# (c) 2004 Steffen Hansen (Klaralvdalens Datakonsult AB) # (c) 2003 Tassilo Erlewein # (c) 2003 Martin Konold # (c) 2003 Achim Frank # This program is Free Software under the GNU General Public License (>=v2). # Read the file COPYING that comes with this packages for details. # this file is automatically written by the Kolab config backend # manual additions are lost unless made to the template in the Kolab config directory # postfix default is 10 240 000 Byte = 10.24 Megabyte, # we use 20 Mebibyte = 20*2^20 Byte message_size_limit = 20971520 # paths command_directory = @l_prefix@/sbin daemon_directory = @l_prefix@/libexec/postfix queue_directory = @l_prefix@/var/postfix # users mail_owner= @l_musr@ setgid_group= @l_rgrp@ default_privs= @l_nusr@ # local host myhostname = @@@fqdnhostname@@@ mydomain = @@@postfix-mydomain@@@ myorigin = $mydomain relayhost = @@@postfix-relayhost@@@ # masquerade_domains = $mydomain masquerade_exceptions = root # smtp daemon #smtpd_banner = $myhostname ESMTP $mail_name #inet_interfaces = 127.0.0.1 # relaying mynetworks = @@@postfix-mynetworks@@@ mydestination = @@@postfix-mydestination@@@ relay_domains = #smtpd_recipient_restrictions = permit_mynetworks, # check_client_access hash:/kolab/etc/postfix/access, # check_relay_domains # maps canonical_maps = hash:@l_prefix@/etc/postfix/canonical virtual_maps = hash:@l_prefix@/etc/postfix/virtual, ldap:ldapdistlist, ldap:ldapvirtual relocated_maps = hash:@l_prefix@/etc/postfix/relocated transport_maps = ldap:ldaptransport, hash:@l_prefix@/etc/postfix/transport alias_maps = hash:@l_prefix@/etc/postfix/aliases alias_database = hash:@l_prefix@/etc/postfix/aliases local_recipient_maps = # local delivery recipient_delimiter = + #mailbox_transport = lmtp:unix:@l_prefix@/var/kolab/lmtp mailbox_transport = kolabmailboxfilter #TLS settings smtpd_use_tls = yes smtpd_tls_auth_only = yes smtpd_starttls_timeout = 300s smtpd_timeout = 300s #smtpd_tls_CAfile = @l_prefix@/etc/kolab/server.pem #smtpd_tls_CApath = #smtpd_tls_ask_ccert = no #smtpd_tls_ccert_verifydepth = 5 smtpd_tls_cert_file = @l_prefix@/etc/kolab/cert.pem #smtpd_tls_cipherlist = #smtpd_tls_dcert_file = #smtpd_tls_dh1024_param_file = #smtpd_tls_dh512_param_file = #smtpd_tls_dkey_file = $smtpd_tls_dcert_file #smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_key_file = @l_prefix@/etc/kolab/key.pem #smtpd_tls_loglevel = 3 smtpd_tls_received_header = no #smtpd_tls_req_ccert = no #smtpd_tls_session_cache_database = smtpd_tls_session_cache_timeout = 3600s #smtpd_tls_wrappermode = no #tls_random_bytes = 32 tls_random_source = dev:/dev/urandom #tls_daemon_random_bytes = 32 #tls_daemon_random_source = #tls_random_exchange_name = ${config_directory}/prng_exch #tls_random_prng_update_period = 60s #tls_random_reseed_period = 3600s #smtp_starttls_timeout = 300s #smtp_tls_CAfile = #smtp_tls_CApath = #smtp_tls_cert_file = #smtp_tls_cipherlist = #smtp_tls_dcert_file = #smtp_tls_dkey_file = $smtp_tls_dcert_file #smtp_tls_enforce_peername = yes #smtp_tls_key_file = $smtp_tls_cert_file #smtp_tls_loglevel = 0 #smtp_tls_note_starttls_offer = no #smtp_tls_per_site = #smtp_tls_scert_verifydepth = 5 #smtp_tls_session_cache_database = #smtp_tls_session_cache_timeout = 3600s # authentication via sasl ## Kolab Policy Server smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/kolabpolicy smtpd_sender_restrictions = permit_mynetworks, check_policy_service unix:private/kolabpolicy kolabpolicy_time_limit = 3600 kolabpolicy_max_idle = 20 #smtpd_restriction_classes = smtpd_sasl_auth_enable = yes # We want to allow for uids without any realm #smtpd_sasl_local_domain = $myhostname smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous # Support broken clients like Microsoft Outlook Express 4.x which expect AUTH=LOGIN instead of AUTH LOGIN broken_sasl_auth_clients = yes # # LDAP Alias support # ldapvirtual_server_host = @@@ldap_uri@@@ ldapvirtual_search_base = @@@user_dn_list@@@ ldapvirtual_query_filter = (alias=%s) ldapvirtual_result_attribute = mail ldapvirtual_result_filter = %s ldapvirtual_search_timeout = 15 ldapvirtual_scope = sub ldapvirtual_bind = yes ldapvirtual_bind_dn = @@@php_dn@@@ ldapvirtual_bind_pw = @@@php_pw@@@ ldapvirtual_version = 3 # # LDAP Distributionlist support # ldapdistlist_server_host = @@@ldap_uri@@@ ldapdistlist_search_base = @@@user_dn_list@@@ ldapdistlist_domain = $mydestination ldapdistlist_query_filter = (&(objectClass=kolabGroupOfNames)(mail=%s)) ldapdistlist_special_result_attribute = member ldapdistlist_exclude_internal = yes ldapdistlist_result_attribute = mail ldapdistlist_result_filter = %s ldapdistlist_search_timeout = 15 ldapdistlist_scope = sub ldapdistlist_bind = yes ldapdistlist_bind_dn = @@@php_dn@@@ ldapdistlist_bind_pw = @@@php_pw@@@ ldapdistlist_version = 3 # # LDAP Transport for multilocation support # ldaptransport_server_host = @@@ldap_uri@@@ ldaptransport_search_base = @@@user_dn_list@@@ ldaptransport_query_filter = (&(mail=%s)(objectClass=kolabInetOrgPerson)(!(kolabHomeServer=$myhostname))) ldaptransport_result_attribute = kolabHomeServer ldaptransport_result_filter = smtp:[%s] ldaptransport_search_timeout = 15 ldaptransport_scope = sub ldaptransport_bind = yes ldaptransport_bind_dn = @@@php_dn@@@ ldaptransport_bind_pw = @@@php_pw@@@ ldaptransport_version = 3 @@@if postfix-enable-virus-scan@@@ # # Amavis virus scan # content_filter=smtp-amavis:[127.0.0.1]:10024 @@@else@@@ content_filter=kolabfilter @@@endif@@@