}
# Postfix smtp-auth
- #unix_listener /var/spool/postfix/private/auth {
- # mode = 0666
- #}
+ unix_listener /var/spool/postfix/private/auth {
+ mode = 0666
+ user = postfix
+ group = postfix
+ }
# Auth process is run as this user.
#user = $default_internal_user
# Message rewrite
always_add_missing_headers = yes
+
+# Dovecot SASL
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_path = private/auth
+smtpd_sasl_security_options = noactive, noanonymous, nodictionary
+smtpd_sasl_type = dovecot
+## Authenticate RCPT TO address.
+smtpd_relay_restrictions = permit_sasl_authenticated, defer_unauth_destination
+
# OpenDKIM
milter_protocol = 2
milter_default_action = accept
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
-#submission inet n - y - - smtpd
-# -o syslog_name=postfix/submission
-# -o smtpd_tls_security_level=encrypt
-# -o smtpd_sasl_auth_enable=yes
-# -o smtpd_tls_auth_only=yes
-# -o smtpd_reject_unlisted_recipient=no
-# -o smtpd_client_restrictions=$mua_client_restrictions
-# -o smtpd_helo_restrictions=$mua_helo_restrictions
-# -o smtpd_sender_restrictions=$mua_sender_restrictions
-# -o smtpd_recipient_restrictions=
-# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-# -o milter_macro_daemon_name=ORIGINATING
+submission inet n - y - - smtpd
+ -o smtpd_sender_restrictions=reject_sender_login_mismatch
+ -o smtpd_helo_restrictions=$mua_helo_restrictions
+ -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - y - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
projects / server.git / commitdiff