Don't use generic maps.

In fact we want to only rewrite the envelope sender:

    :/etc/postfix/main.cf
    # Overwrite local FQDN envelope sender addresses
    sender_canonical_classes       = envelope_sender
    propagate_unmatched_extensions =
    sender_canonical_maps          = cdb:$config_directory/sender_canonical

    :/etc/postfix/sender_canonical
    @elefant.fripost.org     admin@fripost.org

However, when canonical(5) processes a mail sent vias sendmail(1), it
rewrites the envelope sender which seems to *later* be use as From:
header.

3 files changed, 2 insertions, 12 deletions

diff --git a/roles/common/files/etc/postfix/generic.pcre b/roles/common/files/etc/postfix/generic.pcre
deleted file mode 100644
index 1181a22..0000000
--- a/roles/common/files/etc/postfix/generic.pcre
+++ /dev/null
@@ -1,3 +0,0 @@
-# Rewrite the whole enveloppe (From: & To: included) to somthing
-# routable on the internet.
-/^(.+)@([^@.]+)\.[^@]+$/    admin+${1}=${2}@fripost.org
diff --git a/roles/common/tasks/mail.yml b/roles/common/tasks/mail.yml
index e8d61a8..8572784 100644
--- a/roles/common/tasks/mail.yml
+++ b/roles/common/tasks/mail.yml
@@ -1,58 +1,54 @@
 - name: Install Postfix
   apt: pkg={{ item }}
   with_items:
     # That one is nicer than GNU mailutils' mailx(1)
     - heirloom-mailx
     - postfix
     - postfix-cdb
-    - postfix-pcre
 
 - name: Create Postfix instances
   postmulti: instance={{ postfix_instance[item].name }}
              group={{ postfix_instance[item].group | default('') }}
   register: r1
   with_items: postfix_instance.keys() | intersect(group_names) | list
   notify:
     - Restart Postfix
 
 - name: Link the dynamic maps & master.cf of each children to the master's
   # main.cf is specialized to each dedicated role, though
   file: src=../postfix/{{ item.1 }}
         dest=/etc/postfix-{{ postfix_instance[item.0].name }}/{{ item.1 }}
         owner=root group=root
         state=link force=yes
   register: r2
   with_nested:
     - postfix_instance.keys() | intersect(group_names) | list
     - [ 'dynamicmaps.cf', 'master.cf' ]
   notify:
     - Restart Postfix
 
 - name: Configure Postfix (1)
-  copy: src=etc/postfix/{{ item }}
-        dest=/etc/postfix/{{ item }}
+  copy: src=etc/postfix/master.cf
+        dest=/etc/postfix/master.cf
         owner=root group=root
         mode=0644
-  with_items:
-    - master.cf
-    - generic.pcre
   notify:
     - Reload Postfix
 
 - name: Configure Postfix (2)
   template: src=etc/postfix/main.cf.j2
             dest=/etc/postfix/main.cf
             owner=root group=root
             mode=0644
   register: r3
   notify:
     - Restart Postfix
 
 - name: Update the static local Postfix database
   postmap: cmd=postalias src=/etc/aliases db=cdb
            owner=root group=root
            mode=0644
 
 # We're using CDB
 - name: Delete /etc/aliases.db
   file: path=/etc/aliases.db state=absent
diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2
index 169ad40..e594c1e 100644
--- a/roles/common/templates/etc/postfix/main.cf.j2
+++ b/roles/common/templates/etc/postfix/main.cf.j2
@@ -13,43 +13,40 @@ myorigin            = /etc/mailname
 myhostname          = {{ ansible_fqdn }}
 mydomain            = {{ ansible_domain }}
 append_dot_mydomain = no
 
 # This server is for internal use only
 mynetworks_style = host
 inet_interfaces  = loopback-only
 inet_protocols   = ipv4
 
 # No local delivery
 mydestination        =
 local_transport      = error:5.1.1 Mailbox unavailable
 alias_maps           =
 local_recipient_maps =
 
 # All aliases are virtual
 default_database_type = cdb
 virtual_alias_maps    = cdb:/etc/aliases
 alias_database        = $virtual_alias_maps
 
-# Transform local FQDN addresses to addresses routable on the internet
-smtp_generic_maps = pcre:$config_directory/generic.pcre
-
 # Forward everything to our internal mailhub
 {% if 'MTA-out' in group_names %}
 relayhost     = [127.0.0.1]:{{ postfix_instance["MTA-out"].port }}
 {% else %}
 relayhost     = [outgoing.fripost.org]:{{ postfix_instance["MTA-out"].port }}
 {% endif %}
 relay_domains =
 
 # Tunnel everything through IPSec
 smtp_tls_security_level  = none
 {% if 'MTA-out' in group_names %}
 smtp_bind_address        = 127.0.0.1
 {% else %}
 smtp_bind_address        = 172.16.0.1
 {% endif %}
 smtpd_tls_security_level = none
 
 # Turn off all TCP/IP listener ports except that dedicated to
 # samhain(8), which sadly cannot use pickup through the sendmail binary.
 master_service_disable = !127.0.0.1:16132.inet inet