compatibility_level = 2 mail_owner = postfix myhostname = {{getenv "MYHOSTNAME"}} mydomain = {{getenv "MYDOMAIN"}} myorigin = $mydomain mydestination = unknown_local_recipient_reject_code = 550 mynetworks_style = host relay_domains = $mydestination recipient_delimiter = + mailbox_transport = lmtp:{{getenv "LMTP_HOST"}} mailbox_size_limit = {{getenv "MAILBOX_SIZELIMIT" "0"}} smtpd_banner = {{getenv "SMTP_BANNER"}} $myhostname ESMTP $mail_name virtual_mailbox_domains = pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf virtual_alias_maps = pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf virtual_transport = lmtp:inet:{{getenv "LMTP_HOST"}}:{{getenv "LMTP_PORT"}} smtpd_tls_key_file=/etc/ssl/mail/tls.key smtpd_tls_cert_file=/etc/ssl/mail/tls.crt smtp_tls_security_level = {{getenv "TLS_SECURITY_LEVEL" "may"}} smtp_tls_auth_only = yes smtpd_tls_security_level = {{getenv "TLS_SECURITY_LEVEL" "may"}} smtpd_tls_auth_only = yes smtp_tls_mandatory_protocols = {{getenv "TLS_PROTOCOLS" "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"}} smtp_tls_protocols = {{getenv "TLS_PROTOCOLS" "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"}} smtp_tls_mandatory_ciphers = {{getenv "TLS_CIPHERS" "high"}} smtp_tls_ciphers = {{getenv "TLS_CIPHERS" "high"}} smtp_tls_mandatory_exclude_ciphers = {{getenv "TLS_EXCLUDE_CIPHERS" "aNULL, MD5, 3DES"}} smtp_tls_exclude_ciphers = {{getenv "TLS_EXCLUDE_CIPHERS" "aNULL, MD5, 3DES"}} smtp_tls_wrappermode = no smtpd_tls_mandatory_protocols = {{getenv "TLS_PROTOCOLS" "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"}} smtpd_tls_protocols = {{getenv "TLS_PROTOCOLS" "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"}} smtpd_tls_mandatory_ciphers = {{getenv "TLS_CIPHERS" "high"}} smtpd_tls_ciphers = {{getenv "TLS_CIPHERS" "high"}} smtpd_tls_mandatory_exclude_ciphers = {{getenv "TLS_EXCLUDE_CIPHERS" "aNULL, MD5, 3DES"}} smtpd_tls_exclude_ciphers = {{getenv "TLS_EXCLUDE_CIPHERS" "aNULL, MD5, 3DES"}} smtpd_tls_wrappermode = no lmtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers lmtp_tls_ciphers = $smtpd_tls_ciphers smtpd_tls_session_cache_database = lmdb:${data_directory}/smtpd_scache smtp_tls_session_cache_database = lmdb:${data_directory}/smtp_scache smtpd_sasl_type = dovecot smtpd_sasl_path = inet:{{getenv "DOVECOT_HOST"}}:{{getenv "DOVECOT_AUTH_PORT"}} smtpd_sasl_auth_enable = yes smtpd_tls_auth_only = yes smtpd_sasl_tls_security_options = noanonymous smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination, reject_unverified_recipient milter_default_action = accept milter_macro_daemon_name = ORIGINATING milter_connect_macros = "i j {daemon_name} v {if_name} _" message_size_limit = {{getenv "MESSAGE_SIZELIMIT" "20000000"}} tls_preempt_cipherlist = yes smtputf8_enable = yes biff = no maillog_file = /dev/stdout