From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mithraen@altlinux.ru>
Date: Wed, 7 Nov 2007 09:33:49 +0300
From: =?koi8-r?B?5MXOydMg883J0s7P1w==?= <mithraen@altlinux.ru>
To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
Message-ID: <20071107063349.GB10978@mw.local.seiros.ru>
References: <20071105011116.GA29277@mw.local.seiros.ru>
	<20071105135411.GA6014@basalt.office.altlinux.org>
	<20071106034021.GB7536@mw.local.seiros.ru>
	<20071106154417.GB6203@basalt.office.altlinux.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="TiqCXmo5T1hvSQQg"
Content-Disposition: inline
In-Reply-To: <20071106154417.GB6203@basalt.office.altlinux.org>
Subject: Re: [Sysadmins] postfix
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Nov 2007 06:33:50 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/20071107063349.GB10978@mw.local.seiros.ru/>
List-Archive: <http://lore.altlinux.org/sysadmins/>


--TiqCXmo5T1hvSQQg
Content-Type: multipart/mixed; boundary="7iMSBzlTiPOCCT2k"
Content-Disposition: inline


--7iMSBzlTiPOCCT2k
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 06, 2007 at 06:44:17PM +0300, Dmitry V. Levin wrote:

> >>> 1. =C4=CF=D3=D4=C1=CC =D3=D0=C1=CD, =CB=CF=D4=CF=D2=D9=CA =C9=C4=C5=
=D4 =D1=CB=CF=C2=D9 =CF=D4 =C1=C4=D2=C5=D3=CF=D7 =CE=C1=DB=C9=C8 =D6=C5 =C4=
=CF=CD=C5=CE=CF=D7. =F4=C9=D0=C1
> >>> abc@seiros.ru, =D0=D2=C9 =D4=CF=CD =DE=D4=CF =D4=C1=CB=CF=C7=CF =C1=
=CB=CB=C1=D5=CE=D4=C1 =CE=C5=D4. =EB=C1=CB =DA=C1=D0=D2=C5=D4=C9=D4=D8 =C4=
=CF=D3=D4=C1=D7=CB=D5 =D3
> >>> from =C9=DA =CE=C1=DB=C5=C7=CF =C4=CF=CD=C5=CE=C1 =C2=C5=DA =C1=D7=D4=
=CF=D2=C9=DA=C1=C3=C9=C9?
>> =E1 reject_unlisted_sender =C4=CC=D1 =C9=CD=C5=CE=CE=CF =DC=D4=CF=CA =DA=
=C1=C4=C1=DE=C9 =CE=C5 =DB=D5=D3=D4=D2=C5=C5 =C2=D5=C4=C5=D4? =F3=C1=CD =D3
>> =D3=CF=C2=CF=CA =CB=CF=CE=CE=C5=CB=D4=C9=D4=D8=D3=D1 =C4=CC=D1 =D0=D2=CF=
=D7=C5=D2=CB=C9 =DC=D4=CF =D3=D4=D2=C1=CE=CE=CF.
DVL> =E2=D9=D3=D4=D2=C5=C5.  =EE=CF =C4=CF=D7=CF=CC=D8=CE=CF =D3=CB=CF=D2=
=CF =D4=C5=C2=C5 =DC=D4=CF=C7=CF =C2=D5=C4=C5=D4 =CD=C1=CC=CF.

=F7 =D3=CD=D9=D3=CC=C5 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8 =DC=D4=CF =D0=
=C1=D2=C1=CC=CC=C5=CC=D8=CE=CF =D3 sender verify =C9=CD=C5=C5=D4 =D3=CD=D9=
=D3=CC?

