source: trunk/server/fedora/config/etc/postfix/main.cf @ 2375

Last change on this file since 2375 was 2375, checked in by andersk, 9 years ago
Tighten scripts vhost mail security Broken MTAs such as MIT’s will rewrite anyone@awesome-cname.mit.edu to anyone@scripts-vhosts.mit.edu, in violation of RFC 2821. (This can be fixed with the Sendmail nocanonify feature or DontExpandCnames option, which, bewilderingly, are still not the default.) To prevent such mail from being misdirected, remove scripts-vhosts from $mydestination and let it bounce. Correct r1452 to match literal periods in scripts.mit.edu. Reserve the well-known (RFC 2142) email addresses {abuse,hostmaster,noc,postmaster,security}@every-domain for our own purposes; /etc/aliases maps these to root. Tested on scripts-f17-dev.
File size: 1.4 KB
Line 
1#biff = no
2
3# appending .domain is the MUA's job.
4#append_dot_mydomain = no
5
6# Uncomment the next line to generate "delayed mail" warnings
7#delay_warning_time = 4h
8
9alias_maps = hash:/etc/aliases
10alias_database = hash:/etc/aliases
11myorigin = scripts.mit.edu
12mydestination = scripts.mit.edu, scripts, $myhostname, scripts-test.mit.edu, scripts-test, localhost
13relayhost =
14mynetworks_style = host
15mailbox_command = /usr/bin/procmail -t -a "${EXTENSION}" ~/mail_scripts/procmailrc
16mailbox_size_limit = 0
17recipient_delimiter = +
18inet_interfaces = all
19readme_directory = /usr/share/doc/postfix-2.9.5/README_FILES
20sample_directory = /usr/share/doc/postfix-2.9.5/samples
21sendmail_path = /usr/sbin/sendmail
22html_directory = no
23setgid_group = postdrop
24command_directory = /usr/sbin
25manpage_directory = /usr/share/man
26daemon_directory = /usr/libexec/postfix
27newaliases_path = /usr/bin/newaliases
28mailq_path = /usr/bin/mailq
29queue_directory = /var/spool/postfix
30mail_owner = postfix
31virtual_alias_domains = hash:/etc/postfix/virtual, regexp:/etc/postfix/virtual_re, ldap:/etc/postfix/virtual-alias-domains-ldap.cf
32virtual_alias_maps = hash:/etc/postfix/virtual, regexp:/etc/postfix/virtual_re, ldap:/etc/postfix/virtual-alias-maps-ldap.cf
33data_directory = /var/lib/postfix
34authorized_submit_users = !/etc/postfix/blocked_users, static:all
35# "all" is the default, but if we do not specify it, Fedora's packaging
36# will add the wrong value here.
37inet_protocols = all
Note: See TracBrowser for help on using the repository browser.