Commit 1275d262 authored by Florian Pritz's avatar Florian Pritz
Browse files

postfix: Decouple smtpd and full mail server



Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent 52288936
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
- { role: nginx, letsencrypt_validation_dir: "/var/lib/letsencrypt", tags: ["nginx"] } - { role: nginx, letsencrypt_validation_dir: "/var/lib/letsencrypt", tags: ["nginx"] }
- { role: planet, planet_domain: "planet.archlinux.org", planet_dir: "/srv/http/planet", tags: ["planet"] } - { role: planet, planet_domain: "planet.archlinux.org", planet_dir: "/srv/http/planet", tags: ["planet"] }
- { role: spampd, tags: ["mail", "spampd"] } - { role: spampd, tags: ["mail", "spampd"] }
- { role: postfix, postfix_server: false, tags: ["mail", "postfix"] } - { role: postfix, postfix_server: false, postfix_smtpd_public: false, tags: ["mail", "postfix"] }
- { role: opendkim, dkim_selector: apollo, tags: ['mail', "opendkim"] } - { role: opendkim, dkