It's located /etc/postfix/main.cf and has main settings for our postfix server like users' table, relaying
control, StartTLS/SSL settings & so on.
Here're lines you need to change at your default main.cf configuration
######################################################################
#your server's hostname and domain name
myhostname = postfix.domain.com
mydomain = domain.com
# Transport map's table
transport_maps = mysql:/etc/postfix/mysql/transport.cf
# Our users and aliases tables;
virtual_mailbox_base = /
virtual_mailbox_maps = mysql:/etc/postfix/mysql/users.cf
virtual_alias_maps = mysql:/etc/postfix/mysql/aliases.cf
# Quotas limitiations
mailbox_size_limit = 8120000000
message_size_limit = 10240000
virtual_mailbox_limit = 812000000
# List our domains here
mydestination =
localhost,
$myhostname,
localhost.$mydomain,
mysql:/etc/postfix/mysql/domains.cf
local_recipient_maps =
$virtual_mailbox_maps,
$virtual_alias_maps,
$transport_maps,
unix:passwd.byname
#Our local users' map
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
# Special settings for a few not RFC email software
broken_sasl_auth_clients = yes
#Offer StartTLS on greeting for SMTP authorization
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_delay_reject = yes
################## Our restrictrions on SMTP relaying
smtpd_recipient_restrictions =
# allow to relay for StartTLS authorized users
permit_sasl_authenticated,
# allow to relay for authorized by pop users
check_client_access mysql:/etc/postfix/mysql/pop-before-smtp.cf,
# allow to relay for computers at our network
check_client_access mysql:/etc/postfix/mysql/access.cf,
# allow to relay for computers at our network
reject_unauth_destination,
# allow to relay our networks ( listed above at default config )
permit_mynetworks,
# allow to send emails for domains we are backup MX host
permit_mx_backup,
# reject sending from hosts listed as opened relays
# fFull list you can take at http://smartcgi.com/dist/rbl.txt
reject_rbl_client list.dsbl.org,
reject_rbl_client relays.ordb.org,
# Permit our networks to relay over our smtp server
smtpd_client_restrictions = permit_mynetworks
#some special settings for DRWEB antivirus
# read more at drweb's documentation
drweb_destination_recipient_limit = 1
test_destination_recipient_limit = 1
# StartTLS/SSL settings
smtp_use_tls = yes
smtpd_tls_auth_only = no
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 4
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
# A certificate for our StartTLS/SSL transport
smtpd_tls_key_file = /etc/postfix/postfix.key
smtpd_tls_cert_file = /etc/postfix/postfix.cert
######################################################################
This file can be taken at http://smartcgi.com/dist/postfix/config/main.cf.
| 
Home
