address_verify_sender = $double_bounce_sender
alias_maps = hash:/etc/postfix/aliases
body_checks = regexp:/etc/postfix/bodychecks
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/postfix
debug_peer_level = 8
disable_vrfy_command = yes
double_bounce_sender = double-bounce
header_checks = regexp:/etc/postfix/headerchecks
inet_interfaces = all
inet_protocols = all
mail_name = mx
mail_owner = _postfix
mail_spool_directory = /var/mail/
message_size_limit = 22020096
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = tsl-broker.com
myhostname = mx.tsl-broker.com
mynetworks = 127.0.0.0/8, 10.10.0.0/24, 192.168.0.0/24
myorigin = $mydomain
queue_directory = /var/spool/postfix
sample_directory = /etc/postfix
setgid_group = _postdrop
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $mydomain ESMTP ready
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/client_access,
permit_sasl_authenticated, permit_mynetworks,
check_client_access regexp:/etc/postfix/dul_checks,
reject_unknown_client,
reject_rbl_client dul.ru,
reject_rbl_client dialup.balcklist.jippg.org,
reject_rbl_client relays.mail-abuse.org,
permitsmtpd_delay_reject = no
smtpd_hard_error_limit = 2
smtpd_helo_required = no
smtpd_helo_restrictions =
check_helo_access hash:/etc/postfix/helo_access,
reject_invalid_hostname,
permit_mynetworks,
check_helo_access regexp:/etc/postfix/helo_regexp,
reject_non_fqdn_hostname,
reject_unknown_hostname,
permit
smtpd_recipient_restrictions =
check_recipient_access regexp:/etc/postfix/recipient_access,
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_destination,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
check_sender_access regexp:/etc/postfix/sender_access,
permit_sasl_authenticated,
permit_mynetworks,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit
smtpd_tls_cert_file = /etc/ssl/3/smtpd.crt
smtpd_tls_key_file = /etc/ssl/3/smtpd.key
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
unknown_address_reject_code = 450
unknown_client_reject_code = 421
unknown_hostname_reject_code = 450
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550