7x31/mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,383 Commits 18 Branches 41 Tags
4ddeb317fa0560c7da4a399ff076c5535c98f515
Commit Graph

82 Commits

Author SHA1 Message Date
andryyy
881f558e48 [Postfix] Add sasl check to deny specific users from using smtp relay 2020-09-17 19:44:52 +02:00
andryyy
1f36ae28d4 [Postfix, Web] Feature: Show last SMTP login 2020-09-15 11:02:53 +02:00
Dmitriy Alekseev
72387a4a48 Disable SMTPUTF8 in Postfix due Dovecot-LMTP isn't support it (#3680) 
SMTPUTF8 to work correctly must be done end-to-end. Leaving it enabled now when LMTP cant receive such email gives more issues then profit.
 2020-07-29 13:42:39 +02:00
andryyy
75f4b77bc2 [Postfix] Remove smtpd_tls_CAfile, fixes #3589 2020-06-04 16:23:41 +02:00
andryyy
6a95d217b4 [Postfix] Remove obsolete comment 2020-05-21 21:55:43 +02:00
Igor Scheller
16b2a2c055 [Postfix] Set smtp_address_preference to any (#3561) 
Closes https://github.com/mailcow/mailcow-dockerized/issues/3560
 2020-05-21 19:28:35 +02:00
Florian Lindner
4519f460b4 Remove obsolete setting smtpd_use_tls. (#3548) 
See http://www.postfix.org/postconf.5.html#smtpd_use_tls. It is
controlled by smtpd_tls_security_level, which is set to may.

Co-authored-by: Florian Lindner <florian.lindner@ipvs.uni-stuttgart.de>
 2020-05-18 14:22:21 +02:00
Aaron
1f00887f91 Fix inconsistent spacing in dovecot/dovecot.conf and postfix/main.cf (#3511) 
* Fix inconsistent spacing in dovecot.conf

* Fix inconsistent spacing in main.cf
 2020-04-30 18:22:21 +02:00
andryyy
ef0b40085b [Postfix] Allow to relay only non-local mailboxes 2020-04-03 20:39:53 +02:00
andryyy
1d0e8a9497 [Postfix] Remove default rcpt count limit 2020-03-09 13:26:52 +01:00
andryyy
b5c844d704 [Postfix] IMPORTANT: Disabling TLS 1.0 and 1.1 for submission and smtps 2020-02-12 10:36:54 +01:00
andryyy
82c094c77c [Postfix] Added custom_postscreen_whitelist.cidr for a custom Postscreen wl, fixes #3313 2020-02-06 08:28:05 +01:00
andryyy
081602def9 [Postfix] Client rcpt rate limit set to 50 2020-01-18 16:32:41 +01:00
andryyy
ad1f243667 [Postfix] Set CA path for smtpd 
[Rspamd] Split deprecated metrics.conf to actions.conf and groups.conf
 2020-01-05 11:21:04 +01:00
andryyy
6564944f7a [Postfix] Add bl.suomispam.net 2019-12-06 16:15:04 +01:00
andryyy
5d7e365592 [Postfix] Remove test var 2019-11-24 15:23:16 +01:00
andryyy
4a36eb014c [Postfix] TLS protocols for submission and smtps can be overriden using extra.cf (submission_smtpd_tls_mandatory_protocols and smtps_smtpd_tls_mandatory_protocols), thanks to @christianbur 
[Postfix] Show overriding warnings when starting Postfix, but hide them in syslog output
 2019-11-24 14:18:27 +01:00
andryyy
2e972fb03b [Rspamd, Postfix] Move PTR check to Postfix 2019-11-14 10:17:14 +01:00
andryyy
c4656e00fd [Postfix] Add hint for custom_transport.pcre 2019-11-12 20:50:21 +01:00
andryyy
e1fdbba0f7 [Postfix] Add custom_transport.pcre 2019-11-12 20:44:43 +01:00
Marcel Hofer
2e35da6816 [SSL] create individual domain certificates, add SNI configs for Postfix/Dovecot/Nginx 2019-10-19 12:48:56 +02:00
Max Uetrecht
bbe396d3c2 [Postfix] Add NO_RENEGOTIATION to tls_ssl_options 2019-09-22 17:38:03 +02:00
andryyy
b3c2f683cb [Postfix] Adjustments for RBL 2019-09-18 07:58:54 +02:00
MAGIC
b272ed04a0 [Postfix] Remove DNSBL dnsbl.inps.de due to legal reasons 2019-09-09 21:37:49 +02:00
andryyy
1495bda2e1 [Postfix] Add info about extra.cf 2019-09-02 18:39:08 +02:00
andryyy
1bdf861177 [Postfix] Add comments to config files, cleanup a bit 2019-09-02 09:31:30 +02:00
andryyy
a2386434fd [Postfix] More RBLs, lower thresholds 2019-08-16 22:17:28 +02:00
andryyy
217da8c7fc [Postfix] Reduce threshold to 4, format list 2019-08-16 07:55:17 +02:00
andryyy
1b3a5d54ca [Postfix] Reduce RBL threshold 
We should move more RBL checks to Postfix
 2019-08-16 07:46:19 +02:00
andryyy
9e0381185c [Postfix] Disable UTF8 SMTP as Dovecots LMTP does not support it, also disable Zeyple 2019-08-09 14:10:31 +02:00
andryyy
3c3bcf8c82 [Postfix] Set compatibility_level to 2 2019-07-13 14:44:17 +02:00
andryyy
2898aa6918 [Postfix] Remove unused alias domain catch all map 2019-07-13 08:59:32 +02:00
andryyy
ffb008f72a Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-06-09 16:50:04 +02:00
andryyy
de3a89ac7a [Postfix] Remove duplicate proxy read maps, add resource maps 2019-06-09 16:49:02 +02:00
dofl
fa4c4b138e Update main.cf 
Added the delay_warning_time (http://www.postfix.org/postconf.5.html#delay_warning_time) with 4 hours as setting. Postfix will inform the user that the e-mail has not been delivered, but that it will try for the next 5 days. 

