diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2018-12-03 03:18:56 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2018-12-03 03:43:41 +0100 |
| commit | dcdb8cd6b1b525fc8eacd509586da3396c068251 (patch) | |
| tree | 0ea6c49af37faf4b8b33b366506aedbf374a5968 /roles/MX/templates/etc/postfix/main.cf.j2 | |
| parent | 78a300a2430cb2652c7839cd35400cc22122c798 (diff) | |
Postfix: replace cdb & btree tables with lmdb ones.
Cf. lmdb_table(5).
Diffstat (limited to 'roles/MX/templates/etc/postfix/main.cf.j2')
| -rw-r--r-- | roles/MX/templates/etc/postfix/main.cf.j2 | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index e5792c4..8362d57 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -28,51 +28,51 @@ multi_instance_enable = yes # No local delivery mydestination = local_transport = error:5.1.1 Mailbox unavailable alias_maps = alias_database = local_recipient_maps = message_size_limit = 67108864 recipient_delimiter = + # Forward everything to our internal outgoing proxy relayhost = [{{ postfix_instance.out.addr | ipaddr }}]:{{ postfix_instance.out.port }} relay_domains = # Virtual transport # We use a dedicated "virtual" domain to decongestion potential # bottlenecks on trivial_rewrite(8) due to slow LDAP lookups in # tranport_maps. virtual_transport = error:5.1.1 Virtual transport unavailable -virtual_alias_domains = !cdb:$config_directory/virtual/transport +virtual_alias_domains = !lmdb:$config_directory/virtual/transport ldap:$config_directory/virtual/domains.cf virtual_alias_maps = pcre:$config_directory/virtual/reserved_alias.pcre # unless there is a matching user/alias/list... ldap:$config_directory/virtual/mailbox.cf ldap:$config_directory/virtual/alias.cf ldap:$config_directory/virtual/list.cf # ...we resolve alias domains and catch alls ldap:$config_directory/virtual/alias_domains.cf ldap:$config_directory/virtual/catchall.cf -transport_maps = cdb:$config_directory/virtual/transport +transport_maps = lmdb:$config_directory/virtual/transport # Don't rewrite remote headers local_header_rewrite_clients = # Pass the client information along to the content filter smtp_send_xforward_command = yes # Avoid splitting the envelope and scanning messages multiple times smtp_destination_recipient_limit = 1000 reserved-alias_destination_recipient_limit = 1 # Tolerate occasional high latency smtp_data_done_timeout = 1200s smtp_tls_security_level = none smtpd_tls_security_level = may smtpd_tls_ciphers = medium smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_cert_file = $config_directory/ssl/mx.fripost.org.pem smtpd_tls_key_file = $config_directory/ssl/mx.fripost.org.key smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem @@ -85,40 +85,41 @@ smtpd_tls_received_header = yes # http://www.howtoforge.com/block_spam_at_mta_level_postfix strict_rfc821_envelopes = yes smtpd_delay_reject = yes disable_vrfy_command = yes # UCE control invalid_hostname_reject_code = 554 multi_recipient_bounce_reject_code = 554 non_fqdn_reject_code = 554 relay_domains_reject_code = 554 unknown_local_recipient_reject_code = 554 unknown_relay_recipient_reject_code = 554 unknown_virtual_alias_reject_code = 554 unknown_virtual_mailbox_reject_code = 554 postscreen_access_list = permit_mynetworks cidr:$config_directory/access-list.cidr postscreen_dnsbl_whitelist_threshold = -1 +postscreen_cache_map = lmdb:$data_directory/postscreen_cache postscreen_blacklist_action = drop postscreen_dnsbl_threshold = 8 postscreen_dnsbl_action = enforce postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[10;11]*8 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3 #swl.spamhaus.org*-4 b.barracudacentral.org=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5 bl.mailspike.net=127.0.0.[10..12]*4 wl.mailspike.net=127.0.0.[18..20]*-2 bl.spameatingmonkey.net=127.0.0.2*4 bl.spamcop.net=127.0.0.2*2 dnsbl.sorbs.net=127.0.0.10*8 dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3 dnsbl.sorbs.net=127.0.0.8*2 |