On Mar 17, 2009, at 8:29 AM, "Stacker Hush" <stackerh...@gmail.com>
wrote:
Hello to all.
I'm sending again because the first email was truncated.
Show 'postconf -n' output as Charles suggested.
I want some opinion about the SECURITY of my configuration. It's
safe to
having postfix running with this config?
Thanks alot.
Stacker
main.cf
=======
mynetworks = 127.0.0.0/8, 192.0.0.0/8, 10.0.0.0/8, 172.0.0.0/8
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
virtual_maps = hash:/etc/postfix/virtual
smtpd_banner = netserver.domain.com
Do you really not want to support ESMTP?
home_mailbox=
mail_spool_directory = /var/mail
myhostname = netserver.domain.com
mydomain = domain.com
inet_interfaces = all
default_transport=smtp
This is already the default; why redefine it?
defer_transports=hold
transport_maps = hash:/etc/postfix/transport
myorigin = domain.com
mydestination = domain.com
relayhost = mail.domain.com
mailbox_size_limit = 1024000000
message_size_limit = 1024000000
qmgr_message_active_limit = 1024000000
qmgr_message_recipient_limit = 1024000000
#qmgr_message_recipient_minimum = 10
#-------------------AUTH-----------------
smtpd_sasl_path = smtpd
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
Consider TLS as well.
#-------------------------------------------------------------------
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
html_directory = no
setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/local/man
daemon_directory = /usr/libexec/postfix
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450
--
Sahil Tandon <sa...@tandon.net>