Select Git revision
master.cf.j2
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
master.cf.j2 5.65 KiB
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
{% if postfix_satellite_only %}
smtp inet n - y - - smtpd
{% endif %}
{% if not postfix_satellite_only %}
{% if postfix_enable_postscreen %}
smtp inet n - y - 1 postscreen
smtpd pass - - y - - smtpd
{% if postfix_content_filter %}
-o content_filter={{ postfix_content_filter }}
{% endif %}
dnsblog unix - - y - 0 dnsblog
tlsproxy unix - - y - 0 tlsproxy
{% else %}
smtp inet n - y - - smtpd
{% endif %}
{% if postfix_enable_submission %}
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_tls_security_level=encrypt
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
{% if postfix_content_filter %}
-o content_filter={{ postfix_content_filter }}
{% endif %}
{% endif %}
{% if postfix_enable_smtps %}
smtps inet n - y - - smtpd
-o syslog_name=postfix/smtps
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_tls_wrappermode=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
{% if postfix_content_filter %}
-o content_filter={{ postfix_content_filter }}
{% endif %}
{% endif %}
#628 inet n - y - - qmqpd
{% if postfix_fsmpi|default(false) and ansible_hostname == "mail" %}
2525 inet n - y - - smtpd
-o syslog_name=postfix/smtps-internal
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=no
-o smtpd_sender_login_maps=
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_recipient_restrictions=$2525_smtpd_recipient_restrictions
-o virtual_alias_domains=fsmpi.rwth-aachen.de
-o virtual_alias_maps=cdb:/etc/postfix/nullmailer_alias
{% endif %}
{% endif %}
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
{% if postfix_fsmpi|default(false) and ansible_hostname == "mail" %}
-o smtp_fallback_relay=
{% else %}
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
{% endif %}
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
{% if ansible_distribution_major_version|int(default=99) >= 10 %}
postlog unix-dgram n - n - 1 postlogd
{% endif %}
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
{% if postfix_verify_spf %}
policy-spf unix - n n - 0 spawn
user=nobody argv=/usr/bin/policyd-spf
{% endif %}
{% if not postfix_satellite_only and postfix_enable_dovecot %}
dovecot unix - n n - - pipe
{% if postfix_fsmpi|default(false) %}
flags=DRhu argv=/usr/lib/dovecot/deliver -d ${recipient}
{% else %}
flags=DRhu user=5001:5000 argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -a ${original_recipient} -d ${user}@${nexthop}
{% endif %}
{% endif %}
{% if postfix_content_filter == 'spamassassin' %}
spamassassin unix - n n - - pipe
user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
{% endif %}
{% if postfix_fsmpi|default(false) and ansible_hostname == "lists" %}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
{% endif %}