updated postfix configuration for debian lenny, ubuntu hardy and gentoo

- split up postfix configs for courier and dovecot, so people do not do/install unneeded stuff
- renamed deprecated config keys (upstream is backwards compatible until further notice, so you don't need to change them unless you really want to)
- removed most default values, distros ship the default configs in /usr/share anyway.
- debian etch is untouched, so is suse (for now)

templates/misc/configfiles/debian_lenny/postfix_courier/etc_postfix_main.cf

@@ -0,0 +1,77 @@
+## General Postfix configuration
+# should be the default domain from your provider eg. "server100.provider.tld"
+mydomain = <SERVERNAME>
+
+# should be different from $mydomain eg. "mail.$mydomain"
+myhostname = <SERVERNAME>
+
+mydestination = $myhostname,
+	$mydomain,
+	localhost.$myhostname,
+	localhost.$mydomain,
+	localhost
+mynetworks = 127.0.0.0/8
+inet_interfaces = all
+append_dot_mydomain = no
+biff = no
+
+# Postfix performance settings
+default_destination_concurrency_limit = 20
+local_destination_concurrency_limit = 2
+
+# SMTPD Settings
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+smtpd_helo_required = yes
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+smtpd_sender_restrictions = permit_mynetworks,
+	permit_sasl_authenticated, 
+	reject_unknown_helo_hostname, 
+	reject_unknown_recipient_domain, 
+	reject_unknown_sender_domain
+smtpd_client_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unknown_client_hostname
+# Maximum size of Message in bytes (50MB)
+message_size_limit = 52428800
+
+## SASL Auth Settings
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_local_domain = $myhostname
+broken_sasl_auth_clients = yes
+
+# Virtual delivery settings
+virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
+virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
+virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
+virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
+virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
+virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
+
+# Local delivery settings
+local_transport = local
+alias_maps = $alias_database
+
+# Default Mailbox size, is set to 0 which means unlimited!
+mailbox_size_limit = 0
+virtual_mailbox_limit = 0
+
+### TLS settings
+###
+## TLS for outgoing mails from the server to another server
+#smtp_tls_security_level = may
+#smtp_tls_note_starttls_offer = yes
+## TLS for email client
+#smtpd_tls_security_level = may
+#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
+#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+#smtpd_tls_loglevel = 1
+#smtpd_tls_received_header = yes
+
+debugger_command =
+         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+         ddd $daemon_directory/$process_name $process_id & sleep 5
+

templates/misc/configfiles/debian_lenny/postfix_dovecot/etc_postfix_main.cf

@@ -1,9 +1,3 @@
-# Postfix programs paths settings
-command_directory = /usr/sbin
-daemon_directory = /usr/lib/postfix
-program_directory = /usr/lib/postfix
-sendmail_path = /usr/sbin/sendmail
-
 ## General Postfix configuration
 # should be the default domain from your provider eg. "server100.provider.tld"
 mydomain = <SERVERNAME>
@@ -35,25 +29,24 @@ smtpd_recipient_restrictions = permit_mynetworks,
 	reject_non_fqdn_recipient
 smtpd_sender_restrictions = permit_mynetworks,
 	permit_sasl_authenticated, 
-	reject_unknown_hostname, 
+	reject_unknown_helo_hostname, 
 	reject_unknown_recipient_domain, 
 	reject_unknown_sender_domain
 smtpd_client_restrictions = permit_mynetworks,
 	permit_sasl_authenticated,
-	reject_unknown_client
+	reject_unknown_client_hostname
 # Maximum size of Message in bytes (50MB)
 message_size_limit = 52428800
 
 ## SASL Auth Settings
 smtpd_sasl_auth_enable = yes
 smtpd_sasl_local_domain = $myhostname
-smtpd_sasl_security_options = noanonymous
 broken_sasl_auth_clients = yes
 ## Dovecot Settings for deliver, SASL Auth and virtual transport
-## uncomment those line to use Dovecot
-#mailbox_command = /usr/lib/dovecot/deliver
-#virtual_transport = dovecot
-#dovecot_destination_recipient_limit = 1
+smtpd_sasl_type = dovecot
+mailbox_command = /usr/lib/dovecot/deliver
+virtual_transport = dovecot
+dovecot_destination_recipient_limit = 1
 
