Files
@ 467a66f3ec65
Branch filter:
Location: majic-ansible-roles/roles/mail_server/templates/main.cf.j2 - annotation
467a66f3ec65
2.2 KiB
text/plain
MAR-5: Added handler for reloading systemd configuration to common role. Dropped installation of supervisor as part of web server role. Updted web server role to create directory for storing WSGI application sockets. Updated web server role to use correct directory for storing PHP website sockets.
f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b c0df2fc4a827 f7579be2c24b 298c0dbe1698 298c0dbe1698 f7579be2c24b f7579be2c24b f7579be2c24b f7579be2c24b 74ed4756d5a6 74ed4756d5a6 cf897f8c1941 cf897f8c1941 cf897f8c1941 107417b217e0 107417b217e0 cf897f8c1941 cf897f8c1941 d9dae92d436c d9dae92d436c cf897f8c1941 cf897f8c1941 cf897f8c1941 12abf97ac229 12abf97ac229 cf897f8c1941 cf897f8c1941 96e9f230a669 96e9f230a669 08e3c2b79063 08e3c2b79063 08e3c2b79063 12abf97ac229 12abf97ac229 cf897f8c1941 cf897f8c1941 67d9190a521a 67d9190a521a 67d9190a521a cf897f8c1941 12abf97ac229 12abf97ac229 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = {{ inventory_hostname }}, {{ inventory_hostname_short }}, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128{% for network in smtp_allow_relay_from %} {{ network }}{% endfor %}
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
# LDAP directory look-ups for domains, mailboxes and aliases.
virtual_mailbox_domains = ldap:/etc/postfix/ldap-virtual-mailbox-domains.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap-virtual-mailbox-maps.cf
virtual_alias_maps = ldap:/etc/postfix/ldap-virtual-alias-maps.cf
# Delivery of mails via Dovecot for virtual domains.
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
# SMTP authentication.
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
# TLS configuration.
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/{{ smtp_tls_certificate | basename }}
smtpd_tls_key_file = /etc/ssl/private/{{ smtp_tls_key | basename }}
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# Recipients restricting.
smtpd_recipient_restrictions = permit_mynetworks
permit_sasl_authenticated
{% for rbl in smtp_rbl -%}
reject_rbl {{ rbl }}
{% endfor -%}
reject_unauth_destination
smtpd_milters = unix:/var/run/clamav/clamav-milter.ctl
non_smtpd_milters = unix:/var/run/clamav/clamav-milter.ctl
|