summaryrefslogtreecommitdiff
path: root/conf/templates/main.cf.template.in
blob: 15ae666e899fdd18617e5439fe61b388bedf74e6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
KOLAB_META_START
TARGET=@emailserver_confdir@/main.cf
PERMISSIONS=0644
OWNERSHIP=@emailserver_usr@:@emailserver_grp@
KOLAB_META_END
# (c) 2004 Steffen Hansen <steffen@klaralvdalens-datakonsult.se> (Klaralvdalens Datakonsult AB)
# (c) 2003 Tassilo Erlewein <tassilo.erlewein@erfrakon.de>
# (c) 2003 Martin Konold <martin.konold@erfrakon.de>
# (c) 2003 Achim Frank <achim.frank@erfrakon.de>
# This program is Free Software under the GNU General Public License (>=v2).
# Read the file COPYING that comes with this packages for details.


# this file is automatically written by the Kolab config backend
# manual additions are lost unless made to the template in the Kolab config directory


# postfix default is 10 240 000 Byte = 10.24 Megabyte, 
# we use 20 Mebibyte = 20*2^20 Byte 
message_size_limit = 20971520

#   paths
command_directory = @sbindir@
daemon_directory = @libexecdir@/postfix
queue_directory = @emailserver_localstatedir@

#   users
mail_owner= @emailserver_mail_owner@
setgid_group= @emailserver_setgid_grp@
default_privs= @emailserver_default_privs@

#   local host
myhostname = @@@fqdnhostname@@@
mydomain = @@@postfix-mydomain@@@
myorigin = $mydomain
@@@if postfix-relayhost@@@

# Postfix Relay Host
#
# Check if there is also a relayport otherwise put the default
@@@if postfix-relayport@@@
relayhost = [@@@postfix-relayhost@@@]:@@@postfix-relayport@@@
@@@else@@@
relayhost = [@@@postfix-relayhost@@@]
@@@endif@@@
@@@endif@@@

# 
masquerade_domains = $mydomain
#       Kolab Server does _not_ want to forward to local machines by default,
#       so we can add "envelope_recipient" to masquerade_classes:
masquerade_classes = envelope_sender, envelope_recipient,
                     header_sender, header_recipient

#   smtp daemon
#smtpd_banner = $myhostname ESMTP $mail_name
#inet_interfaces = 127.0.0.1

#   relaying
mynetworks = @@@postfix-mynetworks|join( )@@@
mydestination = @@@postfix-mydestination|join( )@@@
relay_domains = 
#smtpd_recipient_restrictions = permit_mynetworks, 
#                               check_client_access hash:@emailserver_confdir@/access,
#                               check_relay_domains


recipient_delimiter = +

#   maps
canonical_maps = hash:@emailserver_confdir@/canonical
virtual_maps =  hash:@emailserver_confdir@/virtual, 
	ldap:@emailserver_confdir@/ldapdistlist.cf, 
	ldap:@emailserver_confdir@/ldapvirtual.cf
relocated_maps = hash:@emailserver_confdir@/relocated
transport_maps = hash:@emailserver_confdir@/transport, ldap:@emailserver_confdir@/ldaptransport.cf
alias_maps = hash:@aliases_file@
alias_database = hash:@aliases_file@
#virtual_mailbox_maps = $virtual_maps
local_recipient_maps = $virtual_maps, $alias_maps

## only use local_transport or a higher recipent_limit if issue825 is fixed
#   local delivery, not using postfix local(8)
#local_transport = kolabmailboxfilter
#   alternatively with local(8), something like
mailbox_transport = kolabmailboxfilter
# local_destination_recipient_limit = 20

#TLS settings
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_starttls_timeout = 300s
smtpd_timeout = 300s
#smtpd_tls_CAfile = @sysconfdir@/kolab/server.pem
#smtpd_tls_CApath =
#smtpd_tls_ask_ccert = no
#smtpd_tls_ccert_verifydepth = 5
smtpd_tls_cert_file = @sysconfdir@/kolab/cert.pem
#smtpd_tls_cipherlist =
#smtpd_tls_dcert_file =
#smtpd_tls_dh1024_param_file =
#smtpd_tls_dh512_param_file =
#smtpd_tls_dkey_file = $smtpd_tls_dcert_file
#smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_key_file = @sysconfdir@/kolab/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = no
#smtpd_tls_req_ccert = no
#smtpd_tls_session_cache_database =
smtpd_tls_session_cache_timeout = 3600s
#smtpd_tls_wrappermode = no

#tls_random_bytes = 32
tls_random_source = dev:/dev/urandom
#tls_daemon_random_bytes = 32
#tls_daemon_random_source =
#tls_random_exchange_name = ${config_directory}/prng_exch
#tls_random_prng_update_period = 60s
#tls_random_reseed_period = 3600s

#smtp_starttls_timeout = 300s
#smtp_tls_CAfile =
#smtp_tls_CApath =
#smtp_tls_cert_file =
#smtp_tls_cipherlist =
#smtp_tls_dcert_file =
#smtp_tls_dkey_file = $smtp_tls_dcert_file
#smtp_tls_enforce_peername = yes
#smtp_tls_key_file = $smtp_tls_cert_file
#smtp_tls_loglevel = 0
#smtp_tls_note_starttls_offer = no
#smtp_tls_per_site =
#smtp_tls_scert_verifydepth = 5
#smtp_tls_session_cache_database =
#smtp_tls_session_cache_timeout = 3600s

#   authentication via sasl

## Kolab Policy Server
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,
	reject_unauth_destination, reject_unlisted_recipient, check_policy_service unix:private/kolabpolicy
smtpd_sender_restrictions = permit_mynetworks, check_policy_service unix:private/kolabpolicy
kolabpolicy_time_limit = 3600
kolabpolicy_max_idle = 20

#smtpd_restriction_classes =
smtpd_sasl_auth_enable = yes

# We want to allow for uids without any realm
#smtpd_sasl_local_domain = $myhostname
smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

# Support broken clients like Microsoft Outlook Express 4.x which expect AUTH=LOGIN instead of AUTH LOGIN
broken_sasl_auth_clients = yes

content_filter=kolabfilter