diff options
Diffstat (limited to 'roles/common/templates')
| -rw-r--r-- | roles/common/templates/etc/postfix/main.cf.j2 | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2 index 0922b49..59bf0ba 100644 --- a/roles/common/templates/etc/postfix/main.cf.j2 +++ b/roles/common/templates/etc/postfix/main.cf.j2 @@ -1,61 +1,61 @@ ######################################################################## # Nullmailer configuration smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no readme_directory = no myorigin = /etc/mailname myhostname = {{ ansible_fqdn }} mydomain = {{ ansible_domain }} append_dot_mydomain = no # This server is for internal use only -mynetworks_style = host -inet_interfaces = loopback-only -inet_protocols = ipv4 -# Tunnel everything through IPSec -smtp_bind_address = 172.16.0.1 +mynetworks_style = host +inet_interfaces = loopback-only +inet_protocols = ipv4 # No local delivery mydestination = local_transport = error:5.1.1 Mailbox unavailable alias_maps = local_recipient_maps = # All aliases are virtual default_database_type = cdb virtual_alias_maps = cdb:/etc/aliases alias_database = $virtual_alias_maps # Transform local FQDN addresses to addresses routable on the internet smtp_generic_maps = pcre:$config_directory/generic.pcre # Forward everything to our internal mailhub {% if 'MTA-out' in group_names %} -relayhost = [127.0.0.1]:2525 +# TODO: use a UNIX socket instead +relay_transport = lmtp:unix:private/mta-out {% else %} -relayhost = [outgoing.fripost.org]:2525 +relayhost = [{{ MTA_out.IPv4 }}]:{{ MTA_out.port }} {% endif %} +relay_domains = -# This server is for internal use only; external connections are -# protected by IPSec already -smtpd_tls_security_level = none +# Tunnel everything through IPSec smtp_tls_security_level = none +smtp_bind_address = 172.16.0.1 +smtpd_tls_security_level = none # Turn off all TCP/IP listener ports except that dedicated to # samhain(8), which sadly cannot use pickup through the sendmail binary. master_service_disable = !16132.inet inet {% set multi_instance = False %} {%- for g in postfix_instance.keys() | sort -%} {%- if g in group_names -%} {%- if not multi_instance -%} {%- set multi_instance = True -%} ## Other postfix instances multi_instance_wrapper = $command_directory/postmulti -p -- multi_instance_enable = yes multi_instance_directories = {%- endif %} /etc/postfix-{{ postfix_instance[g].name }} {%- endif %} {% endfor %} |