summaryrefslogtreecommitdiffstats
path: root/roles/MSA/templates/etc/postfix/main.cf.j2
Commit message (Collapse)AuthorAgeFiles
* logjam mitigation.Guilhem Moulin2015-06-071
|
* Upgrade Postfix config to Jessie (MSA & outgoing proxy).Guilhem Moulin2015-06-071
|
* Fix $smtpd_sender_restrictions.Guilhem Moulin2015-06-071
| | | | | | | | | | | | On the MDA the domain is our 'mda.fripost.org', there is no need to perform an extra DNS lookup. The MSA does not perform local or virtual delivery, but relays everything to the outgoing SMTP proxy. On the MX, there is no need to check for recipient validity as we are the final destination; but unsure that the RCPT TO address is a valid recipient before doing the greylisting.
* Tell vim the underlying filetype of templates for syntax highlighting.Guilhem Moulin2015-06-071
|
* Replace IPSec tunnels by app-level ephemeral TLS sessions.Guilhem Moulin2015-06-071
| | | | | For some reason giraff doesn't like IPSec. App-level TLS sessions are less efficient, but thanks to ansible it still scales well.
* Outgoing SMTP proxy.Guilhem Moulin2015-06-071
|
* Support boken SMTP clients and LOGIN SASL mechanism.Guilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-071
|
* Assume a DNS entry for each role.Guilhem Moulin2015-06-071
| | | | | | E.g., ldap.fripost.org, ntp.fripost.org, etc. (Ideally the DNS zone would be provisioned by ansible, too.) It's a bit unclear how to index the subdomains (mx{1,2,3}, etc), though.
* Don't pass the client information unless necessary.Guilhem Moulin2015-06-071
|
* Don't use IPSec to relay messages to localhost.Guilhem Moulin2015-06-071
|
* typoGuilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-071
|
* Configure the Mail Submission Agent.Guilhem Moulin2015-06-071