Common Parameters in the Postfix configuration file main. cf

Description of common parameters in the Postfix configuration file main. cf-Linux Enterprise Application-Linux server application information. The following is a detailed description. Parameters:

Myorigin

Note:

The myorigin parameter is used to specify the domain name used by the server for external mail.

By default, myorigin uses the name of the local host (the same as the parameter myhostname ).

Suggestion: use the default configuration in a small network. In the Internet, we recommend that you keep the myorigin and mydomain parameters the same. That is to say, the domain name of the server is used.

For example:

Myorigin = $ myhostname (default)
Myorigin = $ mydomain (recommended)
　　　

Receiving Domain Configuration

Parameters:

Mydestination

Note:

Specifies the domain name used by the server to receive emails.

We recommend that you do not change this parameter after installing the system.

For example:

Default settings:
Mydestination = $ myhostname localhost. $ mydomain

Extensive settings:
Mydestination = $ myhostname localhost. $ mydomain

Multiple DNS settings:
Mydestination = $ myhostname localhost. $ mydomain www. $ mydomain ftp. $ mydomain

Forwarding restrictions

Parameters:

Mynetworks
Relay_domains
Mydestination

Note:

Forwarding restrictions are very important in the mail system. C-Link configures the most secure forwarding restriction parameters by default.

There are many forwarding restrictions: see mynetworks, relay_domains, and mydestination.

System Fault Report Configuration

Parameters:

Notify_classes

Note:

This parameter is used to notify the system in which case the user is notified.

The following parameter types are available:

The bounce email is unblocked and bounce;

2 bounce sends two bounce mails to Postmaster;

Delay notifies Postmaster of the delayed mail's header information;

The policy notifies Postmaster of the Information filtered out by the system;

Protocol notifies Postmaster of protocol error messages;

The resource notifies the Postmaster of the information that fails to be delivered due to a shortage of system resources;

The software notifies the Postmaster of the failed delivery due to a soft error.

For example:
Default Value:
Policy_classes = resource, software

Host Name Configuration

Parameters:

Myhostname

Note:

The myhostname parameter is used to describe the full name of the domain name of the server running the C-Link system that complies with the rules. In many UNIX systems, C-Link automatically detects the correct name. However, manual configuration is required in some operating systems, such as TurboLinux.

For example:

Myhostname = host. local. domain (local hostname is not FQDN)
Myhostname = host. virtual. domain (virtual interface)
Myhostname = virtual. domain (virtual interface)

Original Domain Configuration

Parameters:

Mydomain

Note:

The system detects it by itself. It is not currently open.

System internal network subnet Configuration

Parameters:

Mynetworks_stype

Mynetworks

Note:

Mynetworks_stype is used to set the limits of the internal subnet of the mail system. Subnet is usually used. Set it to host in single-host mode.

Within the specified subnet, emails can be forwarded in an open manner. This is useful for configuring the mail cluster. However, be careful when using this function to prevent the email system from being set to open relay.

For example:

Mynetworks_style = subnet

Mynetworks_style = host

Mynetworks = 168.100.189.0/28,127.0 .0.0/8

Internal Network Address Configuration

Parameters:

Inet_interfaces

Note:

Inet_interfaces is used to specify a specific network address.

The system is retained and is not open for the moment.

For example:

Inet_interfaces = all

Inet_interfaces = virtual. host. name (virtual domain)

Inet_interfaces = $ myhostname localhost. $ mydomain (non-virtual mailer)
　　　

Process restrictions

Parameters:

Default_process_limit

Note:

Used to limit the maximum number of simultaneous connections of the SMTP service. The default value is 50. You can configure extremely wide limits based on the server configurations and operating systems.

For example:

Default_process_limit = 1024

Local simultaneous address distribution restrictions

Parameters:

Local_destination_concurrency_limit
　　　

Note:

The system is retained and is not open for the moment.

For example:

Local_destination_concurrency_limit = 2
　　　

By default, the same-address distribution is limited.

Parameters:

Default_destination_concurrency_limit
　　　

Note:

The system is retained and is not open for the moment.

For example:

Default_destination_concurrency_limit = 10

Queue retransmission cycle

Parameters:

Queue_run_delay

Note:

Used to set the scanning cycle of delayed mail by the queue processing program.

The default value is 1000 seconds.

For example:

Queue_run_delay = 1000

Maximum queue Life Cycle

Parameters:

Maximal_queue_lifetime

Note:

It is used to set the maximum retention period for stranded mails by the queue processing program.

The default value is 5 days.

For example:

Maximal_queue_lifetime = 5

Minimum delivery failure period

Parameters:

Minimal_backoff_time

Note:

It is used to set the shortest tour time for undeliverable mails by the queue handler.

The default value is 1000 seconds.

For example:

Minimal_backoff_time= 1000

Maximum delivery failure period

Parameters:

Maximal_backoff_time

Note:

This parameter is used to set the maximum number of times the queue handler can tour messages that cannot be delivered.

The default value is 4000 seconds.

For example:

Maximal_backoff_time= 4000

Error command buffer time

Parameters:

Smtpd_error_sleep_time

Note:

When the SMTP service port receives an invalid command, the system will buffer the processing interval.

