docker/mailu
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update podop access and mail restrictions

Browse Source
This commit is contained in:
kaiyou
2018-09-26 00:15:24 +02:00
parent 7143fb8c47
commit 697caaab81
2 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
core/postfix/conf/main.cf
View File

@@ -56,13 +56,14 @@ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# The alias map actually returns both aliases and local mailboxes, which is # The alias map actually returns both aliases and local mailboxes, which is
# required for reject_unlisted_sender to work properly # required for reject_unlisted_sender to work properly
virtual_alias_maps = ${podop}alias/domain virtual_alias_domains =
virtual_mailbox_domains = ${podop}mailbox/domain virtual_alias_maps = ${podop}alias
virtual_mailbox_maps = ${podop}mailbox/map virtual_mailbox_domains = ${podop}domain
virtual_mailbox_maps = ${podop}mailbox
# Mails are transported if required, then forwarded to Dovecot for delivery # Mails are transported if required, then forwarded to Dovecot for delivery
relay_domains = ${podop}transport # relay_domains = ${podop}transport
transport_maps = ${podop}transport # transport_maps = ${podop}transport
virtual_transport = lmtp:inet:{{ HOST_LMTP }} virtual_transport = lmtp:inet:{{ HOST_LMTP }}
# In order to prevent Postfix from running DNS query, enforce the use of the # In order to prevent Postfix from running DNS query, enforce the use of the
@@ -82,15 +83,20 @@ smtpd_sender_login_maps = $virtual_alias_maps
# Restrictions for incoming SMTP, other restrictions are applied in master.cf # Restrictions for incoming SMTP, other restrictions are applied in master.cf
smtpd_helo_required = yes smtpd_helo_required = yes
smtpd_recipient_restrictions = smtpd_client_restrictions =
permit_mynetworks, permit_mynetworks,
check_sender_access ${podop}spoofed reject_unauth_destination,
reject_non_fqdn_sender, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_unknown_recipient_domain,
reject_unverified_recipient, reject_unverified_recipient,
permit permit
smtpd_relay_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject
unverified_recipient_reject_reason = Address lookup failure unverified_recipient_reject_reason = Address lookup failure
############### ###############

2
core/postfix/conf/master.cf
View File

@@ -7,7 +7,7 @@ smtp inet n - n - - smtpd
# Internal SMTP service # Internal SMTP service
10025 inet n - n - - smtpd 10025 inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=reject_unlisted_sender,reject_authenticated_sender_login_mismatch,permit -o smtpd_client_restrictions=reject_unlisted_sender,reject_unauth_destination,reject_authenticated_sender_login_mismatch,permit
-o cleanup_service_name=outclean -o cleanup_service_name=outclean
outclean unix n - n - 0 cleanup outclean unix n - n - 0 cleanup
-o header_checks=pcre:/etc/postfix/outclean_header_filter.cf -o header_checks=pcre:/etc/postfix/outclean_header_filter.cf