summaryrefslogtreecommitdiffstats
path: root/roles/MSA/templates
Commit message (Expand)AuthorAgeFiles
* Postfix: pin key material to our MX:es for fripost.org and its subdomains.Guilhem Moulin2021-01-261
* MSA: Update role to Debian Buster.Guilhem Moulin2020-05-191
* submission: Prospective SPF checking.Guilhem Moulin2018-12-122
* MSA verification probes: enable opportunistic encryption.Guilhem Moulin2018-12-091
* Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.Guilhem Moulin2018-12-091
* postfix: remove explicit default 'mail_owner = postfix'.Guilhem Moulin2018-12-061
* Postfix: replace cdb & btree tables with lmdb ones.Guilhem Moulin2018-12-031
* Perform recipient address verification on the MSA itself.Guilhem Moulin2018-04-041
* postfix: don't rate-limit our IPsec subnet.Guilhem Moulin2017-06-021
* Don't let authenticated client use arbitrary sender addresses.Guilhem Moulin2017-06-011
* Use blackhole subdomain for sender addresses of verify probes.Guilhem Moulin2017-05-161
* MSA: reject null sender address.Guilhem Moulin2017-05-141
* postfix: commit the master.cf symlinks.Guilhem Moulin2016-07-121
* Route all internal SMTP traffic through IPsec.Guilhem Moulin2016-07-101
* Postfix MX/MSA instances: put certs in the the instance's $config_directory.Guilhem Moulin2016-07-101
* Postfix MX/MSA instances: don't ask the remote SMTP client for a client certi...Guilhem Moulin2016-07-101
* Postfix: don't share the master.cf between the instances.Guilhem Moulin2016-07-101
* postfix: Don't explicitly set inet_interfaces=all as it's the default.Guilhem Moulin2016-07-101
* Postfix MSA: don't allow unauthenticated clients from $mynetworks.Guilhem Moulin2016-06-291
* postfix: rotate the sender address for verify probes.Guilhem Moulin2016-06-021
* postfix: Update to recommended TLS settings.Guilhem Moulin2016-05-181
* postfix: unset 'smtpd_tls_session_cache_database'.Guilhem Moulin2016-05-181
* Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.Guilhem Moulin2016-05-181
* postfix: disable weak ciphers for the 'encrypt' TLS security level.Guilhem Moulin2016-05-181
* Let's EncryptGuilhem Moulin2016-03-021
* Use the Let's Encrypt CA for our public certs.Guilhem Moulin2015-12-201
* Fix address verification probes on the MSA.Guilhem Moulin2015-09-161
* Use 'double-bounce@fripost.org' as envelope sender for verification probes.Guilhem Moulin2015-06-111
* Don't bounce unverified recipients upon 4xx errors.Guilhem Moulin2015-06-111
* Use recipient address verification probes.Guilhem Moulin2015-06-071
* logjam mitigation.Guilhem Moulin2015-06-071
* Upgrade Postfix config to Jessie (MSA & outgoing proxy).Guilhem Moulin2015-06-071
* Fix $smtpd_sender_restrictions.Guilhem Moulin2015-06-071
* Tell vim the underlying filetype of templates for syntax highlighting.Guilhem Moulin2015-06-071
* Replace IPSec tunnels by app-level ephemeral TLS sessions.Guilhem Moulin2015-06-071
* Outgoing SMTP proxy.Guilhem Moulin2015-06-071
* Support boken SMTP clients and LOGIN SASL mechanism.Guilhem Moulin2015-06-071
* wibbleGuilhem Moulin2015-06-071
* Assume a DNS entry for each role.Guilhem Moulin2015-06-071
* Don't pass the client information unless necessary.Guilhem Moulin2015-06-071
* Don't use IPSec to relay messages to localhost.Guilhem Moulin2015-06-071
* typoGuilhem Moulin2015-06-071
* wibbleGuilhem Moulin2015-06-071
* wibbleGuilhem Moulin2015-06-071
* Configure the Mail Submission Agent.Guilhem Moulin2015-06-071