Sorry Aslan, I've not seen "where" word; my complete main.cf is:

#  about names
mydomain = opengea.org
myhostname = mail.opengea.org
myorigin = $myhostname

# basics
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
mail_name = Intergrid MailServer
smtpd_banner = $myhostname ESMTP $mail_name

# space limits
message_size_limit = 0
mailbox_size_limit = 0

# connectivity
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8, 192.168.1.0/24
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/

# virtual users
virtual_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
relays_domains = mysql:/etc/postfix/mysql_relay_domains_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_gid_maps = static:4444
virtual_minimum_uid = 4444
virtual_uid_maps = static:4444
virtual_transport = virtual
virtual_mailbox_limit = 0

# restictions
smtpd_recipient_restrictions =
             permit_sasl_authenticated, #if you use sasl
             permit_mynetworks,
             reject_unauth_destination,
             check_policy_service inet:127.0.0.1:10031,
             permit
smtpd_recipient_limit = 10
smtpd_helo_restrictions = reject_invalid_hostname
strict_rfc821_envelopes = yes

# SPAM controls
maps_rbl_domains =
         sbl-xbl.spamhaus.org
         proxies.relays.monkeys.com
         opm.blitzed.org
         blackholes.wirehub.net
         list.dsbl.org
         rbl.dns-servicios.com
smtpd_client_restrictions = reject_maps_rbl
smtpd_client_restrictions = permit_mynetworks,reject_unknown_client
disable_vrfy_command = yes

# auth
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/private-key.pem
smtpd_tls_cert_file = /etc/postfix/ssl/ca-certificate.pem
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

# SASL authentication
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options=noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks, 
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_authenticated_header = yes
smtpd_delay_reject = yes
broken_sasl_auth_clients = yes

# filter content
content_filter=smtp-amavis:127.0.0.1:10024

# tunning
default_process_limit = 500
smtpd_error_sleep_time = 0
in_flow_delay = 0

# mailman
recipient_delimiter=+

-- 
Thanks,
Jordi Espasa Clofent

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users

Reply via email to