Skip to content
Snippets Groups Projects
Commit 71d74583 authored by Hinrikus Wolf's avatar Hinrikus Wolf
Browse files

Merge branch 'issue-7' into 'master'

Issue 7

See merge request !7
parents 496917d4 6f70c6af
No related branches found
No related tags found
1 merge request!7Issue 7
......@@ -41,3 +41,18 @@ postfix_transport_maps: []
# port: 2025
# protocol: smtp
# use_mx: true
postfix_my_networks: []
postfix_notify_classes: []
postfix_satellite_only: false
## sane defaults for postfix satellites
#
# postfix_satellite_only: true
# postfix_enable_postscreen: false
# postfix_domains: []
# postfix_notify_classes:
# - 2bounce
# postfix_relay_host: relay.example.com
# postfix_tls_cert: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
# postfix_tls_key: "/etc/ssl/private/ssl-cert-snakeoil.key"
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
inet_interfaces = all
inet_interfaces = {{ "loopback-only" if postfix_satellite_only else "all" }}
inet_protocols = all
myhostname = {{ ansible_fqdn }}
myorigin = /etc/mailname
mydestination = $myhostname localhost {{ postfix_domains | join(" ") }}
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 {{ postfix_my_networks|join(" ") }}
relayhost = {{ postfix_relay_host }}
{% if postfix_transport_maps|bool %}
transport_maps = cdb:/etc/postfix/transport
{% endif %}
{% if not postfix_satellite_only %}
{% if postfix_domains|count > 0 %}
{% if postfix_prefer_lmtp %}
mailbox_transport = lmtp:unix:private/dovecot-lmtp
......@@ -18,6 +21,13 @@ mailbox_command = /usr/lib/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT"
{% endif %}
{% endif %}
smtpd_sender_login_maps = proxy:pcre:/etc/postfix/login_maps.pcre
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
{% endif %}
append_dot_mydomain = no
biff = no
compatibility_level = 2
......@@ -31,10 +41,6 @@ recipient_delimiter = +
#strict_rfc821_envelopes = no
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_sender_login_maps = proxy:pcre:/etc/postfix/login_maps.pcre
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
......@@ -47,6 +53,7 @@ smtpd_tls_cert_file = {{ postfix_tls_cert }}
smtpd_tls_key_file = {{ postfix_tls_key }}
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
{% if not postfix_satellite_only %}
smtpd_tls_protocols = {{ postfix_tls_protocols }}
smtpd_tls_mandatory_protocols = {{ postfix_tls_protocols }}
{% if postfix_tls_mandatory_ciphers %}
......@@ -67,6 +74,7 @@ tls_medium_cipherlist = {{ postfix_tls_medium_cipherlist }}
{% if postfix_tls_dh_file %}
smtpd_tls_dh1024_param_file = /etc/postfix/dh.pem
{% endif %}
{% endif %}
alias_maps = cdb:/etc/aliases
alias_database = cdb:/etc/aliases
......@@ -81,7 +89,10 @@ virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_gid_maps = static:5000
{% endif %}
{% if postfix_enable_postscreen %}
{% set _x = postfix_notify_classes.extend(["resource", "software"]) %}
notify_classes = {{ postfix_notify_classes|unique|join(", ") }}
{% if postfix_enable_postscreen and not postfix_satellite_only %}
postscreen_access_list = permit_mynetworks
cidr:/etc/postfix/postscreen_access.cidr
{% if postfix_enable_memcached %}
......
......@@ -9,11 +9,12 @@
# (yes) (yes) (no) (never) (100)
# ==========================================================================
{% if postfix_enable_postscreen %}
{% if postfix_enable_postscreen and not postfix_satellite_only %}
smtp inet n - y - 1 postscreen
{% else %}
smtp inet n - y - - smtpd
{% endif %}
{% if not postfix_satellite_only %}
smtpd pass - - y - - smtpd
{% if postfix_content_filter %}
-o content_filter={{ postfix_content_filter }}
......@@ -51,6 +52,7 @@ submission inet n - y - - smtpd
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - y - - qmqpd
{% endif %}
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
......@@ -76,6 +78,9 @@ virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
{% if ansible_distribution_major_version|int >= 10 %}
postlog unix-dgram n - n - 1 postlogd
{% endif %}
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
......@@ -89,6 +94,7 @@ scache unix - - y - 1 scache
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
{% if not postfix_satellite_only %}
dovecot unix - n n - - pipe
flags=DRhu user=5001:5000 argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -a ${original_recipient} -d ${user}@${nexthop}
......@@ -96,6 +102,7 @@ dovecot unix - n n - - pipe
spamassassin unix - n n - - pipe
user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
{% endif %}
{% endif %}
#maildrop unix - n n - - pipe
# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment