fws
/
ansible-roles
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
744 Commits
1 Branch
0 Tags
7.5 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 16aca60368
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '16aca60368'
${ noResults }
ansible-roles/roles/pmg/templates/main.cf.in.j2

134 lines
4.2 KiB
Raw Blame History

# auto-generated by proxmox
compatibility_level = 2
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix/sbin
data_directory = /var/lib/postfix
# appending .domain is the MUA's job.
append_dot_mydomain = yes
smtpd_banner = $myhostname [% pmg.mail.banner %]
biff = no
[% IF pmg.mail.dwarning %]
delay_warning_time = [% pmg.mail.dwarning %]h
[% END %]
best_mx_transport = local
message_size_limit = [% pmg.mail.maxsize %]
mailbox_size_limit = [% ((pmg.mail.maxsize*2 > 51200000) ? pmg.mail.maxsize*2 : 51200000) %]
mydomain = [% dns.domain %]
myhostname = [% dns.hostname %].[% dns.domain %]
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,smtpd_access_maps
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localhost, $myhostname
mynetworks = [% postfix.mynetworks %]
relay_domains = hash:/etc/pmg/domains
transport_maps = hash:/etc/pmg/transport
[% IF pmg.mail.relay %]
[% IF pmg.mail.relaynomx %]
relay_transport = smtp:[[% pmg.mail.relay %]]:[% pmg.mail.relayport %]
[% ELSE %]
relay_transport = smtp:[% pmg.mail.relay %]:[% pmg.mail.relayport %]
[% END %]
[% END %]
[% IF pmg.mail.smarthost %]
default_transport = smtp:[% pmg.mail.smarthost %]:[% pmg.mail.smarthostport %]
[% END %]
content_filter=scan:127.0.0.1:10024
mail_name = Proxmox
[% IF pmg.mail.helotests %]
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_invalid_helo_hostname
[% ELSE %]
smtpd_helo_restrictions =
[% END %]
postscreen_access_list =
permit_mynetworks,
cidr:/etc/postfix/postscreen_access
[% IF postfix.dnsbl_sites %]
postscreen_dnsbl_sites = [% postfix.dnsbl_sites %]
postscreen_dnsbl_threshold = [% postfix.dnsbl_threshold %]
[% END %]
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
smtpd_sender_restrictions =
permit_mynetworks
reject_non_fqdn_sender
check_client_access cidr:/etc/postfix/clientaccess
check_sender_access regexp:/etc/postfix/senderaccess
check_recipient_access regexp:/etc/postfix/rcptaccess
[%- IF pmg.mail.rejectunknown %] reject_unknown_client_hostname[% END %]
[%- IF pmg.mail.rejectunknownsender %] reject_unknown_sender_domain[% END %]
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
reject_non_fqdn_recipient
check_recipient_access regexp:/etc/postfix/rcptaccess
[%- IF postfix.usepolicy %] check_sender_access regexp:/etc/postfix/senderaccess[% END %]
[%- IF postfix.usepolicy %] check_client_access cidr:/etc/postfix/clientaccess[% END %]
[%- IF postfix.usepolicy %] check_policy_service inet:127.0.0.1:10022[% END %]
[%- IF pmg.mail.verifyreceivers %] reject_unknown_recipient_domain[% END %]
[%- IF pmg.mail.verifyreceivers %] reject_unverified_recipient[% END %]
[% IF pmg.mail.verifyreceivers %]
unverified_recipient_reject_code = [% pmg.mail.verifyreceivers %]
[% END %]
smtpd_client_connection_count_limit = [% pmg.mail.conn_count_limit %]
smtpd_client_connection_rate_limit = [% pmg.mail.conn_rate_limit %]
smtpd_client_message_rate_limit = [% pmg.mail.message_rate_limit %]
[% IF pmg.mail.tls %]
smtp_tls_security_level = may
smtp_tls_policy_maps = hash:/etc/pmg/tls_policy
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
[% IF pmg.mail.tlslog %]
smtpd_tls_loglevel = 1
smtp_tls_loglevel = 1
[% END %]
[% IF pmg.mail.tlsheader %]
smtpd_tls_received_header = yes
[% END %]
[% END %]
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
[% IF pmg.mail.hide_received %]
unverified_recipient_reject_reason = Recipient address lookup failed
[% END %]
default_destination_concurrency_limit = 40
lmtp_destination_concurrency_limit = 20
relay_destination_concurrency_limit = 20
smtp_destination_concurrency_limit = 20
virtual_destination_concurrency_limit = 20
recipient_delimiter = +
# Throttle client errors
smtpd_soft_error_limit = 3
smtpd_hard_error_limit = 6
smtpd_error_sleep_time = 8s