ka
/
ansible-role-postfix
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
38 Commits
1 Branch
85KB
Struktur: 12315bae43
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „12315bae43“
${ noResults }
ansible-role-postfix/templates/main.cf.j2

150 Zeilen
4.0KB
Originalformat Blame Verlauf 

  1. {{ansible_managed|comment}}

  2. 

  3. ### common settings

  4. 

  5. # Debian specific:  Specifying a file name will cause the first

  6. # line of that file to be used as the name.  The Debian default

  7. # is /etc/mailname.

  8. 

  9. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)

  10. biff = no

  11. 

  12. # appending .domain is the MUA's job.

  13. append_dot_mydomain = no

  14. 

  15. readme_directory = no

  16. 

  17. # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on

  18. # fresh installs.

  19. compatibility_level = 2

  20. 

  21. 

  22. ### general settings

  23. 

  24. myhostname = {{mailname}}

  25. alias_maps = hash:/etc/aliases

  26. alias_database = hash:/etc/aliases

  27. mydestination = $myhostname, {{inventory_hostname}}, localhost.localdomain, localhost

  28. relayhost =

  29. mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

  30. mailbox_size_limit = 0

  31. recipient_delimiter = +

  32. inet_interfaces = all

  33. inet_protocols = all

  34. 

  35. 

  36. ### TLS parameters

  37. 

  38. smtpd_tls_cert_file={{postfix_certificate_fullchain_file}}

  39. smtpd_tls_key_file={{postfix_certificate_private_key_file}}

  40. smtpd_use_tls=yes

  41. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

  42. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

  43. 

  44. 

  45. ### transport configuration

  46. 

  47. relay_domains = hash:/etc/postfix/transport_maps

  48. transport_maps = hash:/etc/postfix/transport_maps

  49. 

  50. 

  51. ### rules and restricitons

  52. 

  53. message_size_limit = 52428800

  54. 

  55. 

  56. # some rules from http://www.postfix.org/SMTPD_ACCESS_README.html

  57. 

  58. # Allow connections from trusted networks only.

  59. #smtpd_client_restrictions = permit_mynetworks, reject

  60. 

  61. # Require that a remote SMTP client introduces itself

  62. #smtpd_helo_required = yes

  63. 

  64. # Don't talk to mail systems that don't know their own hostname.

  65. #smtpd_helo_restrictions = reject_unknown_helo_hostname

  66. 

  67. # Don't accept mail from domains that don't exist.

  68. #smtpd_sender_restrictions = reject_unknown_sender_domain

  69. 

  70. # Spam control: exclude local clients and authenticated clients

  71. # from DNSBL and SPF lookups.

  72. smtpd_recipient_restrictions =

  73.   permit_mynetworks,

  74.   permit_sasl_authenticated,

  75. {% if postfix_check_spf %}

  76.   check_policy_service unix:private/policyd-spf,

  77. {% endif %}

  78. {% if postfix_check_spamhaus %}

  79.   reject_rbl_client zen.spamhaus.org,

  80.   reject_rhsbl_reverse_client dbl.spamhaus.org,

  81.   reject_rhsbl_helo dbl.spamhaus.org,

  82.   reject_rhsbl_sender dbl.spamhaus.org

  83. {% endif %}

  84. 

  85. # Relay control: local clients and authenticated clients

  86. # may specify any destination domain.

  87. smtpd_relay_restrictions =

  88.   permit_mynetworks,

  89.   reject_unauth_destination

  90. 

  91. # Block clients that speak too early.

  92. smtpd_data_restrictions = reject_unauth_pipelining

  93. 

  94. {% if postfix_check_spf %}

  95. policy-spf_time_limit = 3600

  96. {% endif %}

  97. 

  98. {#

  99. # Enforce mail volume quota via policy service callouts.

  100. smtpd_end_of_data_restrictions = check_policy_service unix:private/policy

  101. #}

  102. 

  103. 

  104. ### DKIM and DMARC

  105. 

  106. non_smtpd_milters =

  107. {% if postfix_with_opendkim %}

  108.   unix:/run/opendkim/opendkim.sock,

  109. {% endif %}

  110. {% if postfix_with_opendmarc %}

  111.   unix:/run/opendmarc/opendmarc.sock

  112. {% endif %}

  113. 

  114. smtpd_milters =

  115. {% if postfix_with_opendkim %}

  116.   unix:/run/opendkim/opendkim.sock,

  117. {% endif %}

  118. {% if postfix_with_opendmarc %}

  119.   unix:/run/opendmarc/opendmarc.sock

  120. {% endif %}

  121. 

  122. 

  123. ### Virtual Domain Hosting

  124. 

  125. virtual_alias_domains =

  126.   hash:/etc/postfix/virtual_alias_domains,

  127. 

  128. virtual_alias_maps =

  129.   hash:/etc/postfix/virtual_alias_maps,

  130. {% if postfix_method == "postfixadmin" %}

  131.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_maps.cf,

  132.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_domain_maps.cf,

  133.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_domain_catchall_maps.cf

  134. {% endif %}

  135. 

  136. virtual_mailbox_domains =

  137.   hash:/etc/postfix/virtual_mailbox_domains,

  138. {% if postfix_method == "postfixadmin" %}

  139.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_domains_maps.cf

  140. {% endif %}

  141. 

  142. virtual_mailbox_maps =

  143.   hash:/etc/postfix/virtual_mailbox_maps,

  144. {% if postfix_method == "postfixadmin" %}

  145.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_mailbox_maps.cf,

  146.   proxy:mysql:/etc/postfix/postfixadmin-sql/mysql_virtual_alias_domain_mailbox_maps.cf

  147. {% endif %}

  148. 

  149. virtual_transport = {{postfix_virtual_transport}}