postfix-6
94 # Auth process is run as this user.
95 #user = $default_internal_user
96 }
97
Block LINE
116 #inet_interfaces = localhost
164 #mydestination = $myhostname, localhost.$mydomain, localhost
386 #alias_maps = hash:/etc/aliases
397 #alias_database = hash:/etc/aliases
readme_directory = /usr/share/doc/postfix-2.5.1-documentation/readme
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
transport_maps = hash:/etc/postfix/transport
virtual_maps = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_domains = hash:/etc/postfix/virtual
body_checks = regexp:/etc/postfix/body_checks
header_checks = regexp:/etc/postfix/header_checks
#header_checks = pcre:/etc/postfix/header_checks.pcre
#body_checks = pcre:/etc/postfix/body_checks.pcre
OR
#header_checks = pcre:/etc/postfix/whitelist.pcre [whitelist.pcre]
sender_bcc_maps = hash:/etc/postfix/sender_bcc
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
myhostname = mail.worldcm.net
mydomain = worldcm.net
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, $mydomain, mail.worldcm.net, worldcm.net, 103.182.196.218/32, 103.182.196.24/30
mynetworks = 127.0.0.0/8, 192.168.21.0/24,192.168.80.0/24, 275.29.177.8/29, 203.76.247.264/30, 275.29.177.0/30
inet_interfaces = all
home_mailbox = Maildir/
message_size_limit = 40000000
mailbox_size_limit = 2048000000
masquerade_domains = worldcm.net
#always_bcc = bkupmail
smtpd_banner = $myhostname ESMTP
smtp_send_xforward_command = yes
bounce_queue_lifetime = 1d
smtpd_helo_required = yes
disable_vrfy_command = yes
allow_mail_to_files = alias,forward,include
local_recipient_maps = unix:passwd.byname $alias_maps
#content_filter = smtp-amavis:127.0.0.1:10024
#receive_override_options = no_address_mappings
#enable_original_recipient = no
##shakil
smtpd_recipient_limit = 200
default_process_limit = 500
default_destination_concurrency_limit = 500
default_destination_recipient_limit = 100
maximal_queue_lifetime = 1d
queue_run_delay = 120s
maximal_backoff_time = 300s
minimal_backoff_time = 100s
#SASL
#smtpd_sasl_auth_enable = yes
#smtpd_sasl_type = dovecot
#smtpd_sasl_path = private/auth
#smtpd_sasl_security_options = noanonymous
#broken_sasl_auth_clients = yes
#smtpd_sasl_authenticated_header = yes
#SSL
#smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem
#smtpd_tls_key_file = /etc/ssl/private/postfix.pem
#BLOCK OUT_going MAIL
# SMTPD CLIENT RESTRICTIONS
smtpd_client_restrictions =
permit_mynetworks,
# permit_sasl_authenticated,
check_client_access,
hash:/etc/postfix/access,
reject_unauth_pipelining,
permit_inet_interfaces
#SMTPD ETRN RESTRICTIONS
smtpd_etrn_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject
# SMTPD SENDER RESTRICTIONS
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
check_sender_access hash:/etc/postfix/access,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unauthenticated_sender_login_mismatch,
reject_sender_login_mismatch,
reject_unlisted_sender,
reject_unauth_pipelining,
reject_non_fqdn_hostname,
reject_unauth_destination
##### SMTPD RECIPIENT RESTRICTIONS ,
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
check_recipient_access hash:/etc/postfix/access,
check_client_access hash:/etc/postfix/access,
check_sender_access hash:/etc/postfix/access,
reject_unauth_pipelining,
reject_non_fqdn_sender,
reject_unknown_recipient_domain,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unlisted_recipient,
reject_multi_recipient_bounce,
reject_rbl_client bl.spamcop.net,
reject_rhsbl_client rhsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rhsbl_client in.dnsbl.org,
reject_rhsbl_client ex.dnsbl.org,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client dnsbl-1.uceprotect.net,
reject_rbl_client dnsbl-3.uceprotect.net
#check_sender_access hash:/etc/postfix/check_backscatterer,
##14 May 11
mailbox_delivery_lock = flock, dotlock
mbox_read_locks = flock dotlock
mbox_write_locks = flock dotlock
data_directory = /var/lib/postfix
---------------------------------------------------------------------------
#SMTP restriction
smtpd_client_message_rate_limit = 1000
smtpd_client_recipient_rate_limit = 1000
smtpd_client_connection_rate_limit = 1000
smtpd_junk_command_limit = 50
smtpd_policy_service_max_idle = 3600s
