been a while here's my config. Moved to a new box and still getting
timeouts from my 65.113.124.0 and 65.113.125.0 block.
# install time configuration options,
#
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no
# this is required
config_directory = /etc/postfix
# postfix run-time options
#
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
# host identification
#
myhostname = imgate1.cshore.com
mydomain = cshore.com
# queue shaping
#
#maximal_queue_lifetime = 7200s
maximal_queue_lifetime = 1h
in_flow_delay = 1s
# added by andrew 3/11/05
#bounce_queue_lifetime = 7200s
bounce_queue_lifetime = 15m
bounce_size_limit = 5000
header_size_limit = 2048
# relay and transport controls
#
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8, $config_directory/maps/mynetworks.list
transport_maps = hash:$config_directory/maps/transport.map,
# UNCOMMENT THE FOLLOWING TO ACT AS CUDA BACKUP
# hash:$config_directory/maps/cuda_transport.map
# standard stuff
hash:$config_directory/maps/domain_nospam_transport.map
hash:$config_directory/maps/etrn_domains.map
relay_domains = $mydestination,
permit_mynetworks,
# UNCOMMENT THE FOLLOWING TO ACT AS CUDA BACKUP
# hash:$config_directory/maps/cuda_relay.map
# standard stuff, leave cuda at top
hash:$config_directory/maps/relay_domains.map,
hash:$config_directory/maps/domain_nospam_relay.map
hash:$config_directory/maps/mailhost_relay_domains.map
virtual_alias_maps = hash:$config_directory/maps/mailhost_rcpt_alias.map
#local_recipient_maps = unix:passwd.byname $alias_maps
unknown_local_recipient_reject_code = 550
defer_transports = hold
alias_maps = hash:/etc/aliases
# smtpd options
#
smtpd_hard_limit = 2
smtpd_timeout = 300s
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
# tweak data timeouts
# smtp_data_done_timeout = 600s
# smtp_data_init_timeout = 120s
# smtp_data_xfer_timeout = 180s
# rem out the line below to turn of smpt auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_client_restrictions =
hash:$config_directory/maps/helo_hostnames_mynames.map
hash:$config_directory/maps/to_recipients.map
permit_mynetworks
permit_sasl_authenticated
hash:$config_directory/maps/mta_clients_unkn_users.map
reject_rbl_client sbl.spamhaus.org
reject_rbl_client list.dsbl.org
reject_rbl_client dnsbl.njabl.org
reject_rbl_client opm.blitzed.org
reject_rbl_client korea.services.net
reject_rbl_client relays.ordb.org
check_client_access hash:$config_directory/maps/mta_clients.map,
permit
smtpd_sender_restrictions =
hash:$config_directory/maps/to_recipients.map
reject_non_fqdn_sender
reject_unknown_sender_domain
permit_mynetworks
permit_sasl_authenticated
check_sender_access hash:$config_directory/maps/from_senders.map
check_sender_access
hash:$config_directory/maps/mta_clients_bw.map
check_sender_access
hash:$config_directory/maps/from_senders_bogus.map
permit
smtpd_recipient_restrictions =
hash:$config_directory/maps/to_recipients.map
hash:$config_directory/maps/to_recipients_bad.map
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
reject_invalid_hostname
reject_unauth_pipelining
reject_non_fqdn_sender
reject_unknown_sender_domain
reject_non_fqdn_recipient
reject_unknown_recipient_domain
check_client_access hash:$config_directory/maps/mta_clients.map,
permit
policy_time_limit=30
# SASL SMTP auth options
#
# appended to messages without an '@domain.xxx'
myorigin = $myhostname
append_at_myorigin = yes
# interfaces to accept mail on
#
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#
# content checks
#
header_checks = regexp:$config_directory/maps/header_filter.regexp
#body_checks = regexp:$config_directory/maps/body_filter.regexp
# cshore tweaks
#
double_bounce_sender = double-bounce
bounce_notice_recipient = [EMAIL PROTECTED]
delay_notice_recipient = [EMAIL PROTECTED]
error_notice_recipient = [EMAIL PROTECTED]
empty_address_recipient = MAILER-DAEMON
#recipient_delimiter = +
mail_spool_directory = /var/mail
#header_checks = regexp:/usr/local/etc/postfix/header_checks
# ETRN related
#fast_flush_domains = $relay_domains
fast_flush_domains = gaussian.com
smtpd_banner = $myhostname ESMTP
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 50
smtp_destination_concurrency_limit = 50
# DEBUGGING CONTROL
#
# The debug_peer_level parameter specifies the increment in verbose
# logging level when an SMTP client or server host name or address
# matches a pattern in the debug_peer_list parameter.
#
#debug_peer_level = 2
#debug_peer_list = 127.0.0.1
#debug_peer_list = some.domain
#soft_bounce = no
#content_filter = amavis:[63.237.136.41]:10024
--
Andrew P. Kaplan
www.cshore.com
"If you think you're too small to make a difference, try going to bed
with a mosquito in the room"
- African proverb
