smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtp_tls_key_file = /usr/local/etc/postfix/ssl/smtpd.key
smtp_tls_cert_file = /usr/local/etc/postfix/ssl/smtpd.crt
smtp_tls_CAfile = /usr/local/etc/postfix/ssl/cacert.crt
smtp_tls_CApath = /usr/local/share/certs/
smtp_tls_loglevel = 1
smtp_tls_ask_ccert = yes
smtpd_use_tls = yes
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /usr/local/etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /usr/local/etc/postfix/ssl/cacert.crt
smtpd_tls_CApath = /usr/local/share/certs/
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks,
check_helo_access hash:/usr/local/etc/postfix/helo_access,
permit
smtpd_sender_restrictions =
permit_mynetworks,
reject_non_fqdn_sender,
check_sender_access hash:/usr/local/etc/postfix/sender_access,
reject_unknown_sender_domain,
permit_sasl_authenticated,
check_policy_service unix:private/spf,
reject_unverified_sender
smtpd_recipient_restrictions =
reject_unlisted_recipient,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
mime_header_checks = regexp:/usr/local/etc/postfix/mime_header_checks.regexp
policy_time_limit = 3600
© Copyright 1995-2008 David McNett. All Rights Reserved.
