Re: opinion about my configuration - correct main.cf

Tue, 17 Mar 2009 05:51:48 -0700

On Mar 17, 2009, at 8:29 AM, "Stacker Hush" <stackerh...@gmail.com> wrote: 


Hello to all.

I'm sending again because the first email was truncated.


Show 'postconf -n' output as Charles suggested.
I want some opinion about the SECURITY of my configuration. It's safe to 
having postfix running with this config?

Thanks alot.

Stacker

main.cf
=======
mynetworks = 127.0.0.0/8, 192.0.0.0/8, 10.0.0.0/8, 172.0.0.0/8
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
virtual_maps = hash:/etc/postfix/virtual
smtpd_banner = netserver.domain.com


Do you really not want to support ESMTP?


home_mailbox=
mail_spool_directory = /var/mail
myhostname = netserver.domain.com
mydomain = domain.com
inet_interfaces = all

default_transport=smtp


This is already the default; why redefine it?


defer_transports=hold
transport_maps = hash:/etc/postfix/transport

myorigin = domain.com
mydestination = domain.com

relayhost = mail.domain.com

mailbox_size_limit = 1024000000
message_size_limit = 1024000000
qmgr_message_active_limit = 1024000000
qmgr_message_recipient_limit = 1024000000
#qmgr_message_recipient_minimum = 10

#-------------------AUTH-----------------
smtpd_sasl_path = smtpd
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, 
reject_unauth_destination
smtp_sasl_password_maps = hash:/etc/postfix/saslpass


Consider TLS as well.


#-------------------------------------------------------------------
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
html_directory = no
setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/local/man
daemon_directory = /usr/libexec/postfix
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450


--
Sahil Tandon <sa...@tandon.net>

Reply via email to