main,cf
---
##-------------------------------------------
myhostname = mail.worldcm.netvirtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crtsmtpd_tls_key_file = /etc/pki/tls/certs/localhost.keysmtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yes
mynetworks = 127.0.0.0/8, [::1]/128virtual_transport = lmtp:unix:private/dovecot-lmtp
-------------------------------------------------------------XXX-----------------------------------------
-----------------#### BEST ####-----------------
# This parameter is obsolete as of Postfix 2.1.#sample_directory = /usr/share/doc/postfix-2.10.1/samples# readme_directory: The location of the Postfix README files.#readme_directory = /usr/share/doc/postfix-2.10.1/README_FILESmyhostname = mail.worldcm.netvirtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crtsmtpd_tls_key_file = /etc/pki/tls/certs/server.keysmtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scachesmtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yes
mynetworks = 127.0.0.0/8, [::1]/128virtual_transport = lmtp:unix:private/dovecot-lmtp
bounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yessmtpd_banner = $myhostname ESMTP
#receive_override_options = no_address_mappings#enable_original_recipient = no #[duplicate e-mails]
smtpd_delay_reject = yes
#SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/access, reject_unauth_pipelining, permit_inet_interfaces
#SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
# SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauthenticated_sender_login_mismatch, reject_sender_login_mismatch, reject_unlisted_sender, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unauth_destination
######Faruqsmtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit
##### SMTPD RECIPIENT RESTRICTIONS ,smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, check_recipient_access hash:/etc/postfix/access, check_client_access hash:/etc/postfix/access, check_sender_access hash:/etc/postfix/access, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unlisted_recipient, reject_multi_recipient_bounce, reject_rhsbl_client rhsbl.sorbs.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rhsbl_client in.dnsbl.org, reject_rhsbl_client ex.dnsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client dnsbl-3.uceprotect.net
body_checks = regexp:/etc/postfix/body_checksheader_checks = regexp:/etc/postfix/header_checksmime_header_checks = regexp:/etc/postfix/block_attachmentssender_bcc_maps = hash:/etc/postfix/sender_bccrecipient_bcc_maps = hash:/etc/postfix/recipient_bccmessage_size_limit = 51200000# always_bcc = allmail@worldcm.net
##----------------------------------------------myhostname = mail.worldcm.net
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cfvirtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cfvirtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf# virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf
smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crtsmtpd_tls_key_file = /etc/pki/tls/certs/localhost.keysmtpd_use_tls = yessmtpd_tls_auth_only = yessmtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yesmynetworks = 127.0.0.0/8, [::1]/128virtual_transport = lmtp:unix:private/dovecot-lmtp ----------------bounce_queue_lifetime = 1dsmtpd_helo_required = yesdisable_vrfy_command = yes
#receive_override_options = no_address_mappings #enable_original_recipient = no
#SMTPD CLIENT RESTRICTIONSsmtpd_client_restrictions = permit_mynetworks,# permit_sasl_authenticated, check_client_access hash:/etc/postfix/access, reject_unauth_pipelining, permit_inet_interfaces
#SMTPD ETRN RESTRICTIONSsmtpd_etrn_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
# SMTPD SENDER RESTRICTIONSsmtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_sender_login_mismatch, reject_unlisted_sender, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unauth_destination
######Faruqsmtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit
##### SMTPD RECIPIENT RESTRICTIONS , smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, check_recipient_access hash:/etc/postfix/access, check_client_access hash:/etc/postfix/access, check_sender_access hash:/etc/postfix/access, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_non_fqdn_recipient, # reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_unlisted_recipient, reject_multi_recipient_bounce, reject_rhsbl_client rhsbl.sorbs.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rhsbl_client in.dnsbl.org, reject_rhsbl_client ex.dnsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client dnsbl-3.uceprotect.net
message_size_limit = 0 #alias_database = hash:/etc/postfix/aliases #alias_maps = hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/block_attachments sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bccalways_bcc = allmail@worldcm.netmessage_size_limit = 51200000mailbox_size_limit = 102400000
###################################################---X--###########################################################
Postfix Main Configuration
We only need to make some minor adjustments to /etc/postfix/main.cf:
myhostname = mail.example.orgmyorigin = $myhostnameinet_interfaces = allmynetworks = 127.0.0.0/24 [::ffff:127.0.0.0]/104 [::1]/128alias_maps = hash:/etc/aliasesalias_database = hash:/etc/aliasesheader_checks = regexp:/etc/postfix/header_checksmime_header_checks = regexp:/etc/postfix/header_checkssmtpd_banner = $myhostname ESMTP $mail_namebiff = noappend_dot_mydomain = no
The Dovecot authentication section will remain the same as in my previous guide too
smtpd_sasl_type = dovecotsmtpd_sasl_path = private/authsmtpd_sasl_auth_enable = yesbroken_sasl_auth_clients = nosmtpd_sasl_security_options = noanonymoussmtpd_sasl_local_domain =smtpd_sasl_authenticated_header = yes
------