>> =F1 =D0=D2=C1=D7=C9=CC=D8=CE=CF =D0=CF=CE=CD=C9=C1=C0, =DE=D4=CF =D0=D2=
=C9=C8=CF=C4=D1=DD=C5=C5 =CC=CF=CB=C1=CC=D8=CE=CF =DE=C5=D2=C5=DA smtpd_*_r=
estrictions
>> =CE=C9=CB=C1=CB=C9=C5 =C9 =CE=C9 =CB=CF=C9=CD =CF=C2=D2=C1=DA=CF=CD =D0=
=D2=CF=D7=C5=D2=D1=D4=D8=D3=D1 =CE=C5 =CD=CF=D6=C5=D4, =D0=CF=DC=D4=CF=CD=
=D5 =C5=D3=CC=C9 =D1 =D3=C4=C5=CC=C1=CC
>> =DA=C1=D0=D2=C5=D4 =CE=C1 =D0=D2=C9=C5=CD =D0=CF=DE=D4=D9 =C4=CC=D1 =C4=
=C1=CE=CE=CF=C7=CF =C1=C4=D2=C5=D3=C1, =DC=D4=CF =CE=C5 =D0=CF=CD=C5=DB=C1=
=C5=D4 =CD=CE=C5 =CF=D4=D0=D2=C1=D7=CC=D1=D4=D8
>> =DC=D4=D5 =D0=CF=DE=D4=D5 =CC=CF=CB=C1=CC=D8=CE=CF?
DVL> =F7 =CF=C2=C8=CF=C4 smtpd, =CB=CF=CE=C5=DE=CE=CF, =CE=C5 =D0=CF=CD=C5=
=DB=C1=C5=D4.

=F0=CF=CE=D1=CC, =D3=D0=C1=D3=C9=C2=CF.

=F1 =D0=D2=C9=C1=D4=D4=C1=DE=C9=CC =D3=D7=CF=CA =CB=CF=CE=C6=C9=C7 -- =D7 =
=CE=D9=CE=C5=DB=C5=CD =D7=C9=C4=C5 =CF=CE =D0=CF =D3=D2=C1=D7=CE=C5=CE=C9=
=C0 =D3 =D7=C1=D2=C9=C1=CE=D4=CF=CD =C2=C5=DA
sender verify =C9 =C7=D2=C5=CA=CC=C9=D3=D4=C9=CE=C7=C1  =D5=CD=C5=CE=D8=DB=
=C9=CC =CB=CF=CC=C9=DE=C5=D3=D4=D7=CF =D3=D0=C1=CD=C1 =D7 =CD=CF=CA =C1=C4=
=D2=C5=D3 =CE=C1 =C4=D7=C1
=D0=CF=D2=D1=C4=CB=C1. =FA=C1=CF=C4=CE=CF smtpd_sender_login_maps =C4=CF=C2=
=C1=D7=C9=CC, =DE=D4=CF=C2=D9 =D0=C1=D2=C1=CE=CF=D1 =D3=D0=C1=CC=C1
=D3=D0=CF=CB=CF=CA=CE=CF.

=FE=D4=CF =D4=C1=CD =CD=CF=D6=CE=CF =C2=D9=CC=CF =C2=D9 =C5=DD=C5 =D5=CC=D5=
=DE=DB=C9=D4=D8 =D7 =D0=CC=C1=CE=C5 =C2=C5=DA=CF=D0=C1=D3=CE=CF=D3=D4=C9?

--=20
=F3 =D5=D7=C1=D6=C5=CE=C9=C5=CD, =E4=C5=CE=C9=D3

http://freesource.info
----------------------------------------------------------------------------
=E2=C5=DA =C8=CF=D2=CF=DB=CF =DA=C1=CB=D2=D5=DE=C5=CE=CE=D9=C8 =C7=C1=C5=CB=
 =CE=D9=CE=DE=C5 =CE=C9=CB=C1=CB =CE=C5=CC=D8=DA=D1.
		-- ldv in devel-kernel@

