Conversion to 7BIT required but not supported
Dino Edwards
dino.edwards at mydirectmail.net
Sun Jan 5 12:07:36 CET 2020
As requested:
==== main.cf starts here ====
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
bounce_queue_lifetime = 5d
maximal_queue_lifetime = 14d
data_directory = /var/lib/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
myorigin = example.com
myhostname = SMTP.example.com
masquerade_domains = mail.example.com example.com
mynetworks = 127.0.0.1, 192.168.0.0/24
message_size_limit = 52428800
local_transport = ERROR: No local mail delivery is allowed
mydestination =
local_recipient_maps =
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
relay_recipient_maps= mysql:/etc/postfix/mysql-recipients.cf
transport_maps = hash:/etc/postfix/transport
relay_domains = mysql:/etc/postfix/mysql-domains.cf
recipient_delimiter =
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_sender_access mysql:/etc/postfix/mysql-senders.cf, reject_invalid_hostname, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_policy_service unix:private/policy-spf
smtpd_data_restrictions = reject_unauth_pipelining
header_checks = regexp:/etc/postfix/regexp_header_checks
body_checks = pcre:/etc/postfix/body_checks
content_filter = amavis:[127.0.0.1]:10021
receive_override_options = no_address_mappings
smtpd_banner = $myhostname SMTP Secure Email Gateway ESMTP
policy-spf_time_limit = 3600s
#TLS Policy
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_note_starttls_offer = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
# TLS parameters
smtpd_tls_cert_file = /opt/SMTP/ssl/SMTP-tls.cer
smtpd_tls_key_file = /opt/SMTP/ssl/SMTP-tls.key
smtpd_tls_CAfile = /opt/SMTP/ssl/SMTP-tls.root.cer
#smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_loglevel = 1
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = enforce
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
#postscreen_dnsbl_sites = bl.spamcop.net, zen.spamhaus.org, dnsbl.sorbs.net
postscreen_dnsbl_sites = bl.spameatingmonkey.net*2, list.dnswl.org=127.[0..255].[0..255].0*-2, list.dnswl.org=127.[0..255].[0..255].1*-3, list.dnswl.org=127.[0..255].[0..255].[2..255]*-4, bl.spamcop.net*2, wl.mailspike.net*-2, psbl.surriel.com, dnsbl.sorbs.net*2, bl.mailspike.net*2, zen.spamhaus.org*3, b.barracudacentral.org*3
postscreen_dnsbl_threshold = 3
postscreen_pipelining_enable = no
postscreen_non_smtp_command_enable = no
postscreen_bare_newline_action = enforce
postscreen_bare_newline_enable = no
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd
relayhost =
smtp_sasl_auth_enable = no
smtpd_relay_restrictions = permit_mynetworks, reject_unauth_destination, check_sender_access mysql:/etc/postfix/mysql-senders.cf, reject_invalid_hostname, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_policy_service unix:private/policy-spf
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:127.0.0.1:8891, inet:127.0.0.1:54321
non_smtpd_milters = inet:127.0.0.1:8891, inet:127.0.0.1:54321
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/amavis_senderbypass, reject_non_fqdn_sender, reject_unknown_sender_domain
==== main.cf ends here ====
==== master.cf starts here ====
# === Postscreen Enabled Configuration below this line ===
#Disable line 1 and enable lines 2, 3, 4, and 5 to enable postscreen
#smtp inet n - n - - smtpd
smtpd pass - - n - - smtpd
smtp inet n - n - 1 postscreen
tlsproxy unix - - n - 0 tlsproxy
dnsblog unix - - n - 0 dnsblog
# === Postscreen Enabled Configuration above this line ===
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
pickup fifo n - n 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
djigzo unix - - n - 4 smtp
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o smtp_generic_maps=
# ==== PYTHON SPF POLICY BELOW THIS LINE. ENABLE IF YOU WISH TO USE
policy-spf unix - n n - - spawn
user=nobody argv=/usr/bin/policyd-spf
# === PYTHON SPF POLICY ABOVE THIS LINE ===
# cleanup for reinject so we can set the hopcount_limit differently for the reinjection port
cleanup_reinject unix n - - - 0 cleanup
-o hopcount_limit=100
127.0.0.1:10026 inet n - n - 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_authorized_xclient_hosts=127.0.0.0/8
-o cleanup_service_name=cleanup_reinject
-o smtpd_milters=inet:127.0.0.1:8891
# injection port for mail sent by djigzo web gui
127.0.0.1:10027 inet n - - - 10 smtpd
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_tls_security_level=
-o mynetworks=127.0.0.0/8
-o syslog_name=postfix/10027
-o smtpd_milters=inet:127.0.0.1:8891
sa-wrapper unix - n n - - pipe
user=amavis argv=/etc/sal-wrapper-0.2.1/sal-wrapper.pl --${mailbox}
==== master.cf ends here ====
Thanks!
-----Original Message-----
From: amavis-users <amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org> On Behalf Of Damian
Sent: Saturday, January 4, 2020 7:05 PM
To: amavis-users at amavis.org
Subject: Re: Conversion to 7BIT required but not supported
Can you post your main.cf and master.cf (anonymization is fine)?
> I'm using Postfix as the MTA. I don't have smtpd_discard_ehlo_keywords_address_maps set in my main.cf at all
More information about the amavis-users
mailing list