summaryrefslogtreecommitdiffstats
path: root/roles/MX
Commit message (Expand)AuthorAgeFiles
* Postscreen: improve DNSBL sites and scores.Guilhem Moulin2018-04-041
* postscreen: lower zen.spamhaus.org DNSBL score from 3 to 2 on the MX:es.Guilhem Moulin2017-06-051
* Use blackhole subdomain for sender addresses of verify probes.Guilhem Moulin2017-05-161
* Change group of executables in /usr/local/{bin,sbin} from root to staff.Guilhem Moulin2017-05-141
* Allow SMTP client from whitelisted IPs to bypass postscreen checks.Guilhem Moulin2017-01-141
* Postscreen: Give temporary whitelist status to primary MX addresses only.Guilhem Moulin2016-09-201
* postfix: commit the master.cf symlinks.Guilhem Moulin2016-07-121
* Route all internal SMTP traffic through IPsec.Guilhem Moulin2016-07-102
* Postfix MX/MSA instances: put certs in the the instance's $config_directory.Guilhem Moulin2016-07-102
* Postfix MX/MSA instances: don't ask the remote SMTP client for a client certi...Guilhem Moulin2016-07-101
* Postfix: don't share the master.cf between the instances.Guilhem Moulin2016-07-102
* postfix: Don't explicitly set inet_interfaces=all as it's the default.Guilhem Moulin2016-07-101
* Change the pubkey extension from .pem to .pub.Guilhem Moulin2016-07-101
* certs/public: fetch each cert's pubkey (SPKI), not the cert itself.Guilhem Moulin2016-06-151
* postfix: Update to recommended TLS settings.Guilhem Moulin2016-05-181
* postfix: unset 'smtpd_tls_session_cache_database'.Guilhem Moulin2016-05-181
* Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.Guilhem Moulin2016-05-181
* postfix: disable weak ciphers for the 'encrypt' TLS security level.Guilhem Moulin2016-05-181
* Add an ansible module 'fetch_cmd' to fetch the output of a remote command loc...Guilhem Moulin2016-05-181
* Let's EncryptGuilhem Moulin2016-03-021
* Upgrade playbooks to Ansible 2.0.Guilhem Moulin2016-02-121
* Use the Let's Encrypt CA for our public certs.Guilhem Moulin2015-12-202
* Automatically fetch X.509 certificates, and add them to git.Guilhem Moulin2015-12-031
* Fix address verification probes on the MSA.Guilhem Moulin2015-09-161
* Don't bounce unverified recipients upon 4xx errors.Guilhem Moulin2015-06-111
* Configure munin nodes & master.Guilhem Moulin2015-06-102
* Add a reserved domain 'discard.fripost.org' to discard messages.Guilhem Moulin2015-06-072
* Upgrade the MX configuration from Wheezy to Jessie.Guilhem Moulin2015-06-079
* logjam mitigation.Guilhem Moulin2015-06-071
* Configure the list manager (Sympa).Guilhem Moulin2015-06-071
* typoGuilhem Moulin2015-06-071
* typoGuilhem Moulin2015-06-071
* Split templates / files in lookup tables.Guilhem Moulin2015-06-078
* Replace Postgrey with postscreen.Guilhem Moulin2015-06-079
* Verify the validity of users before that of aliases.Guilhem Moulin2015-06-071
* Remove reject_unknown_sender_domain from the MX.Guilhem Moulin2015-06-071
* wibbleGuilhem Moulin2015-06-071
* Use the raw 'fripostListManager' as routing internal subdomain.Guilhem Moulin2015-06-071
* Fix $smtpd_sender_restrictions.Guilhem Moulin2015-06-071
* Explain why we use static transport maps and custom subdomains.Guilhem Moulin2015-06-072
* Use $virtual_alias_domains not $virtual_mailbox_domains.Guilhem Moulin2015-06-075
* Perform the alias resolution and address validation solely on the MX:es.Guilhem Moulin2015-06-0710
* Ensure Postfix's LDAP searchBase exists when doing a lookup.Guilhem Moulin2015-06-076
* Remove o=mailHosting from the LDAP directory suffix.Guilhem Moulin2015-06-077
* Fix a corner case in reserved-alias.pl.Guilhem Moulin2015-06-071
* Tell vim the underlying filetype of templates for syntax highlighting.Guilhem Moulin2015-06-071
* Reload Postfix upon configuration change, but don't restart it.Guilhem Moulin2015-06-072
* Don't restart/reload Postifx upon change of a file based database.Guilhem Moulin2015-06-071
* Replace IPSec tunnels by app-level ephemeral TLS sessions.Guilhem Moulin2015-06-072
* Outgoing SMTP proxy.Guilhem Moulin2015-06-071