summaryrefslogtreecommitdiffstats
path: root/roles/MX/templates/etc/postfix/main.cf.j2
Commit message (Expand)AuthorAgeFiles
* MX: don't override 5XY reject codes to 554.Guilhem Moulin2018-12-091
* postfix: remove explicit default 'mail_owner = postfix'.Guilhem Moulin2018-12-061
* Upgrade MX baseline to Debian Stretch.Guilhem Moulin2018-12-031
* Postfix: replace cdb & btree tables with lmdb ones.Guilhem Moulin2018-12-031
* Harden anti spam on the MX:es.Guilhem Moulin2018-06-091
* Postscreen: improve DNSBL sites and scores.Guilhem Moulin2018-04-041
* postscreen: lower zen.spamhaus.org DNSBL score from 3 to 2 on the MX:es.Guilhem Moulin2017-06-051
* Allow SMTP client from whitelisted IPs to bypass postscreen checks.Guilhem Moulin2017-01-141
* Postscreen: Give temporary whitelist status to primary MX addresses only.Guilhem Moulin2016-09-201
* Route all internal SMTP traffic through IPsec.Guilhem Moulin2016-07-101
* Postfix MX/MSA instances: put certs in the the instance's $config_directory.Guilhem Moulin2016-07-101
* Postfix MX/MSA instances: don't ask the remote SMTP client for a client certi...Guilhem Moulin2016-07-101
* Postfix: don't share the master.cf between the instances.Guilhem Moulin2016-07-101
* postfix: Don't explicitly set inet_interfaces=all as it's the default.Guilhem Moulin2016-07-101
* postfix: Update to recommended TLS settings.Guilhem Moulin2016-05-181
* postfix: unset 'smtpd_tls_session_cache_database'.Guilhem Moulin2016-05-181
* Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.Guilhem Moulin2016-05-181
* postfix: disable weak ciphers for the 'encrypt' TLS security level.Guilhem Moulin2016-05-181
* Let's EncryptGuilhem Moulin2016-03-021
* Use the Let's Encrypt CA for our public certs.Guilhem Moulin2015-12-201
* Fix address verification probes on the MSA.Guilhem Moulin2015-09-161
* Don't bounce unverified recipients upon 4xx errors.Guilhem Moulin2015-06-111
* Upgrade the MX configuration from Wheezy to Jessie.Guilhem Moulin2015-06-071
* logjam mitigation.Guilhem Moulin2015-06-071
* Replace Postgrey with postscreen.Guilhem Moulin2015-06-071
* Verify the validity of users before that of aliases.Guilhem Moulin2015-06-071
* Remove reject_unknown_sender_domain from the MX.Guilhem Moulin2015-06-071
* Fix $smtpd_sender_restrictions.Guilhem Moulin2015-06-071
* Explain why we use static transport maps and custom subdomains.Guilhem Moulin2015-06-071
* Use $virtual_alias_domains not $virtual_mailbox_domains.Guilhem Moulin2015-06-071
* Perform the alias resolution and address validation solely on the MX:es.Guilhem Moulin2015-06-071
* Tell vim the underlying filetype of templates for syntax highlighting.Guilhem Moulin2015-06-071
* Replace IPSec tunnels by app-level ephemeral TLS sessions.Guilhem Moulin2015-06-071
* Outgoing SMTP proxy.Guilhem Moulin2015-06-071
* Support boken SMTP clients and LOGIN SASL mechanism.Guilhem Moulin2015-06-071
* Assume a DNS entry for each role.Guilhem Moulin2015-06-071
* Decongestion potential bottlenecks on trivial_rewrite(8).Guilhem Moulin2015-06-071
* Fix the catch-all resolution again.Guilhem Moulin2015-06-071
* Don't use IPSec to relay messages to localhost.Guilhem Moulin2015-06-071
* typoGuilhem Moulin2015-06-071
* Fix catchall resolution.Guilhem Moulin2015-06-071
* Remove the 'fripostLocalAlias' attribute.Guilhem Moulin2015-06-071
* wibbleGuilhem Moulin2015-06-071
* Rename the role 'mx' into 'MX'.Guilhem Moulin2015-06-071