pwcheck_method: saslauthd
log_level: 3
mech_list: plain login

recipient_delimiter = +
home_mailbox = Maildir/
mailbox_transport = virtual:unix:/home/vmail/
header_checks = pcre:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
smtpd_banner = Prefeitura Municipal de Muriae Mail Server

masquerade_domains = /etc/postfix/meus_dominios

smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =

smtpd_client_restrictions = permit_sasl_authenticated,
check_client_access pcre:/etc/postfix/ip_access.bkp,
# permit_mynetworks,
## check_client_access hash:/etc/postfix/helo_ok,
reject_unknown_reverse_client_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
# reject_unknown_client,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
# reject_unknown_hostname,
reject_non_fqdn_hostname,
reject_unauth_pipelining,
reject_unlisted_sender,
reject_unlisted_recipient,
# reject_unverified_sender,
# reject_unverified_recipient,
reject_rbl_client rbl.brasilrbl.com.br,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rhsbl_client rhsbl.brasilrbl.com.br,
reject_rhsbl_sender rhsbl.brasilrbl.com.br,
## reject_rhsbl_client blackhole.securitysage.com,
## reject_rhsbl_sender blackhole.securitysage.com,
reject_rhsbl_client rhsbl.sorbs.net,
reject_rhsbl_sender rhsbl.sorbs.net,
permit

##smtpd_helo_restrictions = permit_sasl_authenticated,
# check_helo_access hash:/etc/postfix/helo_ok,
# permit_mynetworks,
# reject_invalid_hostname,
# reject_unknown_hostname,
# reject_non_fqdn_sender,
## reject_unauth_pipelining,
## reject_unknown_helo_hostname

smtpd_sender_restrictions = permit_sasl_authenticated,
# permit_mynetworks,
# check_sender_access hash:/etc/postfix/helo_ok,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unlisted_sender,
reject_unverified_sender,
reject_unauth_pipelining
# reject_unknown_client,

smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_proibidos,
permit_sasl_authenticated,
# permit_mynetworks,
# reject_sender_login_mismatch,
# permit_mynetworks,
reject_authenticated_sender_login_mismatch,
reject_unauth_pipelining,
# reject_unknown_client,
reject_unknown_recipient_domain,
reject_unverified_recipient,
reject_unlisted_recipient,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:60000,
# check_policy_service unix:private/greylist,
check_policy_service unix:private/policy,
# check_recipient_access hash:/etc/postfix/whitelist,
permit

smtpd_data_restrictions = reject_unauth_pipelining
smtpd_etrn_restrictions = permit_sasl_authenticated, reject

##smtpd_helo_required = yes
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554

smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/postfix.cert
smtpd_tls_key_file = /etc/postfix/postfix.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

### configuracoes dos dominios virtuais #############

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /home/vmail/

### armazenamento de mensagens dos dominios virtuais #####################

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_limit = 51200000
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_transport = virtual

### configuraoes de quota ##############################

virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sua caixa de email esta cheia, favor liberar espa..
virtual_overquota_bounce = yes

smtpd_recipient_limit = 21

#Entrega de e-mails para mesmo destino
smtp_destination_concurrency_limit = 50

#Entrega de e-mails para mesmo destino - remoto
default_destination_concurrency_limit = 50

#Entrega de e-mails para mesmo destino - local
default_destination_recipient_limit = 50

#Tempo de reenvio de mensagem em fila
fast_flush_refresh_time = 1h

#Tempo de dele�o de mensagem em fila
fast_flush_purge_time = 1d

#Tempo de mensagem em fila
maximal_queue_lifetime = 240m

bounce_queue_lifetime = 240m

biff = yes
#always_bcc=edsonferreira@dpcnet.com.br
allow_untrusted_routing = no

#content_filter = lmtp-filter:127.0.0.1:10025
#receive_override_options = no_address_mappings

default_process_limit = 500
command_time_limit = 3600

# dk-milter
#smtpd_milters = unix:/var/run/dk-milter/dk.sock
#non_smtpd_milters = unix:/var/run/dk-milter/dk.sock