--7iMSBzlTiPOCCT2k
Content-Type: text/plain; charset=koi8-r
Content-Disposition: attachment; filename="main.cf"
Content-Transfer-Encoding: quoted-printable

soft_bounce=3Dyes
default_database_type =3D cdb

smtpd_sender_login_maps =3D cdb:/etc/postfix/virtual

smtpd_restriction_classes =3D pass_postmaster

# get mail for abuse@ and postmaster@ after greylisting
pass_postmaster =3D permit_mynetworks,=20
    permit_sasl_authenticated,
    reject_unauth_destination,
    check_policy_service inet:127.0.0.1:2501,
    permit
				=20
#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
#			=EF=C2=DD=C5=D3=C9=D3=D4=C5=CD=CE=D9=C5 =CF=C7=D2=C1=CE=C9=DE=C5=CE=C9=
=D1
#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
# 100Mb -- =CD=C1=CB=D3=C9=CD=C1=CC=D8=CE=D9=CA =D2=C1=DA=CD=C5=D2 =D3=CF=
=CF=C2=DD=C5=CE=C9=D1
message_size_limit =3D 100000000
virtual_mailbox_limit =3D 1024000000=09
mailbox_size_limit =3D 1024000000=09

#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
#				TLS
#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
# =E5=D3=CC=C9 =CB=CC=C9=C5=CE=D4=D9 =D0=CF=C4=C4=C5=D2=D6=C9=D7=C1=C0=D4 T=
LS -- =CD=D9 =C9=D3=D0=CF=CC=D8=DA=D5=C5=CD TLS, =C5=D3=CC=C9 =CE=C5=D4, =
=D4=CF =D0=CF=DA=D7=CF=CC=D1=C5=CD
# =D2=C1=C2=CF=D4=C1=D4=D8 =C2=C5=DA TLS
smtpd_use_tls =3D yes
smtpd_enforce_tls =3D no
smtp_tls_cert_file=3D/var/lib/ssl/certs/smtp.pem
smtp_tls_dcert_file=3D/var/lib/ssl/certs/smtp.pem

#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
#			=F0=C1=D2=C1=CE=CF=C9=C4=C1=CC=D8=CE=D9=C5 =CE=C1=D3=D4=D2=CF=CA=CB=C9
#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
# =F4=D2=C5=C2=CF=D7=C1=CE=C9=C5 =C4=CC=D1 =CB=CC=C9=C5=CE=D4=D3=CB=C9=C8 =
=D0=D2=C9=CC=CF=D6=C5=CE=C9=CA =D3=CF=C2=CC=C0=C4=C5=CE=C9=D1 RFC
# =DC=D4=CF =C1=C4=C5=CB=D7=C1=D4=CE=CF=C5 =D4=D2=C5=C2=CF=D7=C1=CE=C9=C5, =
=D4=C1=CB =CB=C1=CB =D3=D7=CF=C9=C8 =CB=CC=C9=C5=CE=D4=CF=D7 =CE=C1=C4=CF =
=D5=DE=C9=D4=D8 =D0=CF=CC=D8=DA=CF=D7=C1=D4=D8=D3=D1
# =CB=CF=D2=D2=C5=CB=D4=CE=D9=CD =F0=EF, =C1 =D3=CE=C1=D2=D5=D6=C9 =D0=CF=
=DE=D4=C1 =C4=CF=CC=D6=CE=C1 =D7 =CC=C0=C2=CF=CD =D3=CC=D5=DE=C1=C5 =D0=D2=
=CF=C8=CF=C4=C9=D4=D8 =DE=C5=D2=C5=DA =D0=CF=DE=D4=CF=D7=D9=C5
# =D3=C5=D2=D7=C5=D2=C1
smtpd_helo_required =3D yes
#strict_rfc821_envelopes =3D yes
# =FA=C1=D0=D2=C5=DD=C1=C5=CD =C9=D3=C8=CF=C4=D1=DD=D5=C0 =D0=CF=DE=D4=D5 =
=D3 =CE=C1=DB=C9=C8 =C4=CF=CD=C5=CE=CF=D7, =CE=CF =D3 =CE=C5=D3=D5=DD=C5=D3=
=D4=D7=D5=C0=DD=C9=C8 =D5 =CE=C1=D3 =C1=C4=D2=C5=D3=CF=D7
smtpd_reject_unlisted_sender =3D yes
smtpd_reject_unlisted_recipient =3D yes
# =C4=CC=D1 =D3=CF=C2=CC=C0=C4=C5=CE=C9=D1 =D3=D4=C1=CE=C4=C1=D2=D4=C1 =C9 =
=DE=D4=CF=C2=D9 =CE=C5 =D3=CE=CF=D3=C9=CC=CF =CB=D2=D9=DB=D5 =D4=D5=D0=D9=
=CD =D3=C5=D2=D7=C5=D2=C1=CD
smtpd_delay_reject =3D yes

