Hi
I have iMSCP v 1.4.0 on Debian 8 behind a reverse proxy (haproxy) using the smtp proxy protocol (postscreen_upstream_proxy_protocol = haproxy).
Spamassassin is not scanning incoming mail in the configuration although I understand it probably isn't supported.
postconf smtpd_milters is empty and I think this is incorrect?
Can anyone point me in the right direction even if it's the normal smtpd setup and I can probably adapt to my postscreen setup.
- # Postfix master process configuration file. For details on the format# of the file, see the master(5) manual page (command: "man 5 master").## Do not forget to execute "postfix reload" after editing this file.## ==========================================================================# service type private unpriv chroot wakeup maxproc command + args# (yes) (yes) (yes) (never) (100)# ==========================================================================10025 inet n - n - 1 postscreensmtpd pass - - n - - smtpdsmtp inet n - y - - smtpdsubmission inet n - y - - smtpd# -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject# -o milter_macro_daemon_name=ORIGINATING#smtps inet n - y - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject# -o milter_macro_daemon_name=ORIGINATING#628 inet n - y - - qmqpdpickup fifo n - y 60 1 pickupcleanup unix n - y - 0 cleanupqmgr fifo n - n 300 1 qmgr#qmgr fifo n - n 300 1 oqmgrtlsmgr unix - - y 1000? 1 tlsmgrrewrite unix - - y - - trivial-rewritebounce unix - - y - 0 bouncedefer unix - - y - 0 bouncetrace unix - - y - 0 bounceverify unix - - y - 1 verifyflush unix n - y 1000? 0 flushproxymap unix - - n - - proxymapproxywrite unix - - n - 1 proxymapsmtp unix - - y - - smtp# When relaying mail as backup MX, disable fallback_relay to avoid MX loopsrelay unix - - y - - smtp -o smtp_fallback_relay=# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5showq unix n - y - - showqerror unix - - y - - errorretry unix - - y - - errordiscard unix - - y - - discardlocal unix - n n - - localvirtual unix - n n - - virtuallmtp unix - - y - - lmtpanvil unix - - y - 1 anvilscache unix - - y - 1 scache## ====================================================================# Interfaces to non-Postfix software. Be sure to examine the manual# pages of the non-Postfix software to find out what options it wants.## Many of the following services use the Postfix pipe(8) delivery# agent. See the pipe(8) man page for information about ${recipient}# and other message envelope options.# ====================================================================## i-MSCP autoresponderimscp-arpl unix - n n - - pipe flags=O user=vmail:imscp argv=/var/www/imscp/engine/messenger/imscp-arpl-msgr $recipientdovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m INBOX.${extension}
- # General parameters
- inet_protocols = ipv4
- inet_interfaces = all
- mynetworks_style = host
- smtp_bind_address = 192.168.179.21
- smtp_bind_address6 =
- myhostname = email.i-com.co
- mydomain = email.i-com.co.local
- myorigin = $myhostname
- smtpd_banner = $myhostname ESMTP
- append_dot_mydomain = no
- append_at_myorigin = yes
- biff = no
- recipient_delimiter = +
- message_size_limit = 0
- debug_peer_list = mail.com
- debug_peer_level = 5
- postscreen_upstream_proxy_protocol = haproxy
- #postscreen_greet_wait (default: normal: 6s, overload: 2s)
- postscreen_greet_wait = 6s
- #postscreen_greet_action (default: ignore)
- postscreen_greet_action = drop
- # Local delivery parameters
- mydestination = $myhostname localhost.$mydomain localhost $mydomain
- alias_database = hash:/etc/aliases
- alias_maps = hash:/etc/aliases
- local_transport = local
- local_destination_concurrency_limit = 2
- local_destination_recipient_limit = 1
- local_recipient_maps = unix:passwd.byname $alias_database
- mail_spool_directory = /var/mail
- mailbox_size_limit = 0
- # Virtual delivery parameters
- virtual_mailbox_base = /var/mail/virtual
- virtual_mailbox_limit = 0
- virtual_mailbox_domains = hash:/etc/postfix/imscp/domains
- virtual_mailbox_maps = hash:/etc/postfix/imscp/mailboxes
- virtual_alias_domains =
- virtual_alias_maps = hash:/etc/postfix/imscp/aliases
- virtual_transport = dovecot
- virtual_destination_concurrency_limit = 2
- virtual_destination_recipient_limit = 1
- virtual_minimum_uid = 999
- virtual_uid_maps = static:999
- virtual_gid_maps = static:8
- # Relay parameters
- relay_domains = hash:/etc/postfix/imscp/relay_domains
- relay_recipient_maps =
- relay_transport = relay
- relayhost =
- # Transport parameters
- transport_maps = hash:/etc/postfix/imscp/transport
- # SMTP restrictions
- smtpd_helo_required = yes
- smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit
- smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
- smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reje
- ct_unlisted_recipient, permit
- smtpd_data_restrictions = reject_multi_recipient_bounce, reject_unauth_pipelining
- # i-MSCP responder parameters
- imscp-arpl_destination_concurrency_limit = 2
- imscp-arpl_destination_recipient_limit = 1
- # Parameters added at run-time by i-MSCP or 3rd-party components
- smtpd_sasl_type = dovecot
- smtpd_sasl_authenticated_header = yes
- broken_sasl_auth_clients = yes
- smtpd_sasl_path = private/auth
- smtpd_sasl_security_options = noanonymous
- smtpd_sasl_auth_enable = yes
- dovecot_destination_recipient_limit = 1
- dovecot_destination_concurrency_limit = 2
- smtpd_tls_received_header = yes
- smtpd_tls_cert_file = /etc/imscp/imscp_services.pem
- smtp_tls_ciphers = high
- smtpd_tls_ciphers = high
- smtp_tls_loglevel = 0
- smtpd_tls_loglevel = 0
- smtp_tls_security_level = may
- smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
- smtp_tls_exclude_ciphers = aNULL, MD5
- smtp_tls_protocols = !SSLv2, !SSLv3
- smtpd_tls_auth_only = no
- smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache
- smtpd_tls_protocols = !SSLv2, !SSLv3
- smtpd_relay_restrictions =
- smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
- smtpd_tls_security_level = may
- smtpd_tls_exclude_ciphers = aNULL, MD5
- smtpd_tls_key_file = /etc/imscp/imscp_services.pem
- smtpd_tls_session_cache_timeout = 3600s
- milter_default_action = tempfail
- milter_connect_macros = i j {daemon_name} v {if_name} _
Display More