 # Virtual delivery settings
 virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
@@ -65,7 +58,6 @@ virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
 
 # Local delivery settings
 local_transport = local
-alias_database = hash:/etc/aliases
 alias_maps = $alias_database
 
 # Default Mailbox size, is set to 0 which means unlimited!
@@ -75,17 +67,14 @@ virtual_mailbox_limit = 0
 ### TLS settings
 ###
 ## TLS for outgoing mails from the server to another server
-#smtp_use_tls = yes
+#smtp_tls_security_level = may
 #smtp_tls_note_starttls_offer = yes
 ## TLS for email client
+#smtpd_tls_security_level = may
 #smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
-#smtpd_tls_key_file = /etc/ssl/server/<SERVERNAME>.pem
-#smtpd_tls_CAfile = /etc/ssl/cacert.class3.crt  # Just an example for CACert.org
-#smtpd_tls_auth_only = no
+#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
 #smtpd_tls_loglevel = 1
 #smtpd_tls_received_header = yes
-#smtpd_tls_session_cache_timeout = 3600s
-#tls_random_source = dev:/dev/urandom
 
 debugger_command =
          PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

templates/misc/configfiles/gentoo/postfix_courier/etc_postfix_main.cf

@@ -0,0 +1,77 @@
+## General Postfix configuration
+# should be the default domain from your provider eg. "server100.provider.tld"
+mydomain = <SERVERNAME>
+
+# should be different from $mydomain eg. "mail.$mydomain"
+myhostname = <SERVERNAME>
+
+mydestination = $myhostname,
+	$mydomain,
+	localhost.$myhostname,
+	localhost.$mydomain,
+	localhost
+mynetworks = 127.0.0.0/8
+inet_interfaces = all
+append_dot_mydomain = no
+biff = no
+
+# Postfix performance settings
+default_destination_concurrency_limit = 20
+local_destination_concurrency_limit = 2
+
+# SMTPD Settings
+smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
+smtpd_helo_required = yes
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+smtpd_sender_restrictions = permit_mynetworks,
+	permit_sasl_authenticated, 
+	reject_unknown_helo_hostname, 
+	reject_unknown_recipient_domain, 
+	reject_unknown_sender_domain
+smtpd_client_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unknown_client_hostname
+# Maximum size of Message in bytes (50MB)
+message_size_limit = 52428800
+
+## SASL Auth Settings
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_local_domain = $myhostname
+broken_sasl_auth_clients = yes
+
+# Virtual delivery settings
+virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
+virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
+virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
+virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
+virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
+virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
+
+# Local delivery settings
+local_transport = local
+alias_maps = $alias_database
+
+# Default Mailbox size, is set to 0 which means unlimited!
+mailbox_size_limit = 0
+virtual_mailbox_limit = 0
+
+### TLS settings
+###
+## TLS for outgoing mails from the server to another server
+#smtp_tls_security_level = may
+#smtp_tls_note_starttls_offer = yes
+## TLS for email client
+#smtpd_tls_security_level = may
+#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
+#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+#smtpd_tls_loglevel = 1
+#smtpd_tls_received_header = yes
+
+debugger_command =
+         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+         ddd $daemon_directory/$process_name $process_id & sleep 5
+

templates/misc/configfiles/gentoo/postfix_dovecot/etc_postfix_main.cf

@@ -50,12 +50,10 @@ smtpd_sasl_local_domain = $myhostname
 smtpd_sasl_security_options = noanonymous
 broken_sasl_auth_clients = yes
 ## Dovecot Settings for deliver, SASL Auth and virtual transport
-## uncomment those line to use Dovecot
-#mailbox_command = /usr/libexec/dovecot/deliver
-#smtpd_sasl_type = dovecot
-#smtpd_sasl_path = private/auth
-#virtual_transport = dovecot
-#dovecot_destination_recipient_limit = 1
+mailbox_command = /usr/libexec/dovecot/deliver
+smtpd_sasl_path = private/auth
+virtual_transport = dovecot
+dovecot_destination_recipient_limit = 1
 
 # Virtual delivery settings
 virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
@@ -90,14 +88,14 @@ virtual_mailbox_limit = 0
 #tls_random_source = dev:/dev/urandom
 
