diff --git a/install_postfix_advanced.sh b/install_postfix_advanced.sh index 6051f8b..28eb00c 100755 --- a/install_postfix_advanced.sh +++ b/install_postfix_advanced.sh @@ -1010,6 +1010,10 @@ echononl " Creeate new postfix configuration file" cat < /etc/postfix/main.cf # ============ Basic settings ============ +# Disable backwards compatibility +compatibility_level = 2 + + # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. diff --git a/install_postfix_base.sh b/install_postfix_base.sh index 41436b8..071d106 100755 --- a/install_postfix_base.sh +++ b/install_postfix_base.sh @@ -488,6 +488,10 @@ echononl " Creeate new postfix configuration file" cat < /etc/postfix/main.cf # ============ Basic settings ============ +# Disable backwards compatibility +compatibility_level = 2 + + # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. @@ -838,6 +842,39 @@ smtpd_tls_exclude_ciphers = smtpd_tls_session_cache_database = btree:\${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:\${data_directory}/smtp_scache + + +#======= smtpd Restrictions ============ + +# smtpd_relay_restrictions +# +# IMPORTANT: Either the smtpd_relay_restrictions or the smtpd_recipient_restrictions +# parameter must specify at least one of the following restrictions. Otherwise Postfix +# will refuse to receive mail: +# +# reject, reject_unauth_destination +# +# defer, defer_if_permit, defer_unauth_destination +# +# +# The upstream default is: +# +# smtpd_relay_restrictions = \${{\$compatibility_level} < {1} ? {} : +# {permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination}} +# +# AGAIN, that means: if parameter compatibility_level is not set or compatibility_level is +# set to '0', you MUST specify this value. Otherwise Postfix will refuse to receive mail +# and you get the following error message: +# +# fatal: in parameter smtpd_relay_restrictions or smtpd_recipient_restrictions, specify +# at least one working instance of: reject_unauth_destination, defer_unauth_destination, +# reject, defer, defer_if_permit or check_relay_domains +# +#smtpd_relay_restrictions = +# permit_mynetworks, +# permit_sasl_authenticated, +# defer_unauth_destination + EOF echo_ok