Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/molecule/default/tests/data/main.cf - annotation
8d272d91d3d2
1.3 KiB
text/plain
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/mail-server_smtp.cert.pem
smtpd_tls_key_file=/etc/ssl/mail-server_smtp.key.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail-server
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = mail-server, localhost.localdomain, , localhost, domain1
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
|