smtp_banner = $myhostname ESMTP (Debian / GNU)
biff = no
disable_vrfy_command = yes
disable_dns_lookups = yes
smtpd_helo_required = yes
append_dot_mydomain = no
mydestination = mail.mon.domaine.net, localhost, localhost.localdomain
mydomain = mail.mon.domaine.net
myhostname = mail.mon.domaine.net
relayhost = [smtp.gmail.com]
mynetworks = 127.0.0.0/8,192.168.0.0/24,88.xxx.xxx.xxx.xxx/24
inet_interfaces = all
smtpd_sender_restrictions =
permit_mynetworks,
reject_unknown_sender_domain,
warn_if_reject reject_unverified_sender
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
reject_unknown_recipient_domain,
reject_non_fqdn_recipient
smtpd_client_restrictions =
reject_unknown_client,
permit_mynetworks
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_aliases.cf, mysql:/etc/postfix/mysql-virtual_aliases_mailbox.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/spool/vmail/
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "Desole, la boite email de l'utilisateur est pleine. Veuillez re-essayer plus tard !"
virtual_overquota_bounce = yes
relay_domains = $mydestination, $mydomain, $mynetworks, gmail.com
#smtp_sasl_auth_enable = yes
#smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
#smtp_sasl_security_options = noanonymous
#smtp_sasl_tls_security_options = noanonymous
#tls_random_source = dev:/dev/urandom
#smtp_tls_scert_verifydepth = 5
#smtp_tls_CApath=/etc/ssl/certs
#smtp_tls_enforce_peername = no
#smtp_tls_per_site = hash:/etc/postfix/usar_tls
#inet_protocols = ipv4
# Suite de main.cf
#
# Le TLS
# Niveau de log. Au niveau 3, on a un détail assez impressionnant
smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1
smtp_enforce_tls = yes
# , quand je le met ça plante, pour certain ça ne marche pas sans, décommentez cette ligne pour l’activer.
# On va voir ça juste après.
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_use_tls = yes
smtp_tls_CAfile = /etc/ssl/demoCA/cacert.pem
smtp_tls_cert_file = /etc/postfix/uranus-cert.pem
smtp_tls_key_file = /etc/postfix/uranus-key.pem
smtpd_use_tls = yes
smtpd_tls_CAfile = /etc/ssl/demoCA/cacert.pem
smtpd_tls_cert_file = /etc/postfix/uranus-cert.pem
smtpd_tls_key_file = /etc/postfix/uranus-key.pem
smtp_tls_received_header = yes
smtpd_tls_ask_ccert = yes
tls_random_source = dev:/dev/urandom
# Authentification SASL
smtpd_sasl_auth_enable = no
smtp_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
Partager