blob: 50ca5101089e0fd8325225d3e9435c966fbf9582 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
daemon_smtp_port = 11025 : 11465
tls_on_connect_ports = 11465
# tls_advertise_hosts =
tls_advertise_hosts = *
tls_certificate = /var/www/shared/letsencrypt/live/smtp.randomdan.homeip.net/fullchain.pem
tls_privatekey = /var/www/shared/letsencrypt/live/smtp.randomdan.homeip.net/privkey.pem
domainlist local_domains = @ : randomdan.homeip.net : random.lan
hostlist relay_from_hosts = 127.0.0.1 : 10.10.0.0/16
hosts_proxy = <;10.10.0.0/16; fdc7:602:e9c5:b8f0::/16
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_scan
acl_smtp_expn = accept
acl_smtp_vrfy = accept
qualify_domain = randomdan.homeip.net
never_users = root
host_lookup = 10.10.0.0/16
sender_unqualified_hosts = 10.10.0.0/16
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
auto_thaw = 1h
rfc1413_query_timeout = 0s
spamd_address = 10.10.0.2 783 : 10.10.0.3 783
ldap_default_servers = auth1 : auth2
av_scanner = clamd:/run/clamav/clamd.ctl
begin acl
acl_check_rcpt:
accept hosts = :
deny local_parts = ^.*[@%!/|]
accept local_parts = postmaster
domains = +local_domains
accept domains = +local_domains
endpass
message = Unknown user
verify = recipient
accept hosts = +relay_from_hosts
deny message = relay not permitted
acl_check_scan:
deny message = This message contains malware ($malware_name)
malware = */defer_ok
deny message = This message is spam ($spam_score)
spam = nobody
condition = ${if > {$spam_score_int}{30}{1}{0}}
warn message = X-Spam-Score: $spam_score ($spam_bar)
spam = nobody:true
warn message = X-Spam-Report: $spam_report
spam = nobody:true
accept
begin routers
passontoisp:
driver = manualroute
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 127.0.0.0/8
route_list = * relay.plus.net
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup ldap {ldap:///ou=Aliases,dc=random,dc=lan?userid?one?organizationalUnitName=${quote_ldap:$local_part}}}
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
check_local_user
file = $home/.forward
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
localuser:
driver = accept
check_local_user
transport = local_delivery
begin transports
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
directory = /$home/.maildir
delivery_date_add
envelope_to_add
return_path_add
maildir_format
address_pipe:
driver = pipe
return_output
address_reply:
driver = autoreply
begin retry
* * F,4h,10m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
|
