I used the following command to determine what needed to be removed
from my main.cf:
postconf -d > defaultcfg && postconf -n > customcfg && perl -ne 'print
if ($seen{$_} .= @ARGV) =~ /10$/' customcfg defaultcfg
Then I made the suggested changes and I'm left with:
anvil_rate_time_unit = 180s
body_checks = regexp:/etc/postfix/body_checks
bounce_size_limit = 1500
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
default_destination_concurrency_limit = 10
disable_vrfy_command = yes
header_checks = regexp:/etc/postfix/header_checks
html_directory = /var/www/html/postfix
inet_protocols = all
initial_destination_concurrency = 10
local_destination_concurrency_limit = 10
local_recipient_maps = error:local mail delivery disabled
local_transport = error:local mail delivery disabled
maximal_backoff_time = 90m
message_size_limit = 14500000
mydomain = mx.example.net
myhostname = mx.example.net
mynetworks = 127.0.0.0/8
myorigin = example.net
readme_directory = /var/www/html/postfix
relay_domains = mysql:/etc/postfix/sql/relay_transport_map.conf
relay_recipient_maps = mysql:/etc/postfix/sql/relay_recipient_map.conf
relocated_maps = hash:/etc/postfix/relocated
smtp_connect_timeout = 45s
smtpd_data_restrictions = reject_multi_recipient_bounce reject_unauth_pipelining
smtpd_error_sleep_time = 0
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_hostname
reject_invalid_hostname
smtpd_recipient_restrictions = permit_mynetworks
reject_unauth_destination reject_invalid_hostname
reject_non_fqdn_hostname reject_non_fqdn_sender
reject_non_fqdn_recipient reject_unknown_sender_domain
reject_unknown_recipient_domain reject_unlisted_recipient
check_recipient_access hash:/etc/postfix/whitelist reject_rbl_client
zen.spamhaus.org reject_rbl_client b.barracudacentral.org
reject_rbl_client bl.spamcop.net check_policy_service
inet:127.0.0.1:10031 check_policy_service inet:127.0.0.1:10023
smtpd_reject_unlisted_sender = yes
smtpd_sasl_local_domain = $myhostname
smtpd_tls_CAfile = /etc/postfix/certs/ca-bundle.crt
smtpd_tls_cert_file = /etc/postfix/certs/mx.example.net.cert
smtpd_tls_key_file = /etc/postfix/certs/mx.example.net.key
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 7200s
smtpd_use_tls = yes
transport_maps = mysql:/etc/postfix/sql/relay_transport_map.conf
virtual_alias_maps = hash:/etc/postfix/domains/localhost
hash:/etc/postfix/domains/example.com
hash:/etc/postfix/domains/example.net
hash:/etc/postfix/domains/example.org
How does that look now?
