Files
@ c063f27000b9
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/molecule/default/tests/data/main.cf - annotation
c063f27000b9
1.3 KiB
text/plain
MAR-175: Mail server should be opportunistic in using TLS when delivering mail to remove servers:
- Previously the mail server would only deliver mails over plaintext.
- Deploy a simple SMTP server on both client1/client2
machines. Servers are set-up to require/refuse the STARTTLS over
SMTP.
- Added tests for checking if STARTTLS is used when available for mail
delivery.
- Fixed the wrong configurtion (making sure the TLS security level is
properly set for Postfix).
- Previously the mail server would only deliver mails over plaintext.
- Deploy a simple SMTP server on both client1/client2
machines. Servers are set-up to require/refuse the STARTTLS over
SMTP.
- Added tests for checking if STARTTLS is used when available for mail
delivery.
- Fixed the wrong configurtion (making sure the TLS security level is
properly set for Postfix).
36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/mail-server_smtp.cert.pem
smtpd_tls_key_file=/etc/ssl/mail-server_smtp.key.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail-server
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = mail-server, localhost.localdomain, , localhost, domain1
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
|