Konfigurasi – Postfix


master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# The script postfix-chroot.sh can be used to set up a Postfix chroot
# environment on your Mandrivalinux System.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n – y – – smtpd
#submission inet n – n – – smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n – n – – smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n – n – – smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n – n – – qmqpd
pickup fifo n – y 60 1 pickup
-o content_filter=
-o receive_override_options=
cleanup unix n – y – 0 cleanup
qmgr fifo n – y 300 1 qmgr
#qmgr fifo n – n 300 1 oqmgr
tlsmgr unix – – y 1000? 1 tlsmgr
rewrite unix – – y – – trivial-rewrite
bounce unix – – y – 0 bounce
defer unix – – y – 0 bounce
trace unix – – y – 0 bounce
verify unix – – y – 1 verify
flush unix n – y 1000? 0 flush
proxymap unix – – n – – proxymap
smtp unix – – y – – smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix – – y – – smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n – y – – showq
error unix – – y – – error
discard unix – – y – – discard
local unix – n n – – local
virtual unix – n n – – virtual
lmtp unix – – y – – lmtp
anvil unix – – y – 1 anvil
scache unix – – y – 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix – n n – – pipe
flags=DRhu user=nobody argv=/usr/bin/maildrop -d ${recipient}
#
# Cyrus. Please See the Postfix CYRUS_README file for details
#
# deliver interface (deprecated), to use this also use
# postconf -e cyrus-deliver_destination_recipient_limit=1
cyrus-deliver unix – n n – – pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# for default cyrus socket placement
cyrus unix – n n – – lmtp
-o lmtp_cache_connection=yes
#
# if you configure cyrus socket in the chroot jail
cyrus-chroot unix – – y – – lmtp
-o lmtp_cache_connection=yes
#
# for lmtp to cyrus via tcp
cyrus-inet unix – – y – – lmtp
-o lmtp_cache_connection=yes
-o lmtp_sasl_auth_enable=yes
-o lmtp_sasl_password_maps=hash:/etc/postfix/cyrus_lmtp_sasl_pass
-o lmtp_sasl_security_options=noanonymous
#
# UUCP. Unix to Unix CoPy
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix – n n – – pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender – $nexthop!rmail ($recipient)
#
# Other external delivery methods.
# These are not distributed with Mandrivalinux
#
#ifmail unix – n n – – pipe
# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#bsmtp unix – n n – – pipe
# flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

##### START OF CONTENT FILTER CUSTOMIZATIONS #####
# Please see the Postfix FILTER_README for details.
# These sample entries expect your content filter to
# listen on port 10025 and to inject mail back into
# postfix on port 10026.
#
# to enable such content filter run the command
# postconf -e content_filter=smtp-filter:127.0.0.1:10025
# postconf -e smtp-filter_destination_concurrency_limit=2
# or
# postconf -e content_filter=lmtp-filter:127.0.0.1:10025
# postconf -e lmtp-filter_destination_concurrency_limit=2
# and the command
# postconf -e receive_override_options=no_address_mappings
#

127.0.0.1:10026 inet n – y – – smtpd
-o content_filter=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_client_connection_limit_exceptions=127.0.0.0/8

lmtp-filter unix – – y – – lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes

smtp-filter unix – – y – – smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes

#clamsmtpd
scan unix – – n – 16 smtp
-o smtp_send_xforward_command=yes

127.0.0.1:10026 inet n – n – 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8

##### END OF CONTENT FILTER CUSTOMIZATIONS #####

main.cf
# These are only the parameters changed from a default install
# see /etc/postfix/main.cf.dist for a commented, fuller version of this file.

# These are changed by postfix install script
readme_directory = /usr/share/doc/postfix-2.2.5/README_FILES
html_directory = /usr/share/doc/postfix-2.2.5/html
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/share/man
daemon_directory = /usr/lib/postfix
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix

# User configurable parameters

inet_interfaces = all

mynetworks = 10.10.10.0/24, 127.0.0.0/8
mynetworks_style = subnet
delay_warning_time = 4h
smtpd_banner = $myhostname ESMTP kampesMail ($mail_version) (Kampes_Komprang)
smtpd_sender_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_helo_required = yes
smtpd_client_restrictions =
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client bl.spamcannibal.org,
reject_rbl_client relays.ordb.org,
reject_rbl_client dnsbl.antispam.or.id,
permit

#inet_interfaces = localhost
#mynetworks_style = host
#delay_warning_time = 4h
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Mandriva Linux)
unknown_local_recipient_reject_code = 450
smtp-filter_destination_concurrency_limit = 2
lmtp-filter_destination_concurrency_limit = 2
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2

smtpd_error_sleep_time = 60
smtpd_soft_error_limit = 60
smtpd_hard_error_limit = 10

myhostname = hujan.semusim.info
mydomain = semusim.info
myorigin = $mydomain
mydestination = $myhostname localhost.$mydomain $mydomain
owner_request_spesial = no
relay_domains = $mydestination semusim.info
alias_maps = hash:/etc/postfix/aliases

content_filter = scan:127.0.0.1:10025
#receive_override_options = no_address_mappings

clamstpd.conf
# ——————————————————————————
# SAMPLE CLAMSMTPD CONFIG FILE
# ——————————————————————————
#
# – Comments are a line that starts with a #
# – All the options are found below with sample settings

# The address to send scanned mail to.
# This option is required unless TransparentProxy is enabled
OutAddress: 10026

# The maximum number of connection allowed at once.
# Be sure that clamd can also handle this many connections
#MaxConnections: 64

# Amount of time (in seconds) to wait on network IO
#TimeOut: 180

# Keep Alives (ie: NOOP’s to server)
#KeepAlives: 0

# Send XCLIENT commands to receiving server
#XClient: off

# Address to listen on (defaults to all local addresses on port 10025)
#Listen: 0.0.0.0:10025
Listen: 127.0.0.1:10025

# The address clamd is listening on
#ClamAddress: /var/run/clamav
ClamAddress: /var/lib/clamav/clamd.socket

# A header to add to all scanned email
Header: X-Virus-Scanned: ClamAV using ClamSMTP

# Directory for temporary files
TempDirectory: /tmp

# Whether or not to bounce email (default is to silently drop)
#Bounce: off

# Whether or not to keep virus files
#Quarantine: off
Quarantine: on

# Enable transparent proxy support
#TransparentProxy: off

# User to switch to
User: clamav

# Virus actions: There’s an option to run a script every time a virus is found.
# !IMPORTANT! This can open a hole in your server’s security big enough to drive
# farm vehicles through. Be sure you know what you’re doing. !IMPORTANT!
#VirusAction: /path/to/some/script.sh

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: