mailserver/smtp/main.cf

compatibility_level = 2
smtpd_banner = $myhostname ESMTP $mail_name (Hail Eris!)
biff = no

append_dot_mydomain = no

readme_directory = no

smtpd_helo_required = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 554

#smtpd_tls_key_file=/certs/privkey.pem
#smtpd_tls_cert_file=/certs/cert.pem
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

smtpd_use_tls=yes
smtpd_tls_auth_only = yes

smtp_tls_security_level = may

smtpd_sasl_path = inet:imap:8472
smtpd_sasl_type = dovecot
smtpd_sasl_auth_enable = yes

smtputf8_enable = no
smtputf8_autodetect_classes = bounce

#smtpd_recipient_restrictions =
#        permit_sasl_authenticated,
#        permit_mynetworks,
#        reject_unauth_destination

# Let's try ze new config stuff!
smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_rbl_client ix.dnsbl.manitu.net,
        reject_rbl_client bl.spamcop.net,
        reject_rbl_client multi.surbl.org,
        reject_rbl_client dnsbl-1.uceprotect.net,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client combined.rbl.msrbl.net,
        reject_rbl_client b.barracudacentral.org,
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_unauth_pipelining,
        reject_unauth_destination,
        reject_unlisted_recipient


smtpd_sender_restrictions =
#	reject_sender_login_mismatch #too harsh
	permit_sasl_authenticated

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.16.0.0/12
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

virtual_transport = lmtp:inet:imap:24

virtual_mailbox_domains = mysql:/etc/postfix/virtual_mailbox_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/virtual_mailbox_maps.cf
virtual_alias_maps = mysql:/etc/postfix/virtual_alias_maps.cf

message_size_limit = 20480000

# Milter setup
smtpd_milters = inet:spam:11332
milter_default_action = accept
milter_protocol = 6

unknown_local_recipient_reject_code = 550
owner_request_special = no
transport_maps = hash:/mailman/var/data/postfix_lmtp
local_recipient_maps = hash:/mailman/var/data/postfix_lmtp
relay_domains = hash:/mailman/var/data/postfix_domains