mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-18 08:06:16 +01:00
Code Issues
mysql_dashboard
infrastructure/roles/postfix/templates/master.cf.j2
Frederik Schwan 2fd742ea79
rename postfix smtps service from "465" to submissions
2020-12-01 16:24:55 +01:00

146 lines
6.7 KiB
Django/Jinja
Raw Permalink Blame History

#
# {{ansible_managed}}
#
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
{% if postfix_smtpd_public %}
smtp inet n - n - - smtpd
-o smtpd_client_connection_count_limit=20
-o smtpd_proxy_options=speed_adjust
{% else %}
localhost:smtp inet n - n - - smtpd
{% endif %}
{% if postfix_server %}
msa_cleanup unix n - n - 0 cleanup
-o header_checks=pcre:/etc/postfix/msa_header_checks
submission inet n - n - - smtpd
-o cleanup_service_name=msa_cleanup
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=$submission_recipient_restrictions
-o smtpd_client_connection_count_limit=10
submissions inet n - n - - smtpd
-o cleanup_service_name=msa_cleanup
-o smtpd_tls_wrappermode=yes
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=$submission_recipient_restrictions
-o smtpd_client_connection_count_limit=10
{% endif %}
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
#submission inet n - n - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
smtp-ipv4 unix - - n - - smtp
-o inet_protocols=ipv4
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
{% if postfix_smtpd_public %}
# After-filter SMTP server. Receive mail from the content filter
# on localhost port 10026.
#
127.0.0.1:10026 inet n - n - - smtpd
-o syslog_name=postfix/after-sa-smtp
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=$post_queue_smtpd_recipient_restrictions
-o smtpd_data_restrictions=
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o receive_override_options=no_unknown_recipient_checks,no_milters
-o smtpd_tls_auth_only=no
-o smtpd_reject_footer=
-o smtpd_tls_security_level=none
{% endif %}
# a port listening on localhost only to allow local services (eg, webapps etc)
# to relay mail without waiting for filtering checks etc that are applied to
# port 25 connections. specifically, flyspray seems to send emails sequentially
# so any delays in delivery cause noticable delays for users on the web ui.
127.0.0.1:10027 inet n - n - - smtpd
-o syslog_name=postfix/dkim-injector
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=$post_queue_smtpd_recipient_restrictions
-o smtpd_data_restrictions=
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o receive_override_options=no_unknown_recipient_checks
-o smtpd_tls_auth_only=no
-o smtpd_reject_footer=
-o smtpd_tls_security_level=none
{% if postfix_patchwork_enabled %}
patchwork unix - n n - - pipe
flags=DFRX user={{postfix_patchwork_user}} argv={{postfix_patchwork_mail_handler}}
{% endif %}
{% if postfix_server %}
wiki_bouncehandler unix - n n - - pipe
flags=DFRX user={{postfix_wiki_bounce_user}} argv=/usr/bin/systemd-cat {{postfix_wiki_bounce_mail_handler}} {{postfix_wiki_bounce_config}}
{% endif %}
View Git Blame Copy Permalink