From 4895573883df830a82b65b8ecf96abde18370147 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 1 Dec 2013 17:08:53 +0100 Subject: Share master.cf accross all Postfix instances. And use main.cf's 'master_service_disable' setting to deactivate each service that's useless for a given instance. (Hence solve conflict when trying to listen twice on the same port, for instance.) --- roles/common/templates/etc/postfix/main.cf.j2 | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'roles/common/templates/etc/postfix/main.cf.j2') diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2 index 0922b49..59bf0ba 100644 --- a/roles/common/templates/etc/postfix/main.cf.j2 +++ b/roles/common/templates/etc/postfix/main.cf.j2 @@ -11,11 +11,9 @@ mydomain = {{ ansible_domain }} append_dot_mydomain = no # This server is for internal use only -mynetworks_style = host -inet_interfaces = loopback-only -inet_protocols = ipv4 -# Tunnel everything through IPSec -smtp_bind_address = 172.16.0.1 +mynetworks_style = host +inet_interfaces = loopback-only +inet_protocols = ipv4 # No local delivery mydestination = @@ -33,15 +31,17 @@ smtp_generic_maps = pcre:$config_directory/generic.pcre # Forward everything to our internal mailhub {% if 'MTA-out' in group_names %} -relayhost = [127.0.0.1]:2525 +# TODO: use a UNIX socket instead +relay_transport = lmtp:unix:private/mta-out {% else %} -relayhost = [outgoing.fripost.org]:2525 +relayhost = [{{ MTA_out.IPv4 }}]:{{ MTA_out.port }} {% endif %} +relay_domains = -# This server is for internal use only; external connections are -# protected by IPSec already -smtpd_tls_security_level = none +# Tunnel everything through IPSec smtp_tls_security_level = none +smtp_bind_address = 172.16.0.1 +smtpd_tls_security_level = none # Turn off all TCP/IP listener ports except that dedicated to # samhain(8), which sadly cannot use pickup through the sendmail binary. -- cgit v1.2.3