#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
#		=F0=D2=CF=D7=C5=D2=CB=C1 =D3=D5=DD=C5=D3=D4=D7=CF=D7=C1=CE=C9=D1 =C1=C4=
=D2=C5=D3=C1-=CF=D4=D0=D2=C1=D7=C9=D4=C5=CC=D1
#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
# =EC=C0=C2=CF=D0=D9=D4=CE=D9=CA side-effect -- =D0=CF=DE=D4=C1 =CE=C5 =C2=
=D5=C4=C5=D4 =D0=D2=C9=CE=C9=CD=C1=D4=D8=D3=D1 =CF=D4 =D0=CF=CC=D8=DA=CF=D7=
=C1=D4=C5=CC=D1,
# =CB=CF=D4=CF=D2=D9=CA =CE=C5 =D0=D2=C9=CE=C9=CD=C1=C5=D4 =D0=CF=DE=D4=D5 =
=CF=D4 =CE=C1=D3

#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#
#			=F0=D2=C1=D7=C9=CC=C1-=CF=C7=D2=C1=CE=C9=DE=C5=CE=C9=D1
#=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D#

# (=C4=CF=CC=D6=C5=CE =D3=CF=C4=C5=D2=D6=C1=D4=D8 =D7 =D3=C5=C2=C5 =C9 host=
name, =C9 =C4=CF=CD=C5=CE, =C9=CE=C1=DE=C5 =D3=CE=C5=D3=A3=D4 =CB=D2=D9=DB=
=D5)
myhostname =3D smtp.freesource.info
inet_interfaces =3D all
mydestination =3D localhost, $myhostname

# 550 -- reject mail
# 450 -- try again later
# =EE=C5=CF=C2=C8=CF=C4=C9=CD=CF =C4=CC=D1 =D4=CF=C7=CF, =DE=D4=CF=C2=D9 =
=D0=D2=C9 =CF=DB=C9=C2=CB=C1=C8 =CB=CF=CE=C6=C9=C7=D5=D2=C1=C3=C9=C9 =D0=CF=
=DE=D4=C1 =D7=D3=C5 =D6=C5 =C4=CF=C8=CF=C4=C9=CC=C1
unknown_local_recipient_reject_code =3D 450

mynetworks =3D 127.0.0.1/32, 10.254.200.0/24

# INPUT RATE CONTROL
# A Postfix process will pause for $in_flow_delay seconds before
# accepting a new message, when the message arrival rate exceeds the
# message delivery rate. With the default 100 SMTP server process
# limit, this limits the mail inflow to 100 messages a second more
# than the number of messages delivered per second.
#=20
# Specify 0 to disable the feature. Valid delays are 0..10.
#in_flow_delay =3D 1s

mailbox_command =3D /usr/bin/procmail -a $DOMAIN -d $LOGNAME

#mailbox_transport =3D lmtp:unix:/file/name
#mailbox_transport =3D cyrus

# NOTE: if you use this feature for accounts not in the UNIX password
# file, then you must update the "local_recipient_maps" setting in
# the main.cf file, otherwise the SMTP server will reject mail for   =20
# non-UNIX accounts with "User unknown in local recipient table".
#fallback_transport =3D lmtp:unix:/file/name
#fallback_transport =3D cyrus
#fallback_transport =3D

