diff options
Diffstat (limited to 'roles/MX/templates/etc/postfix/main.cf.j2')
| -rw-r--r-- | roles/MX/templates/etc/postfix/main.cf.j2 | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index b0da1bc..e3b8ce0 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -37,53 +37,52 @@ local_transport = error:5.1.1 Mailbox unavailable alias_maps = alias_database = local_recipient_maps = message_size_limit = 67108864 recipient_delimiter = + # Forward everything to our internal outgoing proxy {% if 'out' in group_names %} relayhost = [127.0.0.1]:{{ postfix_instance.out.port }} {% else %} relayhost = [outgoing.fripost.org]:{{ postfix_instance.out.port }} {% endif %} relay_domains = # Virtual transport # We use a dedicated "virtual" domain to decongestion potential # bottlenecks on trivial_rewrite(8) due to slow LDAP lookups in # tranport_maps. -virtual_transport = error:5.1.1 Virtual transport unavailable -virtual_mailbox_domains = ldap:$config_directory/virtual/mailbox_domains.cf -virtual_alias_maps = pcre:$config_directory/virtual/reserved_alias.pcre - # first we do the alias resolution... - ldap:$config_directory/virtual/alias.cf - # ...and unless there is matching mailbox/list... - ldap:$config_directory/virtual/mailbox.cf - ldap:$config_directory/virtual/list.cf - # ...we resolve alias domains and catch alls - ldap:$config_directory/virtual/alias_domains.cf - ldap:$config_directory/virtual/catchall.cf -virtual_mailbox_maps = -transport_maps = cdb:$config_directory/virtual/transport +virtual_transport = error:5.1.1 Virtual transport unavailable +virtual_alias_domains = ldap:$config_directory/virtual/domains.cf +virtual_alias_maps = pcre:$config_directory/virtual/reserved_alias.pcre + # first we do the alias resolution... + ldap:$config_directory/virtual/alias.cf + # ...and unless there is matching mailbox/list... + ldap:$config_directory/virtual/mailbox.cf + ldap:$config_directory/virtual/list.cf + # ...we resolve alias domains and catch alls + ldap:$config_directory/virtual/alias_domains.cf + ldap:$config_directory/virtual/catchall.cf +transport_maps = cdb:$config_directory/virtual/transport # Don't rewrite remote headers local_header_rewrite_clients = # Pass the client information along to the content filter smtp_send_xforward_command = yes # Avoid splitting the envelope and scanning messages multiple times smtp_destination_recipient_limit = 1000 reserved-alias_recipient_limit = 1 # Tolerate occasional high latency smtp_data_done_timeout = 1200s {% if 'out' in group_names %} smtp_tls_security_level = none smtp_bind_address = 127.0.0.1 {% else %} smtp_tls_security_level = encrypt smtp_tls_cert_file = /etc/postfix/ssl/{{ ansible_fqdn }}.pem smtp_tls_key_file = /etc/postfix/ssl/{{ ansible_fqdn }}.key |