diff options
Diffstat (limited to 'roles/common/templates/etc/postfix/master.cf.j2')
| -rw-r--r-- | roles/common/templates/etc/postfix/master.cf.j2 | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/roles/common/templates/etc/postfix/master.cf.j2 b/roles/common/templates/etc/postfix/master.cf.j2 index a9c73f7..3954085 100644 --- a/roles/common/templates/etc/postfix/master.cf.j2 +++ b/roles/common/templates/etc/postfix/master.cf.j2 @@ -19,10 +19,8 @@ tlsproxy unix - - y - 0 tlsproxy dnsblog unix - - y - 0 dnsblog {% elif inst == 'MSA' %} submission inet n - y - - smtpd - -o tls_high_cipherlist=EECDH+AESGCM:!MEDIUM:!LOW:!EXP:!aNULL:!eNULL submissions inet n - y - - smtpd -o smtpd_tls_wrappermode=yes - -o tls_high_cipherlist=EECDH+AESGCM:!MEDIUM:!LOW:!EXP:!aNULL:!eNULL {% if groups.webmail | difference([inventory_hostname]) | length > 0 %} [{{ postfix_instance.MSA.addr }}]:{{ postfix_instance.MSA.port }} inet n - y - - smtpd -o broken_sasl_auth_clients=no @@ -59,6 +57,8 @@ smtp_verify unix - - y - - smtp -o smtp_tls_protocols=!SSLv2,!SSLv3 -o smtp_tls_note_starttls_offer=yes -o smtp_tls_session_cache_database=lmdb:$data_directory/smtp_tls_session_cache + -o smtp_tls_fingerprint_digest=sha256 + -o smtp_tls_policy_maps=lmdb:$config_directory/smtp_tls_policy {% endif %} relay unix - - y - - smtp showq unix n - y - - showq @@ -85,7 +85,7 @@ sympa unix - n n - - pipe {% if inst is defined and inst == 'out' %} # Client part (lmtp) - amavis -amavisfeed unix - - n - 5 lmtp +amavisfeed unix - - y - 5 lmtp -o lmtp_destination_recipient_limit=1000 -o lmtp_send_xforward_command=yes -o lmtp_data_done_timeout=1200s |