{"id":3525,"date":"2015-04-17T20:39:30","date_gmt":"2015-04-17T20:39:30","guid":{"rendered":"http:\/\/www.deuzebranaweb.com.br\/?p=3525"},"modified":"2015-04-17T20:39:30","modified_gmt":"2015-04-17T20:39:30","slug":"main-cf","status":"publish","type":"post","link":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/2015\/04\/17\/main-cf\/","title":{"rendered":"main.cf"},"content":{"rendered":"<blockquote><p>arquivo de configura\u00e7\u00e3o do Postfix com restri\u00e7\u00f5es por cabe\u00e7alho, corpo, restri\u00e7\u00e3o de envio para usu\u00e1rios do pr\u00f3prio dominio, relay fechado, restri\u00e7\u00e3o por envio e recebimento de arquivos com extens\u00f5es supeitas de virus, configura\u00e7\u00e3o para o amavis, tudo comentado por mim em portugues.<\/p><\/blockquote>\n<div class=\"pull-right\"><\/div>\n<ul class=\"commentBar\">\n<li><a id=\"fonteHide\" href=\"http:\/\/www.vivaolinux.com.br\/etc\/main.cf-tiagodge\/\"><i class=\"fa fa-unlink\"><\/i> <span id=\"labelFonte\">Esconder<\/span> c\u00f3digo-fonte<\/a><\/li>\n<li><a href=\"http:\/\/www.vivaolinux.com.br\/conf\/download.php?codigo=318\"><i class=\"fa fa-download\"><\/i> Download<\/a><\/li>\n<\/ul>\n<p>###############################################################################<br \/>\n###############################SOFT BOUNCE#####################################<br \/>\n###############################################################################<br \/>\n# Parametro utilizado quando se configura um antivirus para email.<br \/>\nsoft_bounce = yes<\/p>\n<p>#Localiza\u00e7\u00e3o de todos os comandos do Postix<br \/>\ncommand_directory = \/usr\/sbin<\/p>\n<p>#Localiza\u00e7\u00e3o de todos deamons do Postfix (Definidos no master.cf)<br \/>\ndaemon_directory = \/usr\/lib\/postfix<\/p>\n<p># Usu\u00e1rio respons\u00e1vel pela queue Postfix e por grande parte dos deamons. Use um usu\u00e1rio exclusivo para essa defini\u00e7\u00e3o.<\/p>\n<p>default_privs = tiago<\/p>\n<p>default_privs = tiago<\/p>\n<p>#Nome dos servidores e nome da maquina que \u00e9 servidor<\/p>\n<p>#Nome da m\u00e1quina que funciona como servidor de email<br \/>\n#myhostname = hostname<\/p>\n<p># Dominio ao qual a m\u00e1quina pertence.<br \/>\n#mydomain = domainname<\/p>\n<p>###############################################################################<br \/>\n################################SENDING MAIL###################################<br \/>\n###############################################################################<br \/>\n# Dom\u00ednio que deve ser anexado aos cabe\u00e7alhos de emails que s\u00e3o recebidos e\/ou enviados pelo MTA.<\/p>\n<p>###############################################################################<br \/>\n################################RECEIVING MAIL#################################<br \/>\n###############################################################################<br \/>\n#inet_interfaces = $myhostname<br \/>\n#inet_interfaces = $myhostname, localhost<\/p>\n<p>#proxy_interfaces =<br \/>\n#proxy_interfaces = 1.2.3.4<\/p>\n<p>#Lista de dom\u00ednios que o servidor \u00e9 o respons\u00e1vel pelo destino final.<br \/>\n#mydestination = $myhostname, localhost.$mydomain<br \/>\nmydestination = $myhostname, localhost.$mydomain, $mydomain<br \/>\n#mydestination = $myhostname, localhost.$mydomain, $mydomain,<\/p>\n<p>###############################################################################<br \/>\n#####################REJECTING MAIL FOR UNKNOWN LOCAL USERS####################<br \/>\n###############################################################################<br \/>\n#local_recipient_maps = unix:passwd.byname $alias_maps<br \/>\n#local_recipient_maps = proxy:unix:passwd.byname $alias_maps<br \/>\n#local_recipient_maps =<\/p>\n<p># Unknown_local_recipient_reject_code = 550<br \/>\nunknown_local_recipient_reject_code = 450<\/p>\n<p>###############################################################################<br \/>\n########################TRUST AND RELAY CONTROL################################<br \/>\n###############################################################################<\/p>\n<p># Lista de endere\u00e7os que tem permiss\u00f5es de enviar emails (relays) atrav\u00e9s do Postfix. Existem duas maneiras de definir isso, manualmente (atrav\u00e9s de mynetworks) ou automaticamente(mynetworks_style).