There is also a setting called confirm_delay_cleared (http://www.postfix.org/postconf.5.html#confirm_delay_cleared), but according to the Postfix this can lead to a sudden burst of notifications at the end of a prolonged network outage.
 2019-06-09 07:39:36 +02:00
dofl
d5eeb3e8af Update main.cf 
I was looking into creating a backup mx server for a high availability mailcow setup. It seems that this is not easily done. While researching to find out how long an average SMTP server keeps trying to send to a server that is down I found that RFC 5321 advises at least 4 to 5 days. Mailcow has a custom setup of 1 day, which is very short. The user will be unaware for 5 days that his mail has not been delivered, which can be negative. But I still would like to follow the advice of the RFC.

RFC 5321, in section 4.5.4.1, has this to say:
Retries continue until the message is transmitted or the sender  up;  the give-up time generally needs to be at least 4-5 days.  It MAY be appropriate to set a shorter maximum number of retries for non-delivery notifications and equivalent error messages than for standard messages. 

Postfix default is also 5 days: http://www.postfix.org/postconf.5.html

https://tools.ietf.org/html/rfc5321#section-4.5.4
 2019-06-08 15:10:46 +02:00
andryyy
2757c6b5fe [Postfix] Do not allow DSN for postscreen 2019-05-27 19:32:41 +02:00
andryyy
9abbe7eb1d [Postfix] Mandatory protocol for authenticated clients over 587/tcp and 465/tcp is now TLSv1.0+ (reverts previous protocol change for authenticated users only) 
[Postfix] Force route localhost$ over local:
 2019-03-06 15:09:28 +01:00
andryyy
0375703198 [Postfix] Fix mandatory encryption protocols and always require at least TLS 1.2 for LMTP 2019-03-03 12:11:39 +01:00
andryyy
eccf3ff4da [Postfix] Mandatory encryption protocol is now min. TLS 1.2 2019-03-03 12:09:10 +01:00
andryyy
cd72a4e18b [Postfix] Split SASL passwd maps 
[Postfix] create new smtp service to skip sender-dependent SASL map
[Postfix] Hard-bounce on SASL errors
 2018-12-19 09:40:08 +01:00
Patrik Kernstock
1dc9d3fa27 [Postfix] Security: Prefer server-side ciphers 
Prefer server-side ciphers to prevent client-side cipher downgrade. Already enabled in Dovecot.
 2018-10-25 23:37:25 +02:00
André
93e0206db4 [Update] Remove mailcow_anonymize_headers.pcre checks 
[Postfix] Rename mailcow_anonymize_headers.pcre > anonymize_headers.pcre to prevent collisions
 2018-10-23 22:57:38 +02:00
André
d99b8aaf69 [Postfix] Change mail_name to Postcow and only replace headers when mail_name matches 2018-10-16 10:26:41 +02:00
André
a844adde0f [Postfix] Add mailcow_anonymize_headers to default config 2018-10-15 20:52:06 +02:00
André
f6b2a6aab2 [Postfix] Enable/create smtp_tls_policy_maps 2018-10-04 14:34:34 +02:00
André
b8ebdc3c58 [Postfix] Increase default message size limit to 100 MiB 2018-10-01 22:06:20 +02:00
André
fa0b351da6 [Postfix] smtpd_tls_eecdh_grade = auto 2018-07-11 22:10:32 +02:00
André Peters
bca8920679 Revert "[Postfix] Default SMTP server security grade for EECDH key exchange" 2018-06-27 23:28:54 +02:00
elcore
c386dfc11d [Postfix] Default SMTP server security grade for EECDH key exchange 2018-06-27 03:39:54 +02:00