postfix/postfix.txt@b663cfca750a
postfix/postfix.txt
Tue, 28 Aug 2012 18:32:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 28 Aug 2012 18:32:00 +0200
- changeset 550
- b663cfca750a
- parent 190
- 35b9f699911a
- child 664
- 3045cab269c7
- permissions
- -rw-r--r--
Update version, introduce new required daq dependency, integrated pulled
pork utility, improve build portability, and correct nonportable u_int types.
1 <file name="Makefile">
2 ##
3 ## @l_prefix@/etc/postfix/Makefile -- maintainance procedures
4 ##
6 # path configuration
7 PREFIX = @l_prefix@
8 SBINDIR = $(PREFIX)/sbin
9 ETCDIR = $(PREFIX)/etc
11 # program configuration
12 RC = $(ETCDIR)/rc
13 POSTALIAS = $(SBINDIR)/postalias
14 POSTMAP = $(SBINDIR)/postmap
15 POSTFIX = $(SBINDIR)/postfix
17 # table filename configuration
18 T_ACCESS = access
19 T_CANONICAL = canonical
20 T_GENERIC = generic
21 T_VIRTUAL = virtual
22 T_RELOCATED = relocated
23 T_TRANSPORT = transport
24 T_ALIASES = aliases
25 T_CLIENTS = clients
26 T_SENDERS = senders
27 T_CLICRT = clicrt
29 # dependency tracking
30 TIMESTAMP = .up-to-date
31 DEPENDENCIES = Makefile master.cf main.cf $(TABLES)
33 # managed tables:
34 # - use extension ".db" for hash tables ("hash")
35 # - use no extension for regex tables ("pcre")
36 TABLES = \
37 $(T_ACCESS).db \
38 $(T_CANONICAL).db \
39 $(T_GENERIC).db \
40 $(T_VIRTUAL).db \
41 $(T_RELOCATED).db \
42 $(T_TRANSPORT).db \
43 $(T_ALIASES).db \
44 $(T_CLIENTS).db \
45 $(T_SENDERS).db \
46 $(T_CLICRT).db
48 # default target
49 all: $(TABLES) $(TIMESTAMP)
51 # implicit checking and reloading
52 $(TIMESTAMP): $(DEPENDENCIES)
53 $(POSTFIX) check
54 $(POSTFIX) reload >/dev/null 2>&1 || true
55 touch $(TIMESTAMP) && chmod 600 $(TIMESTAMP)
57 # explicit checking
58 check:
59 $(POSTFIX) check
61 # hash table update targets
62 $(T_ACCESS).db: $(T_ACCESS) $(MAKEFILE)
63 $(POSTMAP) hash:$(T_ACCESS)
64 $(T_CANONICAL).db: $(T_CANONICAL) $(MAKEFILE)
65 $(POSTMAP) hash:$(T_CANONICAL)
66 $(T_GENERIC).db: $(T_GENERIC) $(MAKEFILE)
67 $(POSTMAP) hash:$(T_GENERIC)
68 $(T_VIRTUAL).db: $(T_VIRTUAL) $(MAKEFILE)
69 $(POSTMAP) hash:$(T_VIRTUAL)
70 $(T_RELOCATED).db: $(T_RELOCATED) $(MAKEFILE)
71 $(POSTMAP) hash:$(T_RELOCATED)
72 $(T_TRANSPORT).db: $(T_TRANSPORT) $(MAKEFILE)
73 $(POSTMAP) hash:$(T_TRANSPORT)
74 $(T_ALIASES).db: $(T_ALIASES) $(MAKEFILE)
75 $(POSTALIAS) hash:$(T_ALIASES)
76 $(T_CLIENTS).db: $(T_CLIENTS) $(MAKEFILE)
77 $(POSTMAP) hash:$(T_CLIENTS)
78 $(T_SENDERS).db: $(T_SENDERS) $(MAKEFILE)
79 $(POSTMAP) hash:$(T_SENDERS)
80 $(T_CLICRT).db: $(T_CLICRT) $(MAKEFILE)
81 $(POSTMAP) hash:$(T_CLICRT)
83 # cleanup target
84 clean:
85 -rm -f $(TABLES)
86 -rm -f $(TIMESTAMP)
88 # process management
89 start:
90 $(RC) postfix start
91 reload:
92 $(RC) postfix reload
93 stop:
94 $(RC) postfix stop
96 </file>
97 <file name="master.cf">
98 ##
99 ## @l_prefix@/etc/postfix/master.cf -- Postfix master process table
100 ##
101 # ==========================================================================
102 # service type private unpriv chroot wakeup maxproc command + args
103 # (yes) (yes) (yes) (never) (100)
104 # ==========================================================================
105 smtp inet n - n - - smtpd
106 #smtp inet n - n - - smtpd -o content_filter=spamass
107 #smtp inet n - n - 1 postscreen
108 #smtpd pass - - n - - smtpd
109 #dnsblog unix - - n - 0 dnsblog
110 #tlsproxy unix - - n - 0 tlsproxy
111 #628 inet n - n - - qmqpd
112 pickup fifo n - n 60 1 pickup
113 cleanup unix n - n - 0 cleanup
114 qmgr fifo n - n 300 1 qmgr
115 tlsmgr unix - - n 1000? 1 tlsmgr
116 rewrite unix - - n - - trivial-rewrite
117 bounce unix - - n - 0 bounce
118 defer unix - - n - 0 bounce
119 trace unix - - n - 0 bounce
120 verify unix - - n - 1 verify
121 flush unix n - n 1000? 0 flush
122 proxymap unix - - n - - proxymap
123 proxywrite unix - - n - - proxymap
124 smtp unix - - n - - smtp
125 relay unix - - n - - smtp -o fallback_relay=
126 showq unix n - n - - showq
127 error unix - - n - - error
128 retry unix - - n - - error
129 local unix - n n - - local
130 virtual unix - n n - - virtual
131 lmtp unix - - n - - lmtp
132 anvil unix - - n - 1 anvil
133 scache unix - - n - 1 scache
134 #maildrop unix - n n - - pipe flags=DRhu user=@l_nusr@ argv=@l_prefix@/bin/maildrop -d ${recipient}
135 #cyrus unix - n n - - pipe user=@l_nusr@ argv=@l_prefix@/bin/cyrdeliver -e -r ${sender} -m ${extension} ${user}
136 #dovecot unix - n n - - pipe flags=DR user=@l_rusr@ argv=@l_prefix@/libexec/dovecot/deliver -f ${sender} -d ${user} -n -m ${extension}
137 #spamass unix - n n - - pipe flags=R user=@l_rusr@ argv=@l_prefix@/bin/spamc -f -u ${user} -e @l_prefix@/sbin/sendmail -oi -f ${sender} ${recipient}
138 #uucp unix - n n - - pipe flags=Fqhu user=@l_nusr@ argv=@l_prefix@/bin/uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
139 #ifmail unix - n n - - pipe flags=F user=@l_nusr@ argv=@l_prefix@/bin/ifmail -r $nexthop ($recipient)
140 #bsmtp unix - n n - - pipe flags=Fq. user=@l_nusr@ argv=@l_prefix@/bin/bsmtp -f $sender $nexthop $recipient
141 </file>
142 <file name="main.cf">
143 ##
144 ## @l_prefix@/etc/postfix/main.cf -- Postfix main configuration
145 ##
146 ## Run "@l_prefix@/sbin/postconf -n" to see all parameters overriding
147 ## defaults, run "@l_prefix@/sbin/postconf -d" to see all possible
148 ## parameters and their defaults and read the following manual
149 ## pages for description of each parameter: bounce(8), cleanup(8),
150 ## defer(8), error(8), flush(8), lmtp(8), local(8), master(8),
151 ## pickup(8), pipe(8), qmgr(8), showq(8), smtp(8), smtpd(8), spawn(8),
152 ## trivial-rewrite(8).