This parameter is very effective for preventing malicious attacks.

For example:

Smtpd_error_sleep_time = 5

Smtpd_error_sleep_time = 0

Soft Error Tolerance count

Parameters:

Smtpd_soft_error_limit

Note:

Number of soft errors allowed by the SMTP service. This parameter is very effective for preventing malicious attacks.

The default value is 10.

For example:

Smtp_soft_error_limit = 5

Hard error tolerance count

Parameters:

Smtpd_hard_error_limit

Note:

Number of hard errors allowed by the SMTP service. This parameter is very effective for preventing malicious attacks.

The default value is 100.

For example:

Sm-tp_hard_error_limit = 100

Mail header Filtering

Parameters:

Header_checks

Note:

Used to filter the mail header information.

For example:

Header_checks = regexp:/wdpost/filter/header_checks

The header_checks content of the file follows the full regexp powerful string syntax matching rules.

For example,/^ to: * friend @ public \. com $/REJECT

SMTP Connection Control Filtering

Parameters:

Smtpd_client_restrictions

Note:

The smtpd_client_restrictions parameter is very powerful. It can restrict various clients connected to the C-Link mail server and other servers.

This parameter has the following options for flexible configuration settings.

Reject_unknown_client rejects IP address that cannot be reverse resolved;

Permit_mynetworks allows connections in subnets;

Check_client_access maptype: mapname checks the rules set in the mapname file;

Reject_maps_rbl rejects connections that meet the rbl behavior conditions.

Reject_unauth_pipelining rejects connections to the authenticated media transcoding queue.

This parameter is not set by default.

For example:

Smtpd_client_restrictions =

HELO handshake requires Control Filtering

Parameters:

Smtpd_helo_required

Note:

Set whether the C-Link email system must perform a HELO or EHLO handshake during SMTP connection.

Not required by default.

For example:
Smtpd_helo_required = no

HELO handshake Host Control Filtering

Parameters:

Smtpd_helo_restrictions

Note:

When HELO handshake is required. This parameter is used to verify whether the handshake information meets the requirements.

You can select the following parameters:

Reject_invalid_hostname: reject the incorrect hostname.

Permit_naked_ip_address rejects the bare IP address.

Reject_unknown_hostname: The domain name specified by the dns a or MX record is rejected.

Reject_non_fqdn_hostname: reject domain names that do not comply with Domain Name rules.

Check_helo_access maptype: mapname is based on the information limit set in mapname.

RFC821 envelope address Control Filtering

Parameters:

Strict_rfc821_envelopes

Note:

Set whether the C-Link system must only accept mail addresses that comply with the RFC821 load rules.
　　　

The default value is no.

For example:

Strict_rfc821_envelopes = yes

Sender address restriction Filtering

Parameters:

Smtpd_sender_restrictions =

Note:

Set the rules that must be met by the sender address. It is indeed arbitrary.

You can set the following parameters:

Reject_unknown_sender_domain reject the domain name of the sender who does not have a dns a or MX record.

Check_sender_access maptype: mapname is set according to the rules in the mapname file.

Reject_non_fqdn_sender rejects the sender address that does not comply with the rules.

Recipient address restriction Filtering

Parameters:

Smtpd_recipient_restrictions

Note:

Set special sender address parameters.

You can select the following parameters:

Check_relay_domains checks the forwarding domain.

Permit_auth_destination allows authenticated destinations.

Reject_unauth_destination is rejected as the authenticated destination.

Permit_mx_backup allows reverse query of MX host names.

Check_recipient_access maptype: mapname is subject to the rules set in the mapname file.

Reject_unknown_recipient_domain refuse to forward to A domain name without a dns a or MX record.

Reject_non_fqdn_recipient rejects forwarding targets that do not comply with the rules.

Reject_unknown_sender_domain rejects the sender's domain name without the IP anti-resolution record.

ETRN command limit Filter

The system is retained and not open.

Anti-Spam organization Filtering

Parameters:

Maps_rbl_domains

Note:

This is a very distinctive anti-spam function. This parameter is usually set

Maps_rbl_domains = blackholes.mail-abuse.org

If RBL lookup is enabled, the system automatically synchronizes it with the mail-abuse, a world-renowned anti-spam organization. Organize the insecure email servers listed by mail-abuse.

This function is disabled by default.

SMTP dialog line length limit Filtering

Parameters:

Line_length_limit

Note:

Set the maximum length of the lines accepted by SMTP.

The default value is 2048 bytes.

Restricted email header length filtering

Parameters:

Header_size_limit

　　
Note:

Set the maximum length of mail header information received by SMTP.

102400 bytes by default

Limited number of recipients Filtering

Parameters:

Extract_recipient_limit

Note:

Limit the number of extended recipients. This is usually used to prevent attack behavior by using the "sendmail-t" method.

Limited email Length Filtering

Parameters:

Message_size_limit

Note:

This parameter is very important. Used to limit the maximum length of a single email received by the system.

The default value is 10240000 bytes.

For example:

Message _ size_limit = 20480000

Bounce mail Length Filtering

Parameters:

Bounce_size_limit

Note:

This parameter is very important to set the maximum size of the Bounce Message.

The default value is 50000 bytes.