summaryrefslogtreecommitdiffstats
path: root/roles/MX/files/etc
diff options
context:
space:
mode:
Diffstat (limited to 'roles/MX/files/etc')
-rw-r--r--roles/MX/files/etc/postfix/virtual/alias.cf10
-rw-r--r--roles/MX/files/etc/postfix/virtual/alias_domains.cf12
-rw-r--r--roles/MX/files/etc/postfix/virtual/catchall.cf11
-rw-r--r--roles/MX/files/etc/postfix/virtual/domains.cf12
-rw-r--r--roles/MX/files/etc/postfix/virtual/list.cf13
-rw-r--r--roles/MX/files/etc/postfix/virtual/mailbox.cf13
-rw-r--r--roles/MX/files/etc/postfix/virtual/reserved_alias.pcre5
7 files changed, 76 insertions, 0 deletions
diff --git a/roles/MX/files/etc/postfix/virtual/alias.cf b/roles/MX/files/etc/postfix/virtual/alias.cf
new file mode 100644
index 0000000..1710376
--- /dev/null
+++ b/roles/MX/files/etc/postfix/virtual/alias.cf
@@ -0,0 +1,10 @@
+server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/
+version = 3
+search_base = fvd=%d,ou=virtual,dc=fripost,dc=org
+domain = static:all
+scope = one
+bind = yes
+bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw = FIXME
+query_filter = (&(objectClass=FripostVirtualAlias)(fvl=%u)(fripostIsStatusActive=TRUE))
+result_attribute = fripostMaildrop
diff --git a/roles/MX/files/etc/postfix/virtual/alias_domains.cf b/roles/MX/files/etc/postfix/virtual/alias_domains.cf
new file mode 100644
index 0000000..119b8b2
--- /dev/null
+++ b/roles/MX/files/etc/postfix/virtual/alias_domains.cf
@@ -0,0 +1,12 @@
+server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/
+version = 3
+search_base = ou=virtual,dc=fripost,dc=org
+domain = static:all
+scope = one
+bind = yes
+bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw = FIXME
+# The domain has already been validated (it's active and not pending)
+query_filter = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d))
+result_attribute = fripostMaildrop
+result_format = %U@%s
diff --git a/roles/MX/files/etc/postfix/virtual/catchall.cf b/roles/MX/files/etc/postfix/virtual/catchall.cf
new file mode 100644
index 0000000..66053c8
--- /dev/null
+++ b/roles/MX/files/etc/postfix/virtual/catchall.cf
@@ -0,0 +1,11 @@
+server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/
+version = 3
+search_base = ou=virtual,dc=fripost,dc=org
+domain = static:all
+scope = one
+bind = yes
+bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw = FIXME
+# The domain has already been validated (it's active and not pending)
+query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*))
+result_attribute = fripostOptionalMaildrop
diff --git a/roles/MX/files/etc/postfix/virtual/domains.cf b/roles/MX/files/etc/postfix/virtual/domains.cf
new file mode 100644
index 0000000..4ec247d
--- /dev/null
+++ b/roles/MX/files/etc/postfix/virtual/domains.cf
@@ -0,0 +1,12 @@
+# XXX: How come we use a socked relative to the chroot here? smtpd(8) is
+# not (can't be) chrooted...
+server_host = ldapi://%2Fprivate%2Fldapi/
+version = 3
+search_base = ou=virtual,dc=fripost,dc=org
+scope = one
+bind = yes
+bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw = FIXME
+query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostPendingEntry))(fvd=%s)(fripostIsStatusActive=TRUE))
+result_attribute = fvd
+result_format = OK
diff --git a/roles/MX/files/etc/postfix/virtual/list.cf b/roles/MX/files/etc/postfix/virtual/list.cf
new file mode 100644
index 0000000..3b364c0
--- /dev/null
+++ b/roles/MX/files/etc/postfix/virtual/list.cf
@@ -0,0 +1,13 @@
+server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/
+version = 3
+search_base = fvd=%d,ou=virtual,dc=fripost,dc=org
+domain = static:all
+scope = one
+bind = yes
+bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw = FIXME
+query_filter = (&(objectClass=FripostVirtualList)(!(objectClass=FripostPendingEntry))(fvl=%u)(fripostIsStatusActive=TRUE))
+result_attribute = fripostListManager
+# Use a dedicated "virtual" domain to decongestion potential bottlenecks
+# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps.
+result_format = %D/%U@%s.fripost.org
diff --git a/roles/MX/files/etc/postfix/virtual/mailbox.cf b/roles/MX/files/etc/postfix/virtual/mailbox.cf
new file mode 100644
index 0000000..4654607
--- /dev/null
+++ b/roles/MX/files/etc/postfix/virtual/mailbox.cf
@@ -0,0 +1,13 @@
+server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/
+version = 3
+search_base = fvd=%d,ou=virtual,dc=fripost,dc=org
+domain = static:all
+scope = one
+bind = yes
+bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw = FIXME
+query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)(fripostIsStatusActive=TRUE))
+result_attribute = fvl
+# Use a dedicated "virtual" domain to decongestion potential bottlenecks
+# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps.
+result_format = %D/%U@mda.fripost.org
diff --git a/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre b/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre
new file mode 100644
index 0000000..f1c79c7
--- /dev/null
+++ b/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre
@@ -0,0 +1,5 @@
+/^(?:postmaster|abuse)(?:\+.*)?@fripost\.org$/ admin@fripost.org
+# For other domains, RFC 822 section 6.3 and RFC 2142 section 4
+# mandatory aliases are forwarded to OUR admin team and to the domain
+# owner or postmaster, if there are any.
+/^(postmaster|abuse)(?:\+.*)?@(.*)/ $2/$1@reserved.fripost.org