# make the following changes :
myhostname  = srvxxxx.sd-france.net
mydomain  = sd-france.net
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mynetworks  = $config_directory/mynetworks
alias_maps  = hash:/etc/aliases
alias_database = hash:/etc/aliases

#virtual_transport = virtual
fallback_transport = vdelivermail
#mailbox_command = env EXT="$EXTENSION" HOST="$DOMAIN" /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox
luser_relay = vpopmail-$local@domain 

maildrop_destination_recipient_limit = 1

# Transport map
# transport_maps = hash:/etc/postfix/transport

vacation_destination_recipient_limit = 1

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_enable = yes
## Pour authoriser outlook a s'authentifier via SASL
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination
smtpd_sasl_security_options = noanonymous

###################################################################################
### ENABLE TLS SUPPORT ( "STARTTLS" ... enables SSL to be negotiated during a SMTP connection )

smtp_use_tls                     = no
smtpd_use_tls                    = yes
smtpd_tls_auth_only              = no
smtpd_tls_key_file               = /etc/postfix/servercert.pem
smtpd_tls_cert_file              = /etc/postfix/servercert.pem
smtpd_tls_session_cache_database = btree:/var/lib/postfix/tls_smtpd_scache
smtpd_tls_loglevel               = 1
smtpd_tls_received_header        = yes

#### Limitations de protection sur anvil
## http://www.postfix.org/TUNING_README.html
# un client ne peut effectuer que 5 connexions simultanees
smtpd_client_connection_count_limit = 5
# Un client ne peut effectuer que 8 connexions en 60secondes
smtpd_client_connection_rate_limit = 8
# Nombre maximum d'addresse destinatrice qu'un client peut joindre en 60secondes
smtpd_client_recipient_rate_limit = 25
# temporisation du anvil
anvil_rate_time_unit = 60
# exeption sur les limitations globales
# les comptes domain.tld ne sont pas limites
smtpd_client_event_limit_exceptions = domain.tld