 ### Quota Settings with vda useflag
-## I use only virtual as localdelivery... This permit me to have full
-## virtual domain hosting without using a lots of maps
+## I use only virtual as localdelivery... This permits me to have full
+## virtual domain hosting without using a lot of maps
 #virtual_transport = virtual
 ## Generate maildirsize files or not
 #virtual_create_maildirsize = yes
 ## I use Courier IMAP compatibles files.
 #virtual_mailbox_extended = yes
-## Limits only INBOX part (usefull when
+## Limits only INBOX part (useful when
 ## using when you have IMAP users)
 #virtual_mailbox_limit_inbox = yes
 ## maps of soft disk quotas

templates/misc/configfiles/gentoo/postfix_dovecot/etc_postfix_mysql-virtual_alias_maps.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_virtual
+select_field = destination
+where_field = email
+additional_conditions = and TRIM(destination) <> ''
+hosts = <SQL_HOST> 

templates/misc/configfiles/gentoo/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_domains.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = panel_domains
+select_field = domain
+where_field = domain
+additional_conditions = and isemaildomain = '1'
+hosts = <SQL_HOST> 

templates/misc/configfiles/gentoo/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_limit_maps.cf

@@ -0,0 +1,7 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_users
+select_field = (quota*1024*1024)
+where_field = email
+hosts = <SQL_HOST>

templates/misc/configfiles/gentoo/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_maps.cf

@@ -0,0 +1,7 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_users
+select_field = maildir
+where_field = email
+hosts = <SQL_HOST> 

templates/misc/configfiles/ubuntu_hardy/postfix_courier/etc_postfix_main.cf

@@ -0,0 +1,77 @@
+## General Postfix configuration
+# should be the default domain from your provider eg. "server100.provider.tld"
+mydomain = <SERVERNAME>
+
+# should be different from $mydomain eg. "mail.$mydomain"
+myhostname = <SERVERNAME>
+
+mydestination = $myhostname,
+	$mydomain,
+	localhost.$myhostname,
+	localhost.$mydomain,
+	localhost
+mynetworks = 127.0.0.0/8
+inet_interfaces = all
+append_dot_mydomain = no
+biff = no
+
+# Postfix performance settings
+default_destination_concurrency_limit = 20
+local_destination_concurrency_limit = 2
+
+# SMTPD Settings
+smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
+smtpd_helo_required = yes
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+smtpd_sender_restrictions = permit_mynetworks,
+	permit_sasl_authenticated, 
+	reject_unknown_helo_hostname, 
+	reject_unknown_recipient_domain, 
+	reject_unknown_sender_domain
+smtpd_client_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unknown_client_hostname
+# Maximum size of Message in bytes (50MB)
+message_size_limit = 52428800
+
+## SASL Auth Settings
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_local_domain = $myhostname
+broken_sasl_auth_clients = yes
+
+# Virtual delivery settings
+virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
+virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
+virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
+virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
+virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
+virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
+
+# Local delivery settings
+local_transport = local
+alias_maps = $alias_database
+
+# Default Mailbox size, is set to 0 which means unlimited!
+mailbox_size_limit = 0
+virtual_mailbox_limit = 0
+
+### TLS settings
+###
+## TLS for outgoing mails from the server to another server
+#smtp_tls_security_level = may
+#smtp_tls_note_starttls_offer = yes
+## TLS for email client
+#smtpd_tls_security_level = may
+#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
+#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+#smtpd_tls_loglevel = 1
+#smtpd_tls_received_header = yes
+
+debugger_command =
+         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+         ddd $daemon_directory/$process_name $process_id & sleep 5
+

templates/misc/configfiles/ubuntu_hardy/postfix_courier/etc_postfix_mysql-virtual_alias_maps.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_virtual
+select_field = destination
+where_field = email
+additional_conditions = and TRIM(destination) <> ''
+hosts = <SQL_HOST> 

templates/misc/configfiles/ubuntu_hardy/postfix_courier/etc_postfix_mysql-virtual_mailbox_domains.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = panel_domains
+select_field = domain
+where_field = domain
+additional_conditions = and isemaildomain = '1'
+hosts = <SQL_HOST> 

templates/misc/configfiles/ubuntu_hardy/postfix_courier/etc_postfix_mysql-virtual_mailbox_maps.cf

