Context Navigation

main.cf @ 2375

Last change on this file since 2375 was 2375, checked in by andersk, 11 years ago

Tighten scripts vhost mail security Broken MTAs such as MIT’s will rewrite anyone@awesome-cname.mit.edu to anyone@scripts-vhosts.mit.edu, in violation of RFC 2821. (This can be fixed with the Sendmail nocanonify feature or DontExpandCnames option, which, bewilderingly, are still not the default.) To prevent such mail from being misdirected, remove scripts-vhosts from $mydestination and let it bounce. Correct r1452 to match literal periods in scripts.mit.edu. Reserve the well-known (RFC 2142) email addresses {abuse,hostmaster,noc,postmaster,security}@every-domain for our own purposes; /etc/aliases maps these to root. Tested on scripts-f17-dev.

File size: 1.4 KB

Line
1	#biff = no
2
3	# appending .domain is the MUA's job.
4	#append_dot_mydomain = no
5
6	# Uncomment the next line to generate "delayed mail" warnings
7	#delay_warning_time = 4h
8
9	alias_maps = hash:/etc/aliases
10	alias_database = hash:/etc/aliases
11	myorigin = scripts.mit.edu
12	mydestination = scripts.mit.edu, scripts, $myhostname, scripts-test.mit.edu, scripts-test, localhost
13	relayhost =
14	mynetworks_style = host
15	mailbox_command = /usr/bin/procmail -t -a "${EXTENSION}" ~/mail_scripts/procmailrc
16	mailbox_size_limit = 0
17	recipient_delimiter = +
18	inet_interfaces = all
19	readme_directory = /usr/share/doc/postfix-2.9.5/README_FILES
20	sample_directory = /usr/share/doc/postfix-2.9.5/samples
21	sendmail_path = /usr/sbin/sendmail
22	html_directory = no
23	setgid_group = postdrop
24	command_directory = /usr/sbin
25	manpage_directory = /usr/share/man
26	daemon_directory = /usr/libexec/postfix
27	newaliases_path = /usr/bin/newaliases
28	mailq_path = /usr/bin/mailq
29	queue_directory = /var/spool/postfix
30	mail_owner = postfix
31	virtual_alias_domains = hash:/etc/postfix/virtual, regexp:/etc/postfix/virtual_re, ldap:/etc/postfix/virtual-alias-domains-ldap.cf
32	virtual_alias_maps = hash:/etc/postfix/virtual, regexp:/etc/postfix/virtual_re, ldap:/etc/postfix/virtual-alias-maps-ldap.cf
33	data_directory = /var/lib/postfix
34	authorized_submit_users = !/etc/postfix/blocked_users, static:all
35	# "all" is the default, but if we do not specify it, Fedora's packaging
36	# will add the wrong value here.
37	inet_protocols = all

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format