<br \/>\n#mynetworks_style = class<br \/>\n#mynetworks_style = subnet<br \/>\n#mynetworks_style = host<\/p>\n<p># Defini\u00e7\u00e3o manual de endere\u00e7os que tem permiss\u00f5es de enviar emails (relay)atraves do postfix.<br \/>\nmynetworks = 192.168.201.0\/24, 192.168.202.0\/24, 127.0.0.0\/8,<br \/>\n#mynetworks = $config_directory\/mynetworks<br \/>\n#mynetworks = hash:\/etc\/postfix\/network_table<\/p>\n<p>#Quais destinos (dominios) ser\u00e3o aceitos para serem processados. Por padr\u00e3o o Postfix tem relay para:<br \/>\n# &#8211; Clientes confi\u00e1veis (especificados por $mynetworks ou $mynetworks_style) para qualquer destino.<br \/>\n# &#8211; De qualquer origem, clientes n\u00e3o-confi\u00e1veis, para os destinos especificados por relay_domains. O valor padr\u00e3o deste parametro \u00e9 mydestination.<br \/>\n#<br \/>\nrelay_domains = $mydestination, curimbaba.com.br<\/p>\n<p># Maquina padr\u00e3o para ser enviada um email n\u00e3o local quando nenhuma entrada \u00e9 encontrada na tabela opcional transport(5). Quando n\u00e3o definido, os emails localmente repassando isso para o servidor de email do ISP, por exemplo.<\/p>\n<p>#relayhost = $mydomain<br \/>\n#relayhost = gateway.my.domain<br \/>\n#relayhost = uucphost<br \/>\n#relayhost = [an.ip.add.ress]<br \/>\n#relay_recipient_maps = hash:\/etc\/postfix\/relay_recipients<br \/>\n#in_flow_delay = 1s<\/p>\n<p>###############################################################################<br \/>\n############################ALIAS##############################################<br \/>\n###############################################################################<\/p>\n<p># Uma caracter\u00edstica bastante importante do sistema de correio eletr\u00f4nico est\u00e1 na possibilidade de criar aliases. Isso permite que o usu\u00e1rio tenha uma s\u00e9rie de apelidos para a sua caixa postal.<\/p>\n<p>#Alias_map especifica o arquivo respons\u00e1vel pela base de dados de alias usados pelo MTA para entregar os emails<\/p>\n<p>#alias_maps = dbm:\/etc\/aliases<br \/>\nalias_maps = hash:\/etc\/postfix\/aliases<br \/>\n#alias_maps = hash:\/etc\/aliases, nis:mail.aliases<br \/>\n#alias_maps = netinfo:\/aliases<\/p>\n<p># Base de dados para a entrega feita por local(8), podendo ser atualizada atrav\u00e9s do comando &#8220;newaliases&#8221;. Isso \u00e9 um parametro de configura\u00e7\u00e3o a parte, pois nem todas as tabelas especificadas em alias_map s\u00e3o arquivos locais.<\/p>\n<p>#alias_database = dbm:\/etc\/aliases<br \/>\nalias_database = hash:\/etc\/postfix\/aliases<br \/>\n#alias_database = hash:\/etc\/aliases<br \/>\n#alias_database = hash:\/etc\/aliases, hash:\/opt\/majordomo\/aliases<\/p>\n<p>###############################################################################<br \/>\n########################DELIVERY TO MAILBOX####################################<br \/>\n###############################################################################<\/p>\n<p># Parametro opcional que define o path do arquivo de mailboxes relativo ao home dir dos usu\u00e1rios. Implementa o estilo de mailbo chamado de Maildir<\/p>\n<p>#home_mailbox = maildir\/<br \/>\nmailbox_command = \/usr\/bin\/procmail<br \/>\n#mailbox_command = \/some\/where\/procmail -a &#8220;$EXTENSION&#8221;<\/p>\n<p>#mailbox_transport = lmtp:unix:\/file\/name<br \/>\n#mailbox_transport = cyrus<\/p>\n<p>#fallback_transport = lmtp:unix:\/file\/name<br \/>\n#fallback_transport = cyrus<br \/>\n#fallback_transport =<\/p>\n<p>#luser_relay = $user@other.host<br \/>\n#luser_relay = $local@other.host<br \/>\n#luser_relay = admin+$local<\/p>\n<p>###############################################################################<br \/>\n##############################FAST ETRN SERVICE################################<br \/>\n###############################################################################<\/p>\n<p># SHOW SOFTWARE VERSION OR NOT<br \/>\n#smtpd_banner = $myhostname ESMTP $mail_name<br \/>\nsmtpd_banner = $myhostname ESMTP $mail_name ($mail_version)<\/p>\n<p># PARALLEL DELIVERY TO THE SAME DESTINATION<br \/>\n# N\u00edvel de debug<br \/>\ndebug_peer_level = 2<\/p>\n<p># Par\u00e2metros para o debug<br \/>\n#debugger_command =<br \/>\n# PATH=\/bin:\/usr\/bin:\/usr\/local\/bin:\/usr\/X11R6\/bin<br \/>\n# xxgdb $daemon_directory\/$process_name $process_id &amp; sleep 5<\/p>\n<p># Caminho do Sendmail<br \/>\nsendmail_path = \/usr\/sbin\/sendmail<\/p>\n<p># Caminho do Newaliases<br \/>\nnewaliases_path = \/usr\/bin\/newaliases<\/p>\n<p># Caminho do Mailq<br \/>\nmailq_path = \/usr\/bin\/mailq<\/p>\n<p># Grupo do Postfix<br \/>\nsetgid_group = postdrop<\/p>\n<p># Diret\u00f3rio do Manual<br \/>\nmanpage_directory = \/usr\/local\/man<\/p>\n<p># Diret\u00f3rio de Exemplos<br \/>\nsample_directory = \/etc\/postfix\/sample<\/p>\n<p>readme_directory = no<\/p>\n<p>#smtpd_sasl_auth_enable = yes<\/p>\n<p># Tamanho da caixa do usu\u00e1rio ( 50 Megas )<br \/>\nmailbox_size_limit = 51200000<\/p>\n<p># Tamanho m\u00e1ximo da mensagem (5\/ 10 Megas ) 10=10240000<br \/>\nmessage_size_limit = 10240000<\/p>\n<p># N\u00famero m\u00e1ximo de destinat\u00e1rios no mesmo e-mail<br \/>\nsmtpd_recipient_limit = 2500<\/p>\n<p># Respeita RFC 821 &#8211; MAIL FROM e RCPT TO<br \/>\nstrict_rfc821_envelopes = yes<\/p>\n<p># Ativo checagem de helo<br \/>\nsmtpd_helo_required = yes<\/p>\n<p># Desabilitada VRFY<br \/>\ndisable_vrfy_command = yes<\/p>\n<p># Habilita requisi\u00e7\u00e3o de HELO\/EHLO<br \/>\nsmtpd_helo_required = yes<\/p>\n<p>###############################################################################<br \/>\n###############################Listas de RBL###################################<br \/>\n###############################################################################<\/p>\n<p>#Obs.: Utilizar com cuidado as listas, pois algumas bloqueiam e-mails do Brasil. Mais informa\u00e7\u00f5es em: http:\/\/www.dnsstuff.com<br \/>\nmaps_rbl_domains = relays.ordb.org, list.dsbl.org, dun.dnsrbl.net, spam.dnsrbl.net<\/p>\n<p>###############################################################################<br \/>\n######################RESTRI\u00c7OES DE CLIENTES###################################<br \/>\n###############################################################################<\/p>\n<p># Restric\u00e3o do cliente &#8211; Ap\u00f3s o aceite da conexao SMTP<br \/>\n# Op\u00e7\u00e3o de restri\u00e7\u00e3o a n\u00edvel de requisi\u00e7\u00e3o de conex\u00f5es de clientes SMTP. O padr\u00e3o do Postfix \u00e9 aceitar tudo.<br \/>\nsmtpd_client_restrictions =<br \/>\n# Checa conte\u00fado do CLIENT_ACCESS<br \/>\n#check_client_access hash:\/etc\/postfix\/client_access,<br \/>\n# Permite &#8220;mynetwork&#8221;<br \/>\npermit_mynetworks,<br \/>\n# Permite conteudo do ACCESS<br \/>\n#hash:\/etc\/postfix\/access,<br \/>\n# Quando n\u00e3o h\u00e1 entrada PTR do IP<br \/>\nreject_unknown_client,<br \/>\n# Bloqueio de dominios inv\u00e1lidos<br \/>\nreject_unknown_sender_domain,<br \/>\n# Bloqueio comando para for\u00e7ar entrega<br \/>\n#reject_unauth_pipelining,<br \/>\n# Bloqueia IP&#8217;s listados em RBL<br \/>\nreject_rbl_client maps_rbl_domains<\/p>\n<p>###############################################################################<br \/>\n##########################RESTRI\u00c7OES DE HELO###################################<br \/>\n###############################################################################<\/p>\n<p># Restric\u00e3o durante comando HELO\/EHLO<br \/>\nsmtpd_helo_restrictions =<br \/>\n# Permite &#8220;mynetwork&#8221;<br \/>\npermit_mynetworks,<br \/>\n# # Quando n\u00e3o \u00e9 informado o hostname<br \/>\nreject_invalid_hostname,<br \/>\n# # Quando n\u00e3o existe entrada DNS A ou MX<br \/>\nreject_unknown_hostname,<br \/>\n# # Quando o hostname n\u00e3o apresenta hostname v\u00e1lido<br \/>\nreject_non_fqdn_hostname,<br \/>\n# # Bloqueio comando para for\u00e7ar entrega<br \/>\nreject_unauth_pipelining,<br \/>\n# # Bloqueia IP&#8217;s listados em RBL<br \/>\nreject_rbl_client maps_rbl_domains<\/p>\n<p>###############################################################################<br \/>\n######################RESTRICAO DE ENVIO(SENDER)###############################<br \/>\n###############################################################################<\/p>\n<p># Restri\u00e7oes opcionais que o Postfix aplica no valor definido no comando mail from. O padr\u00e3o \u00e9 permitir tudo.<br \/>\n#smtpd_sender_restrictions =<br \/>\n# Permite &#8220;mynetwork&#8221;<br \/>\n# permit_mynetworks,<br \/>\n# Permite conteudo do ACCESS<br \/>\n# Procura por especifica\u00e7\u00f5es feitas em uma base para o endere\u00e7o,o dominio etc<br \/>\n# check_sender_access hash:\/etc\/postfix\/access<br \/>\n# Bloqueio quando n\u00e3o existe entrada DNS A ou MX<br \/>\n# Rejeita a requisi\u00e7\u00e3o quando o dominio especificado em MAIL FROM n\u00e3o tem um registro DNS A ou MX e o postfix<br \/>\n# n\u00e3o \u00e9 o destino final para o remetente.<br \/>\n# reject_unknown_sender_domain,<br \/>\n# Quando o hostname n\u00e3o apresenta hostname v\u00e1lido<br \/>\n# Rejeita a requisi\u00e7\u00e3o quando o dominio especificado em MAIL FROM n\u00e3o estiver em FQDN, conforme a RFC.<br \/>\n# reject_non_fqdn_sender,<br \/>\n# Bloqueio comando para for\u00e7ar entrega.<br \/>\n# reject_unauth_pipelining<\/p>\n<p>###############################################################################<br \/>\n########################RESTRI\u00c7\u00c3O DE ENVIO POR USUARIO#########################<br \/>\n###############################################################################<\/p>\n<p>#smtpd_restriction_classes = dominios_restritos<br \/>\n#dominios_restritos = check_sender_access hash:\/etc\/postfix\/dominios_restritos, reject<\/p>\n<p>###############################################################################<br \/>\n###################RESTRI\u00c7\u00c3O APLICADA AO RCP TO################################<br \/>\n###############################################################################<\/p>\n<p># Restric\u00e3o aplicada no RCPT TO<br \/>\n# Restri\u00e7\u00f5es opcionais do Postfix no que diz respeito a valores do campo RCPT_TO. Por padr\u00e3o s\u00e3o definidos o<br \/>\n#smtpd_recipient_restrictions =<br \/>\n# Restricao de envio por usuario<br \/>\n# hash:\/etc\/postfix\/usuarios_restritos<br \/>\n# Permite &#8220;mynetwork&#8221;<br \/>\n# permit_mynetworks<br \/>\n# Permite conte\u00fado do ACCESS<br \/>\n# permit network e reject_unauth_destination<br \/>\n# check_sender_access hash:\/etc\/postfix\/access,<br \/>\n# Bloqueia quando n\u00e3o existe entrada DNS A ou MX<br \/>\n# reject_unknown_recipient_domain,<br \/>\n# Quando o hostname n\u00e3o apresenta hostname v\u00e1lido<br \/>\n# reject_non_fqdn_recipient,<br \/>\n# Bloqueio comando para for\u00e7ar entrega<br \/>\n# reject_unauth_pipelining<\/p>\n<p>###############################################################################<br \/>\n########################BLOQUEIO POR ASSUNTO E ANEXO###########################<br \/>\n###############################################################################<\/p>\n<p>#Bloqueio por Assunto<br \/>\nheader_checks = pcre:\/etc\/postfix\/header_checks<br \/>\n#mime_header_checks = $header_checks<br \/>\n#nested_header_checks = $header_checks<\/p>\n<p>###############################################################################<br \/>\n##########################Bloqueio por Conte\u00fado################################<br \/>\n###############################################################################<\/p>\n<p>#body_checks = pcre:\/etc\/postfix\/body_checks<br \/>\n#body_checks = hash:\/etc\/postfix\/corpo<br \/>\n# Verifica os 50 K inicais<br \/>\n#body_checks_size_limit = 51200<\/p>\n<p>## Outros comandos<br \/>\n# Todos os e-mails que chegam ir\u00e3o para e-mail abaixo<br \/>\n#always_bcc = email@meudominio.com.br<\/p>\n<p># Tamanho da mensagem de erro<\/p>\n<p># Tamanho m\u00e1ximo do HEADER aceito<\/p>\n<p># Entrega de e-mails para mesmo destino<br \/>\nsmtp_destination_concurrency_limit = 20<\/p>\n<p>#Tempo de reenvio de mensagem em fila<br \/>\nfast_flush_refresh_time = 12h<\/p>\n<p># Tempo de dele\u00e7\u00e3o de mensagem em fila<br \/>\nfast_flush_purge_time = 1d<\/p>\n<p># Tempo de mensagem em fila<br \/>\nmaximal_queue_lifetime = 240m<\/p>\n<p>###############################################################################<br \/>\n###############################VIRUS SCANNER###################################<br \/>\n###############################################################################<\/p>\n<p>content_filter=smtp-amavis:[127.0.0.1]:10024<\/p>\n<p>###############################################################################<br \/>\n##########################OPCOES DE TRANSPORTE#################################<br \/>\n###############################################################################<\/p>\n<p>transport_maps = hash:\/etc\/postfix\/transport<\/p>\n<p>###############################################################################<br \/>\n###############RESTRI\u00c7\u00c3O DE ENVIO PARA ALGUNS USUARIOS#########################<br \/>\n###############################################################################<\/p>\n<p>#Restri\u00e7\u00e3o de envio para usu\u00e1rios contidos em restricted_senders e libera apenas para dominios contidos em local_domain<br \/>\nsmtpd_recipient_restrictions =<br \/>\ncheck_sender_access hash:\/etc\/postfix\/restricted_senders,<br \/>\npermit_mynetworks,<br \/>\ncheck_relay_domains<br \/>\nsmtpd_restriction_classes = local_only<br \/>\nlocal_only = check_recipient_access hash:\/etc\/postfix\/local_domains, reject<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>http:\/\/www.vivaolinux.com.br\/etc\/main.cf-tiagodge\/<\/p>\n","protected":false},"excerpt":{"rendered":"<p>arquivo de configura\u00e7\u00e3o do Postfix com restri\u00e7\u00f5es por cabe\u00e7alho, corpo, restri\u00e7\u00e3o de envio para usu\u00e1rios do pr\u00f3prio dominio, relay fechado, restri\u00e7\u00e3o por envio e recebimento de arquivos com extens\u00f5es supeitas de virus, configura\u00e7\u00e3o para o amavis, tudo comentado por mim em portugues. Esconder c\u00f3digo-fonte Download&#8230;<\/p>\n","protected":false},"author":2,"featured_media":3541,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_angie_page":false,"page_builder":"","footnotes":""},"categories":[3],"tags":[],"class_list":["post-3525","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-email"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/posts\/3525","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/comments?post=3525"}],"version-history":[{"count":0,"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/posts\/3525\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/media\/3541"}],"wp:attachment":[{"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/media?parent=3525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/categories?post=3525"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.deuzebranaweb.com.br\/index.php\/wp-json\/wp\/v2\/tags?post=3525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}