153 ##
155 # users
156 mail_owner = @l_musr@
157 setgid_group = @l_rgrp@
158 default_privs = @l_nusr@
160 # local host
161 myhostname = mail.example.com
162 mydomain = example.com
163 myorigin = $myhostname
165 # smtp daemon
166 #smtpd_banner = $myhostname ESMTP $mail_name
167 inet_interfaces = 127.0.0.1
169 # smtp client
170 smtp_bind_address = 127.0.0.1
172 # relaying
173 mynetworks = 127.0.0.0/8
174 #mydestination = $myhostname, localhost.$mydomain
175 #relay_domains = $mydestination,
176 # hash:@l_prefix@/etc/postfix/access
177 #relay_clientcerts = hash:@l_prefix@/etc//postfix/clicrt
178 #smtpd_recipient_restrictions = permit_mynetworks,
179 # check_client_access hash:@l_prefix@/etc/postfix/access,
180 # reject_unauth_destination
182 # maps
183 #canonical_maps = hash:@l_prefix@/etc/postfix/canonical
184 #smtp_generic_maps = hash:@l_prefix@/etc/postfix/generic
185 #virtual_alias_maps = hash:@l_prefix@/etc/postfix/virtual
186 #relocated_maps = hash:@l_prefix@/etc/postfix/relocated
187 #transport_maps = hash:@l_prefix@/etc/postfix/transport
188 alias_maps = hash:@l_prefix@/etc/postfix/aliases
189 alias_database = hash:@l_prefix@/etc/postfix/aliases
191 # local delivery
192 #local_recipient_maps = proxy:unix:passwd.byname $alias_maps
193 recipient_delimiter = +
194 mailbox_command = @l_prefix@/bin/procmail -a "$EXTENSION"
196 </file>
197 <file name="access">
198 ##
199 ## @l_prefix@/etc/postfix/access -- access control for relaying
200 ##
201 ## Searched for both the client (hostname, parent domains, IP address,
202 ## networks obtained by stripping least significant octets from IP
203 ## address) and destination address (resolved destination address,
204 ## parent domain, or localpart@) in order to allow relaying. Rejects
205 ## the request if the result is REJECT or "[45]XX text". Permits the
206 ## request if the result is OK or RELAY or all-numerical.
207 ##
209 # Syntax (see access(5)):
210 # | user@domain action
211 # | domain action
212 # | user@ action
213 # | net.work.addr.ess action
214 # | net.work.addr action
215 # | net.work action
216 # | net action
217 # where "action" is one of:
218 # "[45]NN text", "REJECT", "OK", "restriction..."
219 #
220 # Examples:
221 # | mail.example.com OK
222 # | example.com REJECT
223 # | 192.168.0.1 OK
224 # | 192.168 REJECT
225 # | postmaster@ OK
227 </file>
228 <file name="virtual">
229 ##
230 ## @l_prefix@/etc/postfix/virtual -- virtual address translation
231 ##
232 ## Searched for virtual addresses user@domain, user and @domain
233 ## (in this order). It redirect mail for all recipients, local or
234 ## remote. The mapping affects only envelope recipients.
235 ##
237 # Syntax (see virtual(5)):
238 # | user@domain address, address, ...
239 # | user address, address, ...
240 # | @domain address, address, ...
241 #
242 # Examples:
243 # | @example.com john@example.com
244 # | postmaster@example.com postmaster
245 # | john@example1.com john1
246 # | john@example2.com john2
248 </file>
249 <file name="aliases">
250 ##
251 ## @l_prefix@/etc/postfix/aliases -- local mailbox aliases
252 ##
253 ## Searched for virtual addresses user@domain, user and @domain
254 ## (in this order). It redirect mail for all recipients, local or
255 ## remote. The mapping affects only envelope recipients.
256 ##
258 # Syntax (see aliases(5)):
259 # | name: value, value, ...
260 # where value is one of:
261 # "address", "/file/name", "|command", ":include:/file/name"
262 #
263 # Examples:
264 # | john.doe: john, doe
265 # | robot: |/path/to/robot
266 # | archive: /path/to/archive
267 # | users: :include:/path/to/users.list
268 # | owner-users: john.doe
270 # standard mail targets
271 nobody: /dev/null
272 MAILER-DAEMON: postmaster
274 # mailbox names for common services, roles and functions
275 # (see RFC2142 for more details and expanded list of names)
276 postmaster: root
277 hostmaster: root
278 security: root
279 abuse: root
281 # save unprivileged user storage of careless admins
282 root: /dev/null
284 </file>
285 <file name="canonical">
286 ##
287 ## @l_prefix@/etc/postfix/canonical -- address canonification on mail receiving
288 ##
289 ## Searched for canonical addresses for user@domain, user and @domain
290 ## (in this order).
291 ##
293 # Syntax (see canonical(5)):
294 # | user@domain address
295 # | user address
296 # | @domain address
297 #
298 # Examples:
299 # | postmaster@mail.example.com postmaster@example.com
300 # | john John.Doe
301 # | @example.com @example.com
303 </file>
304 <file name="relocated">
305 ##
306 ## @l_prefix@/etc/postfix/relocated -- relocate obsolete addresses
307 ##
308 ## Searched for relocated addresses user@domain, user and @domain
309 ## (in this order). It bounces mail for all recipients.