@@ -0,0 +1,7 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_users
+select_field = maildir
+where_field = email
+hosts = <SQL_HOST> 

templates/misc/configfiles/ubuntu_hardy/postfix_dovecot/etc_postfix_main.cf

@@ -1,15 +1,9 @@
-# Postfix programs paths settings
-command_directory = /usr/sbin
-daemon_directory = /usr/lib/postfix
-program_directory = /usr/lib/postfix
-sendmail_path = /usr/sbin/sendmail
-
 ## General Postfix configuration
 # should be the default domain from your provider eg. "server100.provider.tld"
 mydomain = <SERVERNAME>
 
 # should be different from $mydomain eg. "mail.$mydomain"
-myhostname = mail.<SERVERNAME>
+myhostname = <SERVERNAME>
 
 mydestination = $myhostname,
 	$mydomain,
@@ -26,7 +20,7 @@ default_destination_concurrency_limit = 20
 local_destination_concurrency_limit = 2
 
 # SMTPD Settings
-smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu/GNU)
+smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
 smtpd_helo_required = yes
 smtpd_recipient_restrictions = permit_mynetworks,
 	permit_sasl_authenticated,
@@ -35,25 +29,24 @@ smtpd_recipient_restrictions = permit_mynetworks,
 	reject_non_fqdn_recipient
 smtpd_sender_restrictions = permit_mynetworks,
 	permit_sasl_authenticated, 
-	reject_unknown_hostname, 
+	reject_unknown_helo_hostname, 
 	reject_unknown_recipient_domain, 
 	reject_unknown_sender_domain
 smtpd_client_restrictions = permit_mynetworks,
 	permit_sasl_authenticated,
-	reject_unknown_client
+	reject_unknown_client_hostname
 # Maximum size of Message in bytes (50MB)
 message_size_limit = 52428800
 
 ## SASL Auth Settings
 smtpd_sasl_auth_enable = yes
 smtpd_sasl_local_domain = $myhostname
-smtpd_sasl_security_options = noanonymous
 broken_sasl_auth_clients = yes
 ## Dovecot Settings for deliver, SASL Auth and virtual transport
-## uncomment those line to use Dovecot
-#mailbox_command = /usr/lib/dovecot/deliver
-#virtual_transport = dovecot
-#dovecot_destination_recipient_limit = 1
+smtpd_sasl_type = dovecot
+mailbox_command = /usr/lib/dovecot/deliver
+virtual_transport = dovecot
+dovecot_destination_recipient_limit = 1
 
 # Virtual delivery settings
 virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
@@ -65,7 +58,6 @@ virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
 
 # Local delivery settings
 local_transport = local
-alias_database = hash:/etc/aliases
 alias_maps = $alias_database
 
 # Default Mailbox size, is set to 0 which means unlimited!
@@ -75,17 +67,14 @@ virtual_mailbox_limit = 0
 ### TLS settings
 ###
 ## TLS for outgoing mails from the server to another server
-#smtp_use_tls = yes
+#smtp_tls_security_level = may
 #smtp_tls_note_starttls_offer = yes
 ## TLS for email client
-#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.crt
-#smtpd_tls_key_file = /etc/ssl/server/<SERVERNAME>.key
-#smtpd_tls_CAfile = /etc/ssl/cacert.class3.crt  # Just an example for CACert.org
-#smtpd_tls_auth_only = no
+#smtpd_tls_security_level = may
+#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
+#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
 #smtpd_tls_loglevel = 1
 #smtpd_tls_received_header = yes
-#smtpd_tls_session_cache_timeout = 3600s
-#tls_random_source = dev:/dev/urandom
 
 debugger_command =
          PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

templates/misc/configfiles/ubuntu_hardy/postfix_dovecot/etc_postfix_mysql-virtual_alias_maps.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_virtual
+select_field = destination
+where_field = email
+additional_conditions = and TRIM(destination) <> ''
+hosts = <SQL_HOST> 

templates/misc/configfiles/ubuntu_hardy/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_domains.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = panel_domains
+select_field = domain
+where_field = domain
+additional_conditions = and isemaildomain = '1'
+hosts = <SQL_HOST> 

templates/misc/configfiles/ubuntu_hardy/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_maps.cf

@@ -0,0 +1,7 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_users
+select_field = maildir
+where_field = email
+hosts = <SQL_HOST>