projects / sysconfig / postfix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Try to route outgoing messages through diff IPs depending on trust
[sysconfig/postfix.git] / main.cf
diff --git a/main.cf b/main.cf
index 62cee03964c1899c06781007e7a033cab8270d2d..5c8b27727cad451e1750fd15bd4b2ba6f92fdeda 100644 (file)
--- a/main.cf
+++ b/main.cf
@@ -150,7 +150,7 @@ myorigin = $mydomain
 #
 # See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
 #
-mydestination = $myhostname, dehnert.arctic.org, localhost, localhost.localdomain, localdomain.localdomain, dehnerts.com, www.dehnerts.com, mail.dehnerts.com, copan.dehnerts.com, mail.dehnert.arctic.org, copan.dehnert.arctic.org, borobudur.dehnert.arctic.org, borobudur.dehnerts.com, gwynedd.dehnert.arctic.org, gwynedd.dehnerts.com, olinda.dehnerts.com, olinda.dehnert.arctic.org, olinda.mit.edu
+mydestination = $myhostname, dehnert.arctic.org, localhost, localhost.localdomain, localhost.dehnerts.com, localdomain.localdomain, dehnerts.com, www.dehnerts.com, mail.dehnerts.com, copan.dehnerts.com, mail.dehnert.arctic.org, copan.dehnert.arctic.org, borobudur.dehnert.arctic.org, borobudur.dehnerts.com, gwynedd.dehnert.arctic.org, gwynedd.dehnerts.com, olinda.dehnerts.com, olinda.dehnert.arctic.org, olinda.mit.edu
 #mydestination = $myhostname, localhost.$mydomain, localhost
 #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
 #mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
@@ -257,7 +257,7 @@ unknown_local_recipient_reject_code = 450
 # (the value on the table right-hand side is not used).
 #
 # Added by Alex Dehnert
-mynetworks = 66.92.29.156/32, 66.92.29.144/32, 127.0.0.1/32, 18.111.8.18/32, 18.208.0.0/24
+mynetworks = 66.92.29.156/32, 66.92.29.144/32, 127.0.0.1/32, 18.111.8.18/32, 18.102.208.0/24
 #mynetworks = 168.100.189.0/28, 127.0.0.0/8
 #mynetworks = $config_directory/mynetworks
 #mynetworks = hash:/etc/postfix/network_table
@@ -272,12 +272,17 @@ smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_type = dovecot
 smtpd_sasl_path = private/auth
-smtpd_tls_cert_file=/etc/ssl/certs/postfix.crt
+smtpd_tls_cert_file=/etc/ssl/local-certs/postfix.crt
 smtpd_tls_key_file=/etc/ssl/private/postfix.key
-smtpd_use_tls = no
+smtpd_use_tls = yes
 smtpd_tls_auth_only = yes
 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# Alex Dehnert, 2017-11-01
+# Based on https://serverfault.com/questions/663979/virtual-alias-domains-how-to-use-different-ip-addresses-when-forwarding-mail
+
+sender_dependent_default_transport_maps = hash:/etc/mail/sender-transport
     
 # The relay_domains parameter restricts what destinations this system will
 # relay mail to.  See the smtpd_recipient_restrictions description in
@@ -689,3 +694,4 @@ home_mailbox = .maildir/
 
 # 2005-01-19
 owner_request_special = no
+smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated permit_auth_destination reject_unauth_destination