ka
/
ansible-role-postfix
1
0
Fork 0
Código Incidencias 0 Pull Requests 0 Lanzamientos 0 Wiki Actividad
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
30 Commits
1 Rama
85KB
Árbol: 0a3789f0d1
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde '0a3789f0d1'
${ noResults }
ansible-role-postfix/templates/main.cf.j2

141 líneas
4.1KB
Original Blame Histórico 

  1. {{ansible_managed|comment}}

  2. 

  3. # See /usr/share/postfix/main.cf.dist for a commented, more complete version

  4. 

  5. # Debian specific:  Specifying a file name will cause the first

  6. # line of that file to be used as the name.  The Debian default

  7. # is /etc/mailname.

  8. myorigin = /etc/mailname

  9. 

  10. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)

  11. biff = no

  12. 

  13. # appending .domain is the MUA's job.

  14. append_dot_mydomain = no

  15. 

  16. # Uncomment the next line to generate "delayed mail" warnings

  17. #delay_warning_time = 4h

  18. 

  19. readme_directory = no

  20. 

  21. # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on

  22. # fresh installs.

  23. compatibility_level = 2

  24. 

  25. # TLS parameters

  26. smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem

  27. smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

  28. smtpd_use_tls=yes

  29. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

  30. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

  31. 

  32. # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for

  33. # information on enabling SSL in the smtp client.

  34. 

  35. myhostname = {{mailname}}

  36. alias_maps = hash:/etc/aliases

  37. alias_database = hash:/etc/aliases

  38. mydestination = $myhostname, {{inventory_hostname}}, localhost.localdomain, localhost

  39. relayhost =

  40. mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

  41. mailbox_size_limit = 0

  42. recipient_delimiter = +

  43. inet_interfaces = all

  44. inet_protocols = all

  45. 

  46. # some rules from http://www.postfix.org/SMTPD_ACCESS_README.html

  47. 

  48. # Allow connections from trusted networks only.

  49. #smtpd_client_restrictions = permit_mynetworks, reject

  50. 

  51. # Don't talk to mail systems that don't know their own hostname.

  52. #smtpd_helo_restrictions = reject_unknown_helo_hostname

  53. 

  54. # Don't accept mail from domains that don't exist.

  55. #smtpd_sender_restrictions = reject_unknown_sender_domain

  56. 

  57. # Spam control: exclude local clients and authenticated clients

  58. # from DNSBL and SPF lookups.

  59. smtpd_recipient_restrictions =

  60.   permit_mynetworks,

  61.   permit_sasl_authenticated,

  62. {% if postfix_check_spf %}

  63.   check_policy_service unix:private/policyd-spf,

  64. {% endif %}

  65. {% if postfix_check_spamhaus %}

  66.   reject_rbl_client zen.spamhaus.org,

  67.   reject_rhsbl_reverse_client dbl.spamhaus.org,

  68.   reject_rhsbl_helo dbl.spamhaus.org,

  69.   reject_rhsbl_sender dbl.spamhaus.org

  70. {% endif %}

  71. 

  72. # Relay control: local clients and authenticated clients

  73. # may specify any destination domain.

  74. smtpd_relay_restrictions =

  75.   permit_mynetworks,

  76. {% if postfix_method == "postfixadmin" %}

  77.   permit_sasl_authenticated,

  78. {% endif %}

  79.   reject_unauth_destination

  80. 

  81. # Block clients that speak too early.

  82. smtpd_data_restrictions = reject_unauth_pipelining

  83. 

  84. {% if postfix_check_spf %}

  85. # SPF

  86. policy-spf_time_limit = 3600

  87. {% endif %}

  88. 

  89. {#

  90. # Enforce mail volume quota via policy service callouts.

  91. smtpd_end_of_data_restrictions = check_policy_service unix:private/policy

  92. #}

  93. 

  94. # SASL

  95. {% if postfix_method == "postfixadmin" %}

  96. smtpd_sasl_type = dovecot

  97. smtpd_sasl_path = private/auth

  98. smtpd_sasl_auth_enable = yes

  99. {% endif %}

  100. 

  101. # DKIM and DMARC

  102. non_smtpd_milters =

  103. {% if postfix_with_opendkim %}

  104.   unix:/run/opendkim/opendkim.sock,

  105. {% endif %}

  106. {% if postfix_with_opendmarc %}

  107.   unix:/run/opendmarc/opendmarc.sock

  108. {% endif %}

  109. smtpd_milters =

  110. {% if postfix_with_opendkim %}

  111.   unix:/run/opendkim/opendkim.sock,

  112. {% endif %}

  113. {% if postfix_with_opendmarc %}

  114.   unix:/run/opendmarc/opendmarc.sock

  115. {% endif %}

  116. 

  117. # Relay

  118. 

  119. # Virtual Domain Hosting

  120. virtual_mailbox_domains =

  121. {% if postfix_method == "postfixadmin" %}

  122.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_domains_maps.cf

  123. {% endif %}

  124. virtual_alias_maps =

  125. {% if postfix_method == "postfixadmin" %}

  126.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_maps.cf,

  127.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_domain_maps.cf,

  128.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_domain_catchall_maps.cf

  129. {% endif %}

  130. virtual_mailbox_maps =

  131. {% if postfix_method == "postfixadmin" %}

  132.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_mailbox_maps.cf,

  133.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_domain_mailbox_maps.cf

  134. {% endif %}

  135. 

  136. virtual_transport =

  137. {% if postfix_method == "postfixadmin" %}

  138.   # use dovecot lmtp for mail transport

  139.   lmtp:unix:private/dovecot-lmtp

  140. {% endif %}