Mercurial > code > home > repos > infra
annotate mail/main.cf.j2 @ 329:2bbcf00b8d2a
hgignore and reformat
| author | drewp@bigasterisk.com |
|---|---|
| date | Sun, 23 Feb 2025 15:08:58 -0800 |
| parents | 5b88b38f2471 |
| children |
| rev | line source |
|---|---|
| 16 | 1 # written by pyinfra |
| 2 | |
|
18
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
3 compatibility_level = 3 |
|
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
4 |
| 16 | 5 smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) |
| 6 | |
| 7 readme_directory = /usr/share/doc/postfix | |
| 180 | 8 html_directory = /usr/share/doc/postfix/html |
| 9 | |
| 10 inet_interfaces = all | |
| 16 | 11 |
| 12 # TLS parameters | |
| 13 smtpd_tls_cert_file=/etc/ssl/certs/self1-ca.crt | |
| 14 smtpd_tls_key_file=/etc/ssl/certs/self1-ca.key | |
| 15 smtpd_use_tls=yes | |
| 16 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | |
| 17 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |
| 18 smtpd_tls_loglevel = 0 | |
| 19 smtpd_tls_security_level = may | |
| 20 smtpd_tls_received_header = yes | |
|
185
781919a97c90
kill ipv6 warnings; other minor edits
drewp@bigasterisk.com
parents:
184
diff
changeset
|
21 smtpd_relay_before_recipient_restrictions = yes |
|
781919a97c90
kill ipv6 warnings; other minor edits
drewp@bigasterisk.com
parents:
184
diff
changeset
|
22 smtp_address_preference = ipv4 |
| 180 | 23 |
| 16 | 24 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for |
| 25 # information on enabling SSL in the smtp client. | |
| 26 | |
| 190 | 27 relayhost = {{ 'prime.bigasterisk.com' if host.name != 'prime' else '' }} |
|
184
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
28 |
| 183 | 29 alias_maps = hash:/etc/postfix/aliases |
| 30 alias_database = hash:/etc/postfix/aliases | |
| 190 | 31 |
| 32 {% if host.name == 'prime' %} | |
| 33 myhostname = bigasterisk.com | |
| 16 | 34 mydestination = /etc/postfix/mydestination |
| 190 | 35 {% else %} |
| 36 myhostname = {{ host.name }}.bigasterisk.com | |
| 37 # must relay, even if you think you're the destination name is correct | |
| 38 mydestination = | |
| 39 {% endif %} | |
| 40 | |
|
18
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
41 relay_domains = $mydestination |
|
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
42 mynetworks_style = subnet |
| 16 | 43 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.1.0.0/16 10.3.0.0/16 10.5.0.0/24 192.168.0.3/32 [fc7b:54e8:69a9:e165:86c8:9d42:6cc5:b2a1]/128 [fcc8:29d:5660:ec63:754f:37af:de4a:a9df]/128 |
| 180 | 44 |
|
185
781919a97c90
kill ipv6 warnings; other minor edits
drewp@bigasterisk.com
parents:
184
diff
changeset
|
45 # allow realuser+fakepart@bigasterisk.com |
| 16 | 46 recipient_delimiter = + |
| 47 | |
| 190 | 48 {% if host.name == 'prime' %} |
| 49 # mail can only deliver on prime | |
| 180 | 50 mailbox_size_limit = 0 |
| 16 | 51 home_mailbox = Maildir/ |
| 180 | 52 biff = no |
| 53 message_size_limit = 50000000 | |
| 54 #mailbox_command = procmail -a "$EXTENSION" | |
| 190 | 55 {% endif %} |
| 56 | |
| 16 | 57 |
| 58 # http://www.spamcop.net/fom-serve/cache/349.html | |
| 59 # upgraded, per http://www.wrightthisway.com/Articles/000062.html | |
| 60 | |
| 61 smtpd_recipient_restrictions = | |
| 62 permit_mynetworks, | |
| 63 permit_sasl_authenticated, | |
| 64 # check_client_access /etc/passwd somehow? | |
| 65 reject_invalid_hostname, | |
| 66 reject_non_fqdn_sender, | |
| 67 reject_non_fqdn_recipient, | |
| 68 reject_unknown_sender_domain, | |
| 69 reject_unknown_recipient_domain, | |
| 70 reject_unauth_pipelining, | |
| 71 permit_tls_clientcerts, | |
| 72 reject_unauth_destination, | |
| 73 check_sender_access hash:/etc/postfix/sender_access, | |
| 74 reject_rbl_client bl.spamcop.net, | |
| 75 permit | |
|
18
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
76 |
|
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
77 smtpd_tls_ask_ccert = yes |
| 16 | 78 |
| 79 # no dovecot | |
| 80 smtpd_sasl_type = cyrus | |
| 81 cyrus_sasl_config_path = /etc/postfix/sasl/ | |
| 82 | |
| 83 # yes dovecot | |
| 84 #smtpd_sasl_type = dovecot | |
| 85 #smtpd_sasl_path = private/auth | |
| 86 | |
| 87 smtpd_sasl_auth_enable = yes | |
| 88 smtpd_sasl_security_options = noanonymous | |
| 89 smtpd_sasl_tls_security_options = $smtpd_sasl_security_options | |
| 90 smtpd_tls_auth_only = yes | |
| 91 | |
| 92 queue_directory = /var/spool/postfix | |
| 93 | |
| 190 | 94 # Postfix is the final destination for the specified list |
| 95 {% if host.name == 'prime' %} | |
|
324
99c81fa0f2fc
add chat.bigasterisk.com dns and dkim
drewp@bigasterisk.com
parents:
218
diff
changeset
|
96 virtual_alias_domains = adkinslawgroup.com iveseenyoubefore.com fantasyfamegame.com maxradi.us whopickedthis.com quickwitretort.com drewp.quickwitretort.com kelsi.quickwitretort.com photo.bigasterisk.com whatsplayingnext.com williamperttula.com |
| 16 | 97 |
|
185
781919a97c90
kill ipv6 warnings; other minor edits
drewp@bigasterisk.com
parents:
184
diff
changeset
|
98 # Optional lookup tables that alias specific mail addresses or domains to other local or remote addresses |
| 16 | 99 virtual_alias_maps = hash:/etc/postfix/virtual |
| 190 | 100 {% endif %} |
| 16 | 101 |
| 218 | 102 smtpd_milters = inet:127.0.0.1:8891 |
| 103 non_smtpd_milters = $smtpd_milters | |
| 104 milter_default_action = accept |