github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity

update Postfix configuration

Browse source
This commit is contained in:
georglauterbach 2023-12-04 00:41:03 +01:00
parent e4230e5a93
commit 12a8ec36ea
No known key found for this signature in database
GPG key ID: F367F7C43C118578
2 changed files with 11 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
CHANGELOG.md
View file

@ -6,6 +6,15 @@ All notable changes to this project will be documented in this file. The format
> **Note**: Changes and additions listed here are contained in the `:edge` image tag. These changes may not be as stable as released changes.
### Breaking
- Postfix
- `postscreen_dnsbl_whitelist_threshold` was renamed to `postscreen_dnsbl_allowlist_threshold`: this may affect users that monitor logs affected by this change (<https://www.postfix.org/COMPATIBILITY_README.html#respectful_logging>) ([#3403](https://github.com/docker-mailserver/docker-mailserver/pull/3403))
- `compatibility_level` was raised from `2` to `3.6` ([#3403](https://github.com/docker-mailserver/docker-mailserver/pull/3403))
- Usage in logging regarding white / black listing has been replaced with allow / deny listing. This may affect monitoring / analysis of logs output from Postfix that expect to match the prior terminology used.
- smtpd_relay_restrictions (relay policy) is now evaluated aftersmtpd_recipient_restrictions (spam policy). Previously it was evaluated before smtpd_recipient_restrictions. Mail to be relayed via DMS must now pass through the spam policy first.
- TLS fingerprint policy has changed default from MD5 to SHA256 (DMS does not modify this Postfix parameter).
### Added
- **Dovecot:**

7
target/postfix/main.cf
View file

@ -75,7 +75,7 @@ postscreen_dnsbl_sites =
list.dnswl.org=127.0.[0..255].1*-3
list.dnswl.org=127.0.[0..255].[2..3]*-4
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_whitelist_threshold = -1
postscreen_dnsbl_allowlist_threshold = -1
postscreen_greet_action = enforce
postscreen_bare_newline_action = enforce
@ -110,7 +110,4 @@ smtp_header_checks = pcre:/etc/postfix/maps/sender_header_filter.pcre
# http://www.postfix.org/COMPATIBILITY_README.html
# If backwards-compaitibilty log messages appear, fix them by explicitly adding
# the legacy or new default value (alternatively raise the compatibility_level)
#
# TODO: The next compatibility_level is 3.6, when Postfix 3.6 is available consider
# bumping this value after taking the compaitibilty changes into account.
compatibility_level = 2
compatibility_level = 3.6