sebastian/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ansible/roles/postfix/defaults/main.yml
sebastian 6224cd01c6 initial upload
2025-10-10 11:07:34 +00:00

166 lines
4.4 KiB
YAML
Raw Permalink Blame History

postfix_mynetworks: []
postfix_mydestination_local:
- "{{ ansible_hostname }}.maruntiel.net"
- "localhost"
- "localhost.{{ ansible_domain }}"
postfix_mydestination_extra: []
# main.cf settings
postfix_settings:
compatibility_level: 2
myhostname: "{{ ansible_hostname }}.maruntiel.net"
myorigin: /etc/mailname
mydestination: "{{ postfix_mydestination_local + postfix_mydestination_extra }}"
mynetworks: "10.11.0.0/16 62.171.160.169/32 207.244.234.58/32 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 {{ postfix_mynetworks | join(' ') }}"
relayhost: ""
alias_maps: hash:/etc/aliases
alias_database: hash:/etc/aliases
biff: no
mailbox_command:
home_mailbox: Maildir/
mailbox_size_limit: 0
recipient_delimiter: +
append_dot_mydomain: no
readme_directory: no
dovecot_destination_recipient_limit: 1
tls_random_source: dev:/dev/urandom
default_transport: smtp
relay_transport: smtp
relay_domains: ""
inet_protocols: ipv4
inet_interfaces: all
virtual_mailbox_domains:
- /etc/postfix/virtual_domains
virtual_mailbox_base:
- /var/mail/vhosts
virtual_mailbox_maps:
- hash:/etc/postfix/vmailbox
virtual_alias_maps:
- hash:/etc/postfix/virtual_alias
virtual_minimum_uid:
- 100
virtual_uid_maps:
- static:5000
virtual_gid_maps:
- static:5000
virtual_transport:
- virtual
virtual_alias_domains:
- maruntiel.net
- maruntiel.com
- stillmob.ro
- pedimedic.ro
# SMTP SETTINGS
smtp_use_tls: yes
smtp_tls_security_level: may
smtp_tls_note_starttls_offer: yes
smtp_tls_session_cache_database: "btree:${data_directory}/smtp_scache"
# SMTPD SETTINGS
smtpd_use_tls: yes
smtpd_tls_auth_only: no
smtpd_tls_security_level: may
smtpd_tls_loglevel: 1
smtpd_tls_received_header: yes
smtpd_tls_session_cache_timeout: 3600s
smtpd_tls_session_cache_database: "btree:${data_directory}/smtpd_scache"
smtpd_tls_cert_file: "/etc/letsencrypt/live/maruntiel.net/fullchain.pem"
smtpd_tls_key_file: "/etc/letsencrypt/live/maruntiel.net/privkey.pem"
smtpd_banner: "$myhostname ESMTP $mail_name"
smtpd_client_restrictions:
- permit_mynetworks
- permit_sasl_authenticated
- reject_invalid_hostname
- reject_unknown_client
- reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sender_restrictions:
- permit_mynetworks
- reject_unknown_address
- reject_unknown_sender_domain
- reject_non_fqdn_sender
smtpd_recipient_limit: 250
smtpd_recipient_restrictions:
- reject_invalid_hostname
- reject_non_fqdn_sender
- reject_non_fqdn_recipient
- reject_unlisted_sender
- permit_mynetworks
- permit_sasl_authenticated
- reject_unauth_pipelining
- reject_unauth_destination
- check_policy_service unix:private/policyd-spf
- reject_non_fqdn_hostname
- reject_unknown_sender_domain
- reject_rbl_client bl.spamcop.net
- reject_rbl_client zen.spamhaus.org
- permit
smtpd_relay_restrictions:
- reject_invalid_hostname
- reject_non_fqdn_sender
- reject_non_fqdn_recipient
- reject_unlisted_sender
- permit_mynetworks
- permit_sasl_authenticated
- reject_unauth_pipelining
- reject_unauth_destination
- check_policy_service unix:private/policyd-spf
- reject_non_fqdn_hostname
- reject_unknown_sender_domain
- reject_rbl_client bl.spamcop.net
- reject_rbl_client zen.spamhaus.org
- permit
smtpd_client_connection_rate_limit: 10
smtpd_client_message_rate_limit: 10
# SASL
smtpd_sasl_auth_enable: yes
smtpd_sasl_type: dovecot
smtpd_sasl_path: private/auth
broken_sasl_auth_clients: yes
smtpd_sasl_local_domain: \$mydomain
smtpd_sasl_security_options: noanonymous
# Other
header_checks:
- regexp:/etc/postfix/header_checks
# DKIM
milter_default_action: accept
milter_protocol: 6
smtpd_milters: local:opendkim/opendkim.sock
non_smtpd_milters: $smtpd_milters
# SPF
policyd-spf_time_limit: 3600
postfix_opendkim: "{{ postfix_dkim_domains|count > 0 }}"
postfix_relay: no
postfix_smtpd_public: yes
postfix_firewall: "{{ firewall_enabled|default(true) }}"
postfix_dkim_domains: []
virtual_mailbox_domains: /etc/postfix/virtual_domains
virtual_mailbox_base: /var/mail/vhosts
virtual_mailbox_maps: hash:/etc/postfix/vmailbox
virtual_alias_maps: hash:/etc/postfix/virtual_alias
virtual_minimum_uid: 100
virtual_uid_maps: static:5000
virtual_gid_maps: static:5000
virtual_transport: virtual
Reference in New Issue View Git Blame Copy Permalink