr
|
|
|
|
rewrite unix - - n - - trivial-rewrite
|
|
|
|
bounce unix - - n - 0 bounce
|
|
|
|
defer unix - - n - 0 bounce
|
|
|
|
trace unix - - n - 0 bounce
|
|
|
|
verify unix - - n - 1 verify
|
|
|
|
flush unix n - n 1000? 0 flush
|
|
|
|
proxymap unix - - n - - proxymap
|
|
|
|
smtp unix - - n - - smtp
|
|
|
|
smtpd pass - - n - - smtpd
|
|
|
|
relay unix - - n - - smtp
|
|
|
|
error unix - - n - - error
|
|
|
|
retry unix - - n - - error
|
|
|
|
discard unix - - n - - discard
|
|
|
|
lmtp unix - - n - - lmtp
|
|
|
|
anvil unix - - n - 1 anvil
|
|
|
|
scache unix - - n - 1 scache
|
|
|
|
postlog unix-dgram n - n - 1 postlogd
|