main,cf

---

##-------------------------------------------

myhostname = mail.worldcm.net
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps =        proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps =        proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crtsmtpd_tls_key_file = /etc/pki/tls/certs/localhost.keysmtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yes
mynetworks = 127.0.0.0/8, [::1]/128virtual_transport = lmtp:unix:private/dovecot-lmtp

-------------------------------------------------------------XXX-----------------------------------------

  -----------------####  BEST ####-----------------

# This parameter is obsolete as of Postfix 2.1.#sample_directory = /usr/share/doc/postfix-2.10.1/samples# readme_directory: The location of the Postfix README files.#readme_directory = /usr/share/doc/postfix-2.10.1/README_FILESmyhostname = mail.worldcm.net
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps =       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps =       proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crtsmtpd_tls_key_file = /etc/pki/tls/certs/server.keysmtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scachesmtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yes
mynetworks = 127.0.0.0/8, [::1]/128virtual_transport = lmtp:unix:private/dovecot-lmtp
bounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yessmtpd_banner = $myhostname ESMTP
#receive_override_options = no_address_mappings#enable_original_recipient = no     #[duplicate e-mails]
smtpd_delay_reject = yes
#SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions =        permit_mynetworks,        check_client_access hash:/etc/postfix/access,        reject_unauth_pipelining,        permit_inet_interfaces
#SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions =        permit_mynetworks,        permit_sasl_authenticated,        reject
# SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions =        permit_mynetworks,        permit_sasl_authenticated,        check_sender_access hash:/etc/postfix/access,        reject_non_fqdn_sender,        reject_unknown_sender_domain,       reject_unauthenticated_sender_login_mismatch,        reject_sender_login_mismatch,        reject_unlisted_sender,        reject_unauth_pipelining,        reject_non_fqdn_hostname,        reject_unauth_destination
######Faruqsmtpd_helo_restrictions = permit_mynetworks,     permit_sasl_authenticated,     reject_non_fqdn_hostname,     reject_invalid_hostname,     permit
##### SMTPD RECIPIENT RESTRICTIONS ,smtpd_recipient_restrictions =        permit_mynetworks,        permit_sasl_authenticated,        reject_unauth_destination,        reject_invalid_hostname,        check_recipient_access hash:/etc/postfix/access,        check_client_access hash:/etc/postfix/access,        check_sender_access hash:/etc/postfix/access,        reject_unauth_pipelining,        reject_non_fqdn_sender,        reject_unknown_recipient_domain,        reject_non_fqdn_recipient,        reject_unknown_sender_domain,        reject_unlisted_recipient,        reject_multi_recipient_bounce,    reject_rhsbl_client rhsbl.sorbs.net,    reject_rbl_client dnsbl.sorbs.net,    reject_rbl_client cbl.abuseat.org,    reject_rhsbl_client in.dnsbl.org,    reject_rhsbl_client ex.dnsbl.org,    reject_rbl_client bl.spamcop.net,    reject_rbl_client zen.spamhaus.org,    reject_rbl_client sbl-xbl.spamhaus.org,    reject_rbl_client b.barracudacentral.org,    reject_rbl_client dsn.rfc-ignorant.org,    reject_rbl_client dnsbl-1.uceprotect.net,    reject_rbl_client dnsbl-3.uceprotect.net
body_checks = regexp:/etc/postfix/body_checksheader_checks = regexp:/etc/postfix/header_checksmime_header_checks = regexp:/etc/postfix/block_attachmentssender_bcc_maps = hash:/etc/postfix/sender_bccrecipient_bcc_maps = hash:/etc/postfix/recipient_bccmessage_size_limit   = 51200000# always_bcc = allmail@worldcm.net

##----------------------------------------------myhostname = mail.worldcm.net
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cfvirtual_alias_maps =        proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cfvirtual_mailbox_maps =        proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf,       proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf# virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf
smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crtsmtpd_tls_key_file = /etc/pki/tls/certs/localhost.keysmtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yesmynetworks = 127.0.0.0/8, [::1]/128virtual_transport = lmtp:unix:private/dovecot-lmtp                 ----------------bounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yes
#receive_override_options = no_address_mappings           #enable_original_recipient = no
#SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions =        permit_mynetworks,#       permit_sasl_authenticated,        check_client_access hash:/etc/postfix/access,        reject_unauth_pipelining,        permit_inet_interfaces
#SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions =        permit_mynetworks,        permit_sasl_authenticated,        reject
# SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions =        permit_mynetworks,        permit_sasl_authenticated,        check_sender_access hash:/etc/postfix/access,        reject_non_fqdn_sender,        reject_unknown_sender_domain,        reject_sender_login_mismatch,          reject_unlisted_sender,        reject_unauth_pipelining,        reject_non_fqdn_hostname,        reject_unauth_destination
######Faruqsmtpd_helo_restrictions = permit_mynetworks,     permit_sasl_authenticated,     reject_non_fqdn_hostname,     reject_invalid_hostname,     permit
##### SMTPD RECIPIENT RESTRICTIONS , smtpd_recipient_restrictions =        permit_mynetworks,        permit_sasl_authenticated,        reject_unauth_destination,        reject_invalid_hostname,        check_recipient_access hash:/etc/postfix/access,        check_client_access hash:/etc/postfix/access,        check_sender_access hash:/etc/postfix/access,        reject_unauth_pipelining,        reject_non_fqdn_sender,        reject_unknown_recipient_domain,        reject_non_fqdn_recipient, #     reject_non_fqdn_hostname,        reject_unknown_sender_domain,        reject_unlisted_recipient,        reject_multi_recipient_bounce,    reject_rhsbl_client rhsbl.sorbs.net,    reject_rbl_client dnsbl.sorbs.net,    reject_rbl_client cbl.abuseat.org,    reject_rhsbl_client in.dnsbl.org,    reject_rhsbl_client ex.dnsbl.org,    reject_rbl_client bl.spamcop.net,    reject_rbl_client zen.spamhaus.org,    reject_rbl_client sbl-xbl.spamhaus.org,    reject_rbl_client b.barracudacentral.org,    reject_rbl_client dsn.rfc-ignorant.org,    reject_rbl_client dnsbl-1.uceprotect.net,    reject_rbl_client dnsbl-3.uceprotect.net
 message_size_limit = 0 #alias_database = hash:/etc/postfix/aliases #alias_maps = hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/block_attachments sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bccalways_bcc = allmail@worldcm.netmessage_size_limit   = 51200000mailbox_size_limit   = 102400000

###################################################---X--###########################################################

Postfix Main Configuration

We only need to make some minor adjustments to /etc/postfix/main.cf:

myhostname = mail.example.orgmyorigin = $myhostnameinet_interfaces = allmynetworks = 127.0.0.0/24 [::ffff:127.0.0.0]/104 [::1]/128alias_maps = hash:/etc/aliasesalias_database = hash:/etc/aliasesheader_checks = regexp:/etc/postfix/header_checksmime_header_checks = regexp:/etc/postfix/header_checkssmtpd_banner = $myhostname ESMTP $mail_namebiff = noappend_dot_mydomain = no

The Dovecot authentication section will remain the same as in my previous guide too

smtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yesbroken_sasl_auth_clients = nosmtpd_sasl_security_options = noanonymoussmtpd_sasl_local_domain =smtpd_sasl_authenticated_header = yes

------