310 ##
312 # Syntax (see relocated(5)):
313 # | user@domain address
314 # | user address
315 # | @domain address
316 #
317 # Examples:
318 # | john@invalid john@example.com
319 # | john john@example.com
320 # | @invalid john@example.com
322 </file>
323 <file name="generic">
324 ##
325 ## @l_prefix@/etc/postfix/generic -- address canonification on mail sending
326 ##
327 ## Searched for canonical addresses for user@domain, user and @domain
328 ## (in this order).
329 ##
331 # Syntax (see generic(5)):
332 # | user@domain address
333 # | user address
334 # | @domain address
335 #
336 # Examples:
337 # | postmaster@mail.example.com postmaster@example.com
338 # | john John.Doe
339 # | @example.com @example.com
341 </file>
342 <file name="transport">
343 ##
344 ## @l_prefix@/etc/postfix/transport -- transport selection
345 ##
346 ## Searched for domain and .domain (in this order). It selects the
347 ## specified transport facility for delivery.
348 ##
350 # Syntax (see transport(5)):
351 # | domain transport:nexthop
352 # | .domain transport:nexthop
353 #
354 # Examples:
355 # | me.example.com local:
356 # | you.example.com smtp:mail.example.com:2525
357 # | example.com smtp:mail.example.com
358 # | .example.com smtp:mail.example.com
360 </file>
361 <file name="clients">
362 ##
363 ## @l_prefix@/etc/postfix/clients -- control for relaying clients
364 ##
365 ## Searched for both the client (hostname, parent domains, IP address,
366 ## networks obtained by stripping least significant octets from IP
367 ## address) and destination address (resolved destination address,
368 ## parent domain, or localpart@) in order to allow relaying. Rejects
369 ## the request if the result is REJECT or "[45]XX text". Permits the
370 ## request if the result is OK or RELAY or all-numerical.
371 ##
373 # Syntax (see postmap(5)):
374 # | user@domain action
375 # | domain action
376 # | user@ action
377 # | net.work.addr.ess action
378 # | net.work.addr action
379 # | net.work action
380 # | net action
381 # where "action" is one of:
382 # "[45]NN text", "REJECT", "OK", "restriction..."
383 #
384 # Examples:
385 # | mail.example.com OK
386 # | example.com REJECT
387 # | 192.168.0.1 OK
388 # | 192.168 REJECT
389 # | postmaster@ OK
391 </file>
392 <file name="senders">
393 ##
394 ## @l_prefix@/etc/postfix/senders -- control for relaying senders
395 ##
396 ## Searched for both the client (hostname, parent domains, IP address,
397 ## networks obtained by stripping least significant octets from IP
398 ## address) and destination address (resolved destination address,
399 ## parent domain, or localpart@) in order to allow relaying. Rejects
400 ## the request if the result is REJECT or "[45]XX text". Permits the
401 ## request if the result is OK or RELAY or all-numerical.
402 ##
404 # Syntax (see access(5)):
405 # | user@domain action
406 # | domain action
407 # | user@ action
408 # | net.work.addr.ess action
409 # | net.work.addr action
410 # | net.work action
411 # | net action
412 # where "action" is one of:
413 # "[45]NN text", "REJECT", "OK", "restriction..."
414 #
415 # Examples:
416 # | mail.example.com OK
417 # | example.com REJECT
418 # | 192.168.0.1 OK
419 # | 192.168 REJECT
420 # | postmaster@ OK
422 </file>
423 <file name="clicrt">
424 ##
425 ## @l_prefix@/etc/postfix/clicrt -- user identity verification
426 ##
427 ## Searched for user names matching TLS certificate fingerprints
428 ## when a client responding to the MTA's client certificate request
429 ## presents a valid (signed from proper CA) certificate.
430 ##
431 ## To find such fingerprints given a valid client certificate:
432 ## @l_prefix@/bin/openssl x509 -noout -fingerprint -sha1 -in certfile.pem
433 ##
435 # Syntax (fingerprint according to smtpd_tls_fingerprint_digest):
436 # | fingerprint arbitrary-value
437 #
438 # Examples:
439 # | B8:B8:A8:AE:B8:2A:2B:74:EC:43:FF:4F:B2:B2:AC:1E:B4:CE:26:1D user1
440 # | 18:81:F5:22:18:BA:EB:15:FF:40:30:00:EA:C0:B4:2E:EC:AE:86:8E user2
442 </file>
