1 # See /usr/share/postfix/main.cf.dist for a commented, more complete version
4 # Debian specific: Specifying a file name will cause the first
5 # line of that file to be used as the name. The Debian default
7 #myorigin = /etc/mailname
9 smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
12 # appending .domain is the MUA's job.
13 append_dot_mydomain = no
15 # Uncomment the next line to generate "delayed mail" warnings
16 #delay_warning_time = 4h
20 # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
22 compatibility_level = 2
24 # TLS parameters (excluding smtpd_tls_(cert|key)_file for own adaption below)
26 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
27 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
29 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
30 # information on enabling SSL in the smtp client.
32 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
33 myorigin = /etc/mailname
34 myhostname = REPLACE_myhostname_ECALPER
35 alias_maps = hash:/etc/aliases
36 alias_database = hash:/etc/aliases
37 mydestination = $myhostname localhost.$mydomain localhost REPLACE_mydomain_if_domainwide_ECALPER
39 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
40 mailbox_size_limit = 0
41 recipient_delimiter = +
45 # plomlompom-specific adaptions to allow TLS and SASL via LetsEncrypt/Dovecot.
46 smtpd_tls_cert_file=/etc/letsencrypt/live/${myhostname}/fullchain.pem
47 smtpd_tls_key_file=/etc/letsencrypt/live/${myhostname}/privkey.pem
48 smtpd_sasl_type = dovecot
49 smtpd_sasl_path = private/auth
52 smtpd_milters = inet:localhost:12301
53 non_smtpd_milters = inet:localhost:12301
55 # transport mail to dovecot; not strictly needed, as even without this
56 # postfix will throw mail to /var/mail/USER to be found by dovecot for
57 # serving via IMAP etc.; but using dovecot's LMTP server for delivery
58 # allows us to do stuff like dovecot-side sieve filtering.
59 mailbox_transport = lmtp:inet:127.0.0.1:2424