Der einfach halber Poste ich mal die komplette Main.cf:
# LOCAL PATHNAME INFORMATION
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/local/postfix
# QUEUE AND PROCESS OWNERSHIP
mail_owner = postfix
# INTERNET HOST AND DOMAIN NAMES
myhostname = gundix.crw-home.lan
mydomain = crw-home.lan
# SENDING MAIL
#myorigin = $myhostname
myorigin = $mydomain
# RECEIVING MAIL
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
# REJECTING MAIL FOR UNKNOWN LOCAL USERS
#local_recipient_maps = unix
asswd.byname $alias_maps
local_recipient_maps =
unknown_local_recipient_reject_code = 550
# TRUST AND RELAY CONTROL
#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host
mynetworks = 127.0.0.0/8, 192.168.11.0/24
#relay_domains = $mydestination
# INTERNET OR INTRANET
#relayhost = $mydomain
#relayhost = [gateway.my.domain]
relayhost = mail.crw.de
# set default db type to btree
default_database_type = btree
# ALIAS DATABASE
alias_maps = btree:/etc/aliases
alias_database = btree:/etc/aliases
# ADDRESS EXTENSIONS (e.g., user+foo)
recipient_delimiter = +
mail_spool_directory = /var/spool/postfix/virtual
mail_restrict_map = proxy:mysql:/etc/postfix/mysql-virtual_restrictions.cf
proxy_read_maps =
$local_recipient_maps,
$mydestination,
$virtual_alias_maps,
$virtual_alias_domains,
$virtual_mailbox_maps,
$virtual_mailbox_domains,
$virtual_mailbox_limit_maps,
$relay_recipient_maps,
$relay_domains,
$canonical_maps,
$sender_canonical_maps,
$recipient_canonical_maps,
$relocated_maps,
$transport_maps,
$mynetworks,
$mail_restrict_map,
$smtpd_recipient_restrictions
# FAST ETRN SERVICE
#fast_flush_domains = $relay_domains
# SHOW SOFTWARE VERSION OR NOT
# You MUST specify $myhostname at the start of the text.
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
# PARALLEL DELIVERY TO THE SAME DESTINATION
local_destination_concurrency_limit = 1
#default_destination_concurrency_limit = 20
maildrop_destination_recipient_limit = 1
# DEBUGGING CONTROL
debug_peer_level = 2
#debug_peer_list = 127.0.0.1
#debug_peer_list = some.domain
# INSTALL-TIME CONFIGURATION INFORMATION
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = no
manpage_directory = /usr/share
sample_directory = /etc/postfix
readme_directory = no
transport_maps =
proxy:mysql:/etc/postfix/mysql-transport.cf,
pcre:/etc/postfix/static-transport.pcre
fax_destination_recipient_limit = 1
canonical_maps = btree:/etc/postfix/canonical
virtual_alias_maps =
proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf,
proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_uid_maps = static:910
virtual_gid_maps = static:910
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/spool/postfix/virtual
virtual_transport = maildrop
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_limit.cf
virtual_overquota_bounce = yes
# virtual_mailbox_limit = 51200000
virtual_mailbox_limit_override = yes
virtual_maildir_extended = yes
# change queue_lifetime for MX backup server
bounce_queue_lifetime = 5d
maximal_queue_lifetime = 5d
# set max message size to 30 MB
message_size_limit = 30670000
relocated_maps = btree:/etc/postfix/relocated
sender_canonical_maps =
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = $mydomain
defer_transports =
disable_dns_lookups = no
strict_rfc821_envelopes = yes
smtpd_helo_required = yes
# restriction classes
smtpd_restriction_classes =
restrictions_0,
restrictions_1,
restrictions_2,
restrictions_3,
restrictions_4,
restrictions_5,
restrictions_6,
restrictions_7,
restrictions_8,
restrictions_9
restrictions_0 = permit_mynetworks
# reject codes: mailadress, reject on client access table ,not dns based hostname
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 450
# sender (user@domain.tld)/hostname (host.domain.tld) not fqdn; mailservers without reverse DNS entry
restrictions_1 =
reject_unknown_client_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_hostname,
# use access list
restrictions_2 =
check_client_access btree:/etc/postfix/access_client
restrictions_3 =
reject_non_fqdn_sender,
reject_non_fqdn_hostname,
reject_unknown_client_hostname,
check_client_access btree:/etc/postfix/access_client
# use dyn-clientlist filter
restrictions_4 =
reject_non_fqdn_sender,
reject_non_fqdn_hostname,
reject_unknown_client_hostname,
check_client_access pcre:/etc/postfix/access_dyn_clients.pcre,
check_client_access btree:/etc/postfix/access_client
restrictions_5 =
permit_mynetworks
restrictions_6 =
permit_mynetworks
restrictions_7 =
permit_mynetworks
restrictions_8 =
permit_mynetworks
# block all external e-mails
restrictions_9 = REJECT
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_client_restrictions =
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unlisted_recipient,
reject_unauth_destination,
check_client_access proxy:mysql:/etc/postfix/mysql-client_access.cf,
check_recipient_access proxy:mysql:/etc/postfix/mysql-recipient_access.cf,
check_sender_access proxy:mysql:/etc/postfix/mysql-sender_access.cf,
reject_invalid_helo_hostname,
check_client_access pcre:/etc/postfix/access_clientblocks.pcre,
proxy:mysql:/etc/postfix/mysql-virtual_restrictions.cf,
check_sender_mx_access proxy:cidr:/etc/postfix/bogus_mx.cidr,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client ix.dnsbl.manitu.net,
check_policy_service inet:127.0.0.2:10031,
permit
smtpd_data_restrictions =
permit_sasl_authenticated,
check_client_access cidr:/etc/postfix/spam_check.cidr
milter_default_action = accept
smtpd_milters =
mime_header_checks = pcre:/etc/postfix/mime_header_checks.pcre
header_checks = pcre:/etc/postfix/header_checks.pcre
content_filter = scan:[127.0.0.2]:10025
receive_override_options = no_address_mappings
minimal_backoff_time = 300s
smtp_use_tls = no
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = btree:/etc/postfix/smtp_auth
smtp_sasl_security_options =
smtp_sender_dependent_authentication = yes
#---------- SASL ----------------------------------------------------
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#---------- TLS -----------------------------------------------------
tls_daemon_random_source = dev:/dev/urandom
tls_random_source = dev:/dev/urandom
tls_random_prng_update_period = 3600s