|
|
|
@ -28,13 +28,19 @@ local_transport = dovecot |
|
|
|
# set recipient limit to 1 so X-Original-To header addition will work |
|
|
|
dovecot_destination_recipient_limit = 1 |
|
|
|
|
|
|
|
### SMTP ### |
|
|
|
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for |
|
|
|
# information on enabling SSL in the smtp client. |
|
|
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache |
|
|
|
### Outgoing Mail ### |
|
|
|
# enable opportunistic TLS for outgoing mail |
|
|
|
smtp_tls_security_level = may |
|
|
|
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache |
|
|
|
# whether to allow or enforce TLS. Acceptable values are 'none', 'may', or 'encrypt'. |
|
|
|
smtpd_tls_security_level=may |
|
|
|
# log whether connection has completed encryption handshake |
|
|
|
smtp_tls_loglevel = 1 |
|
|
|
|
|
|
|
### Incoming Mail ### |
|
|
|
# enable opportunistic TLS for incoming mail |
|
|
|
smtpd_tls_security_level = may |
|
|
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache |
|
|
|
# prevent sending passwords over unsecured connections |
|
|
|
smtpd_tls_auth_only = yes |
|
|
|
# where to find certs |
|
|
|
smtpd_tls_cert_file=/vol/ssl/fullchain.pem |
|
|
|
smtpd_tls_key_file=/vol/ssl/privkey.pem |
|
|
|
@ -45,8 +51,6 @@ smtpd_sasl_type = dovecot |
|
|
|
smtpd_sasl_path = private/auth |
|
|
|
# and the common settings to enable SASL: |
|
|
|
smtpd_sasl_auth_enable = yes |
|
|
|
|
|
|
|
### Security ### |
|
|
|
# these settings apply to BOTH authenticated and unauthenticated mail |
|
|
|
# for security settings for only authenticated mail, use options in master.cf |
|
|
|
smtpd_delay_reject = yes |
|
|
|
@ -75,4 +79,4 @@ biff = no |
|
|
|
# fresh installs. |
|
|
|
compatibility_level = 2 |
|
|
|
# maximum size allowed for sent messages, in bytes |
|
|
|
message_size_limit = 33554432 |
|
|
|
message_size_limit = 102400000 |
|
|
|
|
