I used the following command to determine what needed to be removed from my main.cf:
postconf -d > defaultcfg && postconf -n > customcfg && perl -ne 'print if ($seen{$_} .= @ARGV) =~ /10$/' customcfg defaultcfg Then I made the suggested changes and I'm left with: anvil_rate_time_unit = 180s body_checks = regexp:/etc/postfix/body_checks bounce_size_limit = 1500 broken_sasl_auth_clients = yes config_directory = /etc/postfix default_destination_concurrency_limit = 10 disable_vrfy_command = yes header_checks = regexp:/etc/postfix/header_checks html_directory = /var/www/html/postfix inet_protocols = all initial_destination_concurrency = 10 local_destination_concurrency_limit = 10 local_recipient_maps = error:local mail delivery disabled local_transport = error:local mail delivery disabled maximal_backoff_time = 90m message_size_limit = 14500000 mydomain = mx.example.net myhostname = mx.example.net mynetworks = 127.0.0.0/8 myorigin = example.net readme_directory = /var/www/html/postfix relay_domains = mysql:/etc/postfix/sql/relay_transport_map.conf relay_recipient_maps = mysql:/etc/postfix/sql/relay_recipient_map.conf relocated_maps = hash:/etc/postfix/relocated smtp_connect_timeout = 45s smtpd_data_restrictions = reject_multi_recipient_bounce reject_unauth_pipelining smtpd_error_sleep_time = 0 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_hostname reject_invalid_hostname smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_invalid_hostname reject_non_fqdn_hostname reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unlisted_recipient check_recipient_access hash:/etc/postfix/whitelist reject_rbl_client zen.spamhaus.org reject_rbl_client b.barracudacentral.org reject_rbl_client bl.spamcop.net check_policy_service inet:127.0.0.1:10031 check_policy_service inet:127.0.0.1:10023 smtpd_reject_unlisted_sender = yes smtpd_sasl_local_domain = $myhostname smtpd_tls_CAfile = /etc/postfix/certs/ca-bundle.crt smtpd_tls_cert_file = /etc/postfix/certs/mx.example.net.cert smtpd_tls_key_file = /etc/postfix/certs/mx.example.net.key smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache smtpd_tls_session_cache_timeout = 7200s smtpd_use_tls = yes transport_maps = mysql:/etc/postfix/sql/relay_transport_map.conf virtual_alias_maps = hash:/etc/postfix/domains/localhost hash:/etc/postfix/domains/example.com hash:/etc/postfix/domains/example.net hash:/etc/postfix/domains/example.org How does that look now?