# The luser_relay parameter specifies an optional destination address
# for unknown recipients.  By default, mail for unknown@$mydestination
# and unknown@[$inet_interfaces] is returned as undeliverable.
#
# The following expansions are done on luser_relay: $user (recipient
# username), $shell (recipient shell), $home (recipient home directory),
# $recipient (full recipient address), $extension (recipient address
# extension), $domain (recipient domain), $local (entire recipient
# localpart), $recipient_delimiter. Specify ${name?value} or
# ${name:value} to expand value only when $name does (does not) exist.
#
# luser_relay works only for the default Postfix local delivery agent.
#
# NOTE: if you use this feature for accounts not in the UNIX password
# file, then you must specify "local_recipient_maps =3D" (i.e. empty) in
# the main.cf file, otherwise the SMTP server will reject mail for   =20
# non-UNIX accounts with "User unknown in local recipient table".
#
#luser_relay =3D $user@other.host
#luser_relay =3D $local@other.host
#luser_relay =3D admin+$local

# JUNK MAIL CONTROLS
header_checks =3D regexp:/etc/postfix/header_checks

smtpd_banner =3D $myhostname ESMTP $mail_name
#smtpd_banner =3D $myhostname ESMTP $mail_name ($mail_version)

# The smtpd_etrn_restrictions parameter restricts what clients are
# allowed to issue the ETRN command.
#
# The Postfix ETRN command accepts only destinations that are eligible
# for the Postfix "fast flush" service. See the samples/flush.cf file
# for details.
#
# The default is to allow ETRN from any host.  The following restrictions
# are available:
#
#   reject_unknown_client: reject the request if the client hostname is unk=
nown.
#   permit_mynetworks: permit if the client address matches $mynetworks.
#   check_client_access maptype:mapname
#	look up client name, parent domains, client address,
#	or networks obtained by stripping octets.
#	see access(5) for possible lookup results.
#   reject_rbl_client domain.tld: reject if the reverse client network
#	address is listed in an A record under domain.tld.
#   reject_rhsbl_client domain.tld: reject if the client hostname is listed
#	in an A record under domain.tld.
#   reject: reject the request. Place this at the end of a restriction.
#   permit: permit the request. Place this at the end of a restriction.
#   warn_if_reject: next restriction logs a warning instead of rejecting.
#
# You may also list any helo or client restrictions here (see below).
#
smtpd_etrn_restrictions =3D permit_mynetworks, reject

# =F4=C1=CB =CB=C1=CB =D0=CF=DE=D4=CF=D7=D9=C5 =D1=DD=C9=CB=C9 =CE=C1=C8=CF=
=C4=D1=D4=D3=D1 =CE=C1 =C2=D9=D3=D4=D2=CF=CD RAID-=CD=C1=D3=D3=C9=D7=C5 =D3=
 _=CB=DC=DB=C9=D2=CF=D7=C1=CE=C9=C5=CD_,
# =CC=CF=C7=C9=DE=CE=C5=C5 =CE=C1=D0=D2=C1=D7=CC=D1=D4=D8 =D3=D2=C1=DA=D5 =
=CE=C5=D3=CB=CF=CC=D8=CB=CF =D3=CF=CF=C2=DD=C5=CE=C9=CA
local_destination_concurrency_limit =3D 16
default_destination_concurrency_limit =3D 16

# INSTALL-TIME CONFIGURATION INFORMATION
readme_directory =3D /etc/postfix/README_FILES
sample_directory =3D /etc/postfix/samples
sendmail_path =3D /usr/sbin/sendmail
#setgid_group =3D postdrop
command_directory =3D /usr/sbin
manpage_directory =3D /usr/share/man
daemon_directory =3D /usr/libexec/postfix
newaliases_path =3D /usr/bin/newaliases
mailq_path =3D /usr/bin/mailq
queue_directory =3D /var/spool/postfix
mail_owner =3D postfix

