diff options
Diffstat (limited to 'roles/MX/files/etc')
-rw-r--r-- | roles/MX/files/etc/postfix/virtual/alias.cf | 10 | ||||
-rw-r--r-- | roles/MX/files/etc/postfix/virtual/alias_domains.cf | 12 | ||||
-rw-r--r-- | roles/MX/files/etc/postfix/virtual/catchall.cf | 11 | ||||
-rw-r--r-- | roles/MX/files/etc/postfix/virtual/domains.cf | 12 | ||||
-rw-r--r-- | roles/MX/files/etc/postfix/virtual/list.cf | 13 | ||||
-rw-r--r-- | roles/MX/files/etc/postfix/virtual/mailbox.cf | 13 | ||||
-rw-r--r-- | roles/MX/files/etc/postfix/virtual/reserved_alias.pcre | 5 |
7 files changed, 76 insertions, 0 deletions
diff --git a/roles/MX/files/etc/postfix/virtual/alias.cf b/roles/MX/files/etc/postfix/virtual/alias.cf new file mode 100644 index 0000000..1710376 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/alias.cf @@ -0,0 +1,10 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualAlias)(fvl=%u)(fripostIsStatusActive=TRUE)) +result_attribute = fripostMaildrop diff --git a/roles/MX/files/etc/postfix/virtual/alias_domains.cf b/roles/MX/files/etc/postfix/virtual/alias_domains.cf new file mode 100644 index 0000000..119b8b2 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/alias_domains.cf @@ -0,0 +1,12 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +# The domain has already been validated (it's active and not pending) +query_filter = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d)) +result_attribute = fripostMaildrop +result_format = %U@%s diff --git a/roles/MX/files/etc/postfix/virtual/catchall.cf b/roles/MX/files/etc/postfix/virtual/catchall.cf new file mode 100644 index 0000000..66053c8 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/catchall.cf @@ -0,0 +1,11 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +# The domain has already been validated (it's active and not pending) +query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*)) +result_attribute = fripostOptionalMaildrop diff --git a/roles/MX/files/etc/postfix/virtual/domains.cf b/roles/MX/files/etc/postfix/virtual/domains.cf new file mode 100644 index 0000000..4ec247d --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/domains.cf @@ -0,0 +1,12 @@ +# XXX: How come we use a socked relative to the chroot here? smtpd(8) is +# not (can't be) chrooted... +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = ou=virtual,dc=fripost,dc=org +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostPendingEntry))(fvd=%s)(fripostIsStatusActive=TRUE)) +result_attribute = fvd +result_format = OK diff --git a/roles/MX/files/etc/postfix/virtual/list.cf b/roles/MX/files/etc/postfix/virtual/list.cf new file mode 100644 index 0000000..3b364c0 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/list.cf @@ -0,0 +1,13 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualList)(!(objectClass=FripostPendingEntry))(fvl=%u)(fripostIsStatusActive=TRUE)) +result_attribute = fripostListManager +# Use a dedicated "virtual" domain to decongestion potential bottlenecks +# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. +result_format = %D/%U@%s.fripost.org diff --git a/roles/MX/files/etc/postfix/virtual/mailbox.cf b/roles/MX/files/etc/postfix/virtual/mailbox.cf new file mode 100644 index 0000000..4654607 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/mailbox.cf @@ -0,0 +1,13 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)(fripostIsStatusActive=TRUE)) +result_attribute = fvl +# Use a dedicated "virtual" domain to decongestion potential bottlenecks +# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. +result_format = %D/%U@mda.fripost.org diff --git a/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre b/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre new file mode 100644 index 0000000..f1c79c7 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre @@ -0,0 +1,5 @@ +/^(?:postmaster|abuse)(?:\+.*)?@fripost\.org$/ admin@fripost.org +# For other domains, RFC 822 section 6.3 and RFC 2142 section 4 +# mandatory aliases are forwarded to OUR admin team and to the domain +# owner or postmaster, if there are any. +/^(postmaster|abuse)(?:\+.*)?@(.*)/ $2/$1@reserved.fripost.org |