smtpd_policy_service_max_ttl = 3600s
--------------------------------------------------------------------
postfix custom Adding Line
#receive_override_options = no_address_mappings [ if duplicate mail come ]
#enable_original_recipient = no [ if duplicate mail come ]
--------------------------------------------------------------------------------
default_destination_recipient_limit = 100
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d
maximal_backoff_time = 300s
minimal_backoff_time = 100s
----------------------------------------------------------------------------------
##shakil
smtpd_recipient_limit = 200
default_process_limit = 500
default_destination_concurrency_limit = 500
default_destination_recipient_limit = 100
maximal_queue_lifetime = 1d
queue_run_delay = 120s
maximal_backoff_time = 300s
minimal_backoff_time = 100s
########################################################################
Configure Postfix To Listen Port 25 and Port 26/456 TCP Port
# vi /etc/postfix/master.cf
Line no: remove #
15 #tlsproxy unix - - n - 0 tlsproxy
16 submission inet n - n - - smtpd
17 # -o syslog_name=postfix/submission
18 # -o smtpd_tls_security_level=encrypt
19 -o smtpd_sasl_auth_enable=yes
20 -o smtpd_reject_unlisted_recipient=no
21 # -o smtpd_client_restrictions=$mua_client_restrictions
22 # -o smtpd_helo_restrictions=$mua_helo_restrictions
23 -o smtpd_sender_restrictions=$mua_sender_restrictions
24 -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
25 # -o milter_macro_daemon_name=ORIGINATING
26 smtps inet n - n - - smtpd
27 # -o syslog_name=postfix/smtps
28 # -o smtpd_tls_wrappermode=yes
29 -o smtpd_sasl_auth_enable=yes
30 -o smtpd_reject_unlisted_recipient=no
31 # -o smtpd_client_restrictions=$mua_client_restrictions
32 # -o smtpd_helo_restrictions=$mua_helo_restrictions
33 # -o smtpd_sender_restrictions=$mua_sender_restrictions
34 -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
35 # -o milter_macro_daemon_name=ORIGINATING
36 #628 inet n - n - - qmqpd
-----------OR------
### add this line below under ###
smtp inet n - n - - smtpd [ line 11 ]
465 inet n - n - - smtpd
#postfix reload
#postmap master.cf
#postmap main.cf
#service postfix restart
------------------------------------------------------------
Tuning the number of Postfix processes
/etc/postfix/master.cf: # ==================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ==================================================================== . . . smtp inet n - - - 10 smtpd
--------------------------------------------------------------
smtpd_recipient_limit = 300
default_process_limit = 300
default_destination_concurrency_limit = 200
---------------------------------------------------------------------------------------------
Comments from Brad Knowles
default_destination_concurrency_limit=50 default_destination_recipient_limit=50 default_process_limit=200 smtp_mx_session_limit=100 smtpd_client_connection_count_limit=100 smtp_destination_concurrency_limit=100 maximal_backoff_time = 1000s minimal_backoff_time = 300s
#######################################################################
# yum -y install cyrus-sasl
SASL Conf Dovicote
# vi /etc/dovecot/conf.d/10-master.conf
75 service auth {
76 # auth_socket_path points to this userdb socket by default. It's typically
77 # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
78 # permissions make it readable only by root, but you may need to relax these
79 # permissions. Users that have access to this socket are able to get a list
80 # of all usernames and get results of everyone's userdb lookups.
81 unix_listener auth-userdb {
82 #mode = 0600
83 #user =
84 #group =
85 }
86
87 # Postfix smtp-auth
88 unix_listener /var/spool/postfix/private/auth {
89 mode = 0666
90 user = postfix
91 group = postfix
92 }
93
------------------------- X -----------------------------------
# vi /etc/dovecot/conf.d/10-auth.conf
97 auth_mechanisms = plain login
---------------------------------------------------------------------------------------------------------
Pls check
# vi /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
###############################################################################