#
# Some of my Postfix recommendations (october 2007) - straight from one of my CentOS servers' main.cf file
# virus-scanning is done via clamsmtpd ( http://memberwebs.com/stef/software/clamsmtp/ ) and clamav (clamd and freshclam)
#
# this config is tested and working well for servers handling 80 mail-users or less
#

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
mydomain = xx.nl
myhostname = mail.xx.nl
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,	mail.$mydomain, $mydomain, xx.com, xx.net, xx.org
inet_interfaces = xxx.xxx.xxx.xxx, 127.0.0.1
mynetworks = xxx.xxx.xxx.xxx/32, xxx.xxx.xxx.xxx/32, 127.0.0.0/8

local_recipient_maps =
unknown_local_recipient_reject_code = 550

alias_maps = hash:/etc/aliases
home_mailbox = Maildir/
mail_spool_directory = /var/spool/mail
smtpd_banner = $myhostname
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.2.10/samples
readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES

content_filter = scan:[127.0.0.1]:10025
receive_override_options = no_address_mappings
empty_address_recipient = admin

default_process_limit = 64
default_recipient_limit = 10000
default_minimum_delivery_slots = 4

anvil_rate_time_unit = 60s
smtpd_client_connection_count_limit = 40
smtpd_client_connection_rate_limit = 200
#smtpd_client_message_rate_limit = 60
anvil_status_update_time = 1800s
append_at_myorigin = yes
append_dot_mydomain = no

smtp_helo_timeout = 60s
smtp_connect_timeout = 60s
smtp_destination_concurrency_limit = 10
smtp_destination_recipient_limit = 24
smtpd_recipient_limit = 80
smtpd_recipient_overshoot_limit = 120
local_destination_concurrency_limit = 3
smtpd_soft_error_limit = 6
smtpd_error_sleep_time = 2s
smtpd_hard_error_limit = 16
minimal_backoff_time = 200s
maximal_backoff_time = 4000s
maximal_queue_lifetime = 8d
body_checks_size_limit = 102400
header_size_limit = 102400
message_size_limit = 40960000
mailbox_size_limit = 4096000000
queue_minfree = 122880000
qmgr_message_active_limit = 12000
bounce_size_limit = 150000
in_flow_delay = 2s

strict_rfc821_envelope = yes
disable_vrfy_command = yes
biff = no
smtpd_delay_reject = yes

smtpd_recipient_restrictions = permit_mynetworks,
   reject_invalid_hostname,
   reject_non_fqdn_recipient,
   reject_unknown_recipient_domain,
   reject_unauth_destination,
   reject_unauth_pipelining,
   reject_non_fqdn_sender,
   reject_unknown_sender_domain,
   reject_rbl_client hosts.rbl.zonnet.net,
   reject_rbl_client zen.spamhaus.org,
   reject_rbl_client dul.dnsbl.sorbs.net,
   reject_rbl_client psbl.surriel.com,
   permit

smtpd_data_restrictions = reject_multi_recipient_bounce, reject_unauth_pipelining, permit
smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain, permit