mailserver:mailserver

Configure the mail server settings.

warden --task=mailserver:mailserver
Option
 Value Default Description
--smtpd_delay_reject <yes|no> yes Wait until the RCPT TO command before evaluating smtpd_client_restrictions, smtpd_helo_restrictions and smtpd_sender_restrictions, or wait until the ETRN command before evaluating smtpd_client_restrictions and smtpd_helo_restrictions. This should always be enabled because some clients mis-behave when the Postfix SMTP server rejects commands before RCPT TO. It also allows Postfix to log recipient address information when rejecting a client name/address or sender address, so that it is possible to find out whose mail is being rejected.
--smtpd_helo_required <string1,string2> yes Require that a remote SMTP client introduces itself with the HELO or EHLO command before sending the MAIL command or other commands that require EHLO negotiation. This is required when using smtpd_helo_restrictions otherwise clients would be able to bypass those restrictions.
--smtpd_client_restrictions <string1,string2> permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname, reject_rbl_client test.foo.com Restrictions that the Postfix SMTP server applies in the context of a client connection request. Mail rejected by these restrictions can be found under Logs -> Reject Log -> Client host rejected.
--smtpd_helo_restrictions <string1,string2> permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname Restrictions that the Postfix SMTP server applies in the context of a client HELO/EHLO command. Mail rejected by these restrictions can be found under Logs -> Reject Log -> Helo command rejected.
--smtpd_sender_restrictions <string1,string2> check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, reject_unknown_sender_domain Restrictions that the Postfix SMTP server applies in the context of a client MAIL FROM command. Mail rejected by these restrictions can be found under Logs -> Reject Log -> Sender address rejected.
--smtpd_recipient_restrictions <string1,string2> permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain Restrictions that the Postfix SMTP server applies in the context of a client RCPT TO command, after smtpd_relay_restrictions. Mail rejected by these restrictions can be found under Logs -> Reject Log -> Recipient address rejected.
--smtpd_data_restrictions <string1,string2> permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining Restrictions that the Postfix SMTP server applies in the context of the SMTP DATA command. Mail rejected by these restrictions can be found under Logs -> Reject Log -> Data command rejected.
--unknown_client_reject_code <digit> 450 The numerical SMTP server response code when a client without valid address <=> name mapping is rejected by the reject_unknown_client restriction. The SMTP server always replies with 450 when the mapping failed due to a temporary error condition.
--unknown_address_reject_code <digit> 450 The numerical SMTP server response code when a sender or recipient address is rejected by the reject_unknown_sender_domain or reject_unknown_recipient_domain restriction.
--dnsbls_enabled <true|false> true Enable or disable the spam protection based on DNS blackhole lists.
--dnsbls <string1,string2> A list of DNS block lists to use for spam protection.
--dnsbls_add <string> Add a single entry to dnsbls.
--dnsbls_del <string> Remove a single entry from dnsbls.
--default <yes> Reset all settings to their default values.
--default_option <option> Reset a specific setting to its default value.
--reload <yes> Reload the service after saving settings.

Examples

// enable and set the DNSBLs
warden --task=mailserver:mailserver --dnsbls_enabled=true --dnsbls='zen.spamhaus.org,b.barracudacentral.org,psbl.surriel.com'  --reload=yes

// turn off the DNSBLs
warden --task=mailserver:mailserver --dnsbls_enabled=false --reload=yes

// reset all settings to defaults
warden --task=mailserver:mailserver -default=yes --reload=yes