mirror of
https://github.com/stalwartlabs/smtp-server.git
synced 2024-10-23 15:00:15 +00:00
214 lines
3.9 KiB
TOML
214 lines
3.9 KiB
TOML
[servers]
|
|
|
|
[servers."relay"]
|
|
hostname = "mx.example.org"
|
|
greeting = "Stalwart SMTP v0.1 at your service"
|
|
type = "smtp"
|
|
bind = ["0.0.0.0", 25]
|
|
|
|
[servers."relay".tls]
|
|
enable = true,
|
|
implicit = true,
|
|
sni = "abc",
|
|
cert = "key",
|
|
protocols = "SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3",
|
|
ciphers = "aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH",
|
|
clientcert = true
|
|
|
|
[servers."relay".socket]
|
|
backlog = 111,
|
|
ttl = 123,
|
|
send-buffer-size = 123,
|
|
recv-buffer-size = 444,
|
|
linger = 1,
|
|
tos = 1,
|
|
|
|
[servers."relay".transaction.connect]
|
|
script = connect.sieve
|
|
|
|
[[servers."relay".transaction.connect.throttle]]
|
|
concurrency = 1000
|
|
|
|
[[servers."relay".transaction.connect.throttle]]
|
|
key = remoteip + localip
|
|
concurrency = 10,
|
|
rate = [3, 60]
|
|
|
|
[servers."relay".transaction.ehlo]
|
|
require = true
|
|
extensions = "chunking, pipeline, smtputf8, starttls"
|
|
script = ehlo.sieve
|
|
authenticate = spf
|
|
|
|
[[servers."relay".transaction.ehlo]]
|
|
commands = 1
|
|
idle = 10
|
|
|
|
[servers."relay".transaction.auth]
|
|
require = true
|
|
require-tls = true
|
|
auth-host = "auth-server"
|
|
mechanisms = "plain, login"
|
|
|
|
[[servers."relay".transaction.auth.limits]]
|
|
idle = 10,
|
|
errors = 3,
|
|
errors-wait = 10
|
|
|
|
[servers."relay".transaction.mail]
|
|
authenticate = spf
|
|
script = mail-from.sieve
|
|
|
|
[[servers."relay".transaction.mail.limits]]
|
|
idle = 10,
|
|
messages = 10
|
|
|
|
[[servers."relay".transaction.mail.throttle]]
|
|
key = mail-from,
|
|
concurrency = 10,
|
|
rate = [3, 60]
|
|
|
|
[servers."relay".transaction.rcpt]
|
|
script = rcpt-to.sieve
|
|
local-domains = list-domains
|
|
local-addresses = list-addresses
|
|
cache = { entries = 1000, ttl-positive = 10, ttl-negative = 5 }
|
|
|
|
[[servers."relay".transaction.rcpt.limits]]
|
|
idle = 10,
|
|
max-recipients = 100,
|
|
errors = 5
|
|
|
|
[[servers."relay".transaction.rcpt.throttle]]
|
|
key = rcpt-to
|
|
concurrency = 10
|
|
rate = [3, 60]
|
|
|
|
[servers."relay".transaction.data]
|
|
authenticate = [dkim, arc, dmarc]
|
|
sign = dkim, arc
|
|
script = data.sieve
|
|
|
|
[[servers."relay".transaction.data.limits]]
|
|
idle = 10
|
|
size = 100000
|
|
received-headers = 50
|
|
mime-parts = 50
|
|
nested-messages = 3
|
|
|
|
[servers."relay".transaction.quit]
|
|
script = quit.sieve
|
|
|
|
[servers."relay".transaction.disconnect]
|
|
script = disconnect.sieve
|
|
|
|
[external]
|
|
|
|
[external.lmtp]
|
|
address = 192.168.0.1
|
|
port = 25
|
|
protocol = "lmtp"
|
|
auth.username = "hello"
|
|
auth.password = "world"
|
|
tls = "optional, require, dane, dane-fallback-require, dane-require
|
|
|
|
[queues]
|
|
|
|
[queues."default"]
|
|
retry = [0, 1, 15, 60, 90]
|
|
notify = [9, 10]
|
|
prefer = ipv6
|
|
source-ips = [192.168.0.2, 162.168.0.1]
|
|
tls = optional, require, dane, dane-fallback-require, dane-require
|
|
|
|
[[queues."default".limits]]
|
|
attempts = 100
|
|
time = 3600
|
|
queued-messages = 10000
|
|
queue-size = 1000000
|
|
|
|
[[queues."default".throttle]]
|
|
rate = 1/60
|
|
concurrency = 1000
|
|
key = all
|
|
|
|
[[queues."default".throttle]]
|
|
rate = 1/60
|
|
concurrency = 100
|
|
key = localip, remote-ip, remote-mx
|
|
|
|
[queues.local]
|
|
smart-host = lmtp
|
|
match-rule = "is-local"
|
|
|
|
[rules]
|
|
|
|
[rules."is-local"]
|
|
rcpt-domain = ["*.example.org"]
|
|
rcpt-to = [""]
|
|
server-id = "relay"
|
|
mx = ["mx.gmail.com", "mx.coco.com"]
|
|
remote-ip = [192.168.0.32/1]
|
|
priority = 1
|
|
|
|
|
|
|
|
[resolver]
|
|
type = system, google, cloudflare
|
|
dnssec = true
|
|
preserve-intermediates = true
|
|
|
|
[resolver.limits]
|
|
concurrency = 2
|
|
timeout = 100
|
|
attempts = 3
|
|
|
|
[resolver.cache]
|
|
a = 1000
|
|
mx = 9393
|
|
txt = 3233
|
|
|
|
[general.spool]
|
|
path = "/var/spool/queue"
|
|
hash = 123
|
|
|
|
[scripts]
|
|
|
|
[scripts.ehlo]
|
|
data = this is my script
|
|
|
|
[lists]
|
|
|
|
[lists.localdomains]
|
|
data = ["example.org", "*.example.net"]
|
|
|
|
[list.localaddresses]
|
|
server = lmtp
|
|
|
|
[certificates]
|
|
|
|
[certificates.tls]
|
|
type = "rsa"
|
|
certificate = ""
|
|
privatekey = ""
|
|
|
|
[servers."relay".outgoing.dsn]
|
|
name = "Mail Delivery Subsystem"
|
|
address = "MAILER-DAEMON"
|
|
subject = "Delivery Status Notification"
|
|
|
|
[servers."relay".outgoing.auth-failure]
|
|
name = "Autentication Report"
|
|
address = "noreply-auth-failure"
|
|
subject = "Authentication Failure Report"
|
|
|
|
[servers."relay".outgoing.dmarc]
|
|
name = "DMARC report"
|
|
address = "noreply-dmarc"
|
|
subject = "DMARC aggregate report for $1"
|
|
|
|
[servers."relay".dmarc]
|
|
send-reports = true
|
|
report-frequency = requested, 86400
|
|
incoming-address = "dmarc@*"
|