## START: Virtual hosting
virtual_alias_maps		=3D cdb:/etc/postfix/virtual
virtual_alias_expansion_limit	=3D 999
virtual_transport       	=3D virtual
virtual_mailbox_base    	=3D /var/spool/popboxes
virtual_mailbox_maps    	=3D cdb:/etc/postfix/virtual-mailboxes
virtual_mailbox_domains 	=3D cdb:/etc/postfix/virtual-domains
virtual_minimum_uid     	=3D 100
virtual_uid_maps        	=3D static:109
virtual_gid_maps        	=3D static:502

# All domains and users delivered by the local delivery agent.
# local_recipient_maps is used by the SMTP server to reject mail
# for unknown users.
local_transport =3D local
local_recipient_maps =3D $alias_maps, cdb:/etc/postfix/local-recipients
## END: Virtual hosting

smtpd_sasl_auth_enable =3D yes

### START: ordb.org
#strict_rfc811_envelopes =3D yes
# If server for some time in blacklist, I want to wait, not reject
maps_rbl_reject_code =3D 410

# =EF=DE=C5=CE=D8 =CD=CE=CF=C7=CF =D7=CD=C5=CE=D1=C5=CD=D9=CA =D0=CF=DE=D4=
=CF=D7=C9=CB=CF=D7 =CE=C1=D2=D5=DB=C1=C0=D4 =DC=D4=C9 =D0=D2=C1=D7=C9=CC=C1=
   =20
smtpd_helo_restrictions =3D=20
    permit_mynetworks,

# =F0=D2=CF=D7=C5=D2=CB=C9 =CE=C1 =DC=D4=C1=D0=C5 =D3=CF=C5=C4=C9=CE=C5=CE=
=C9=D1
#  - =E4=C9=C1=CC=C1=D0=DD=C9=CB=CF=D7, =CE=C1=D0=D2=D1=CD=D5=C0 =D2=C1=D3=
=D3=D9=CC=C1=C0=DD=C9=C8 =D0=C9=D3=D8=CD=C1, =C4=C1=D7=C9=D4=D8
#  - =F3 =CF=D4=CB=D2=D9=D4=D9=C8 =D2=C5=CC=C5=C5=D7 =D0=CF=DE=D4=D5 =CD=D9=
 =D0=D2=C9=CE=C9=CD=C1=D4=D8 =CE=C5 =D3=D4=C1=CE=C5=CD
#  - =F3 =D0=CF=DE=D4=CF=D7=D9=C8 =D3=C5=D2=D7=C5=D2=CF=D7, =CE=C1=D2=D5=DB=
=C1=C0=DD=C9=C8 RFC, =CD=D9 =D0=CF=DE=D4=D5 =D4=CF=D6=C5 =D0=D2=C9=CE=C9=CD=
=C1=D4=D8 =CE=C5 =D3=D4=C1=CE=C5=CD
smtpd_client_restrictions =3D
    permit_mynetworks,
    permit_sasl_authenticated,
# TIDI use rbl here

# =F0=D2=CF=D7=C5=D2=CB=C9 =CE=C1 =DC=D4=C1=D0=C5 MAIL FROM
# sender must be valid e-mail
# if sender domain not exists, it can be only spam
# =CB=D2=C9=D7=D9=C5 =C1=C4=D2=C5=D3=C1 =CE=C5 =D0=CF=DA=D7=CF=CC=D1=D4=D8 =
=C4=C1=D6=C5 =CF=D4 =D3=D7=CF=C9=C8 (=CE=C5=C9=DA=D7=C5=D3=D4=CE=D9=C5 =C9 =
non-FQDN)
smtpd_sender_restrictions =3D
    # get mail for abuse and postmaster
    check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
    # =E5=D3=D4=D8 =CC=C1=CD=C5=D2=C1, =CF=D4 =CB=CF=D4=CF=D2=D9=C8 =D3=D4=
=CF=C9=D4 =D0=D2=C9=CE=C9=CD=C1=D4=D8 =D0=CF=DE=D4=D5 (=C9=C2=CF verify =CE=
=C5 =D0=D2=CF=C8=CF=C4=C9=D4)
    check_sender_access cdb:/etc/postfix/sender_access,
    # =EE=C1 =CE=C5=D3=D5=DD=C5=D3=D4=D7=D5=C0=DD=C9=C5 =CD=D9=CC=D8=CE=C9=
=CB=C9 =CD=D9 =CF=D4=CB=C1=DA=D9=D7=C1=C5=CD=D3=D1 =D0=D2=C9=CE=D1=D4=D8 =
=D0=CF=DE=D4=D5 =C4=C1=D6=C5 =CF=D4 "=D3=D7=CF=C9=C8"
    reject_unlisted_sender,
    reject_unverified_sender,

    reject_sender_login_mismatch,

    permit_mynetworks,
    reject_unknown_sender_domain,
    reject_non_fqdn_sender,
    # if user not logged in we can't send mail from it
    permit_sasl_authenticated,

    reject_invalid_hostname,
    reject_unknown_hostname,
    reject_non_fqdn_hostname
   =20
#    reject_rbl_client cbl.abuseat.org

# =F0=D2=CF=D7=C5=D2=CB=C9 =CE=C1 =DC=D4=C1=D0=C5 SEND TO
# reject_unverified_recipient -- =CD=C5=C4=CC=C5=CE=CE=C1=D1 =CF=D0=C5=D2=
=C1=C3=C9=D1, =CE=CF =D0=CF=DA=D7=CF=CC=D1=C5=D4 "=DA=C1=DE=C9=D3=D4=C9=D4=
=D8" =C2=CF=CC=D8=DB=D5=C0 =DE=C1=D3=D4=D8 =D3=D0=C1=CD=C1, =CF=D3=D4=C1=D7=
=DB=C5=C7=CF=D3=D1 =D0=CF=D3=CC=C5 check_policy_service
smtpd_recipient_restrictions =3D
    permit_mynetworks,
    reject_unknown_recipient_domain,
    reject_non_fqdn_recipient,
    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_unverified_recipient,
    check_sender_access cdb:/etc/postfix/sender_access,
    reject_unknown_recipient_domain,
    reject_unverified_recipient
    check_policy_service inet:127.0.0.1:2501,

# =E2=C5=DA =DC=D4=CF=CA =D3=D4=D2=CF=CB=C9 =CF=C2=D2=C1=D4=CE=C1=D1 =D0=D2=
=CF=D7=C5=D2=CB=C1 =D3=D5=DD=C5=D3=D4=D7=CF=D7=C1=CE=C9=D1 =C9=CD=A3=CE =D0=
=CF=CC=D8=DA=CF=D7=C1=D4=C5=CC=C5=CA
# =C2=D5=C4=C5=D4 =D7=D9=D0=CF=CC=CE=D1=D4=D8=D3=D1 =D3=CC=C9=DB=CB=CF=CD =
=C4=CF=CC=C7=CF
address_verify_map =3D btree:/etc/postfix/address_verify_cache
address_verify_negative_expire_time =3D 3d
address_verify_negative_refresh_time =3D 1h
address_verify_positive_refresh_time =3D 28d

# =F0=C1=D2=C1=CE=CF=D1
disable_vrfy_command =3D yes=20

#policy_time_limit =3D 3600

# I don't know why someone can needs more then this
smtpd_recipient_limit =3D 16

html_directory =3D /usr/share/doc/postfix-2.3.11/html

--7iMSBzlTiPOCCT2k--

--TiqCXmo5T1hvSQQg
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHMVxNPuR8c4jhFKIRAlMKAJ9frUjWiXZQOL8uMS7K0MKXAoLn5gCgtj6D
MrV3CZOxzhE7oTY2EeSfaDY=
=tGf+
-----END PGP SIGNATURE-----

--TiqCXmo5T1hvSQQg--