diff options
Diffstat (limited to 'roles/webmail/templates/etc/postfix/main.cf.j2')
| -rw-r--r-- | roles/webmail/templates/etc/postfix/main.cf.j2 | 107 |
1 files changed, 0 insertions, 107 deletions
diff --git a/roles/webmail/templates/etc/postfix/main.cf.j2 b/roles/webmail/templates/etc/postfix/main.cf.j2 deleted file mode 100644 index f4079d6..0000000 --- a/roles/webmail/templates/etc/postfix/main.cf.j2 +++ /dev/null @@ -1,107 +0,0 @@ -######################################################################## -# Webmail configuration -# -# {{ ansible_managed }} -# Do NOT edit this file directly! - -smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) -biff = no -readme_directory = no -mail_owner = postfix - -delay_warning_time = 4h -maximal_queue_lifetime = 5d - -myorigin = /etc/mailname -myhostname = webmail{{ webmailno | default('') }}.$mydomain -mydomain = fripost.org -append_dot_mydomain = no - -# Turn off all TCP/IP listener ports except that necessary for the webmail. -master_service_disable = !127.0.0.1:2580.inet inet - -queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} -data_directory = /var/lib/postfix-{{ postfix_instance[inst].name }} -multi_instance_group = {{ postfix_instance[inst].group | default('') }} -multi_instance_name = postfix-{{ postfix_instance[inst].name }} -multi_instance_enable = yes - -# This server is a nullclient -mynetworks_style = host -inet_interfaces = loopback-only - -# No local delivery -mydestination = -local_transport = error:5.1.1 Mailbox unavailable -alias_maps = -alias_database = -local_recipient_maps = - -message_size_limit = 67108864 -recipient_delimiter = + - -# Forward everything to our internal outgoing proxy -{% if 'out' in group_names %} -relayhost = [127.0.0.1]:{{ postfix_instance.out.port }} -{% else %} -relayhost = [outgoing.fripost.org]:{{ postfix_instance.out.port }} -{% endif %} -relay_domains = - - -# Don't rewrite remote headers -local_header_rewrite_clients = -# Avoid splitting the envelope and scanning messages multiple times -smtp_destination_recipient_limit = 1000 -# Tolerate occasional high latency -smtp_data_done_timeout = 1200s - -{% if 'out' in group_names %} -smtp_tls_security_level = none -smtp_bind_address = 127.0.0.1 -{% else %} -smtp_tls_security_level = encrypt -smtp_tls_cert_file = /etc/postfix/ssl/{{ ansible_fqdn }}.pem -smtp_tls_key_file = /etc/postfix/ssl/{{ ansible_fqdn }}.key -smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache -smtp_tls_policy_maps = cdb:/etc/postfix/tls_policy -smtp_tls_fingerprint_digest = sha256 -{% endif %} -smtpd_tls_security_level = none - - -strict_rfc821_envelopes = yes -smtpd_delay_reject = yes -disable_vrfy_command = yes - -# UCE control -unknown_client_reject_code = 554 -unverified_recipient_reject_code = 550 - -smtpd_client_restrictions = - permit_mynetworks - reject - -smtpd_helo_required = yes -smtpd_helo_restrictions = - permit_mynetworks - reject_non_fqdn_helo_hostname - reject_invalid_helo_hostname - -smtpd_sender_restrictions = - reject_non_fqdn_sender - reject_unknown_sender_domain - -smtpd_relay_restrictions = - permit_mynetworks - reject - -smtpd_recipient_restrictions = - reject_non_fqdn_recipient - reject_unknown_recipient_domain - reject_unverified_recipient - -smtpd_data_restrictions = - reject_unauth_pipelining - -# vim: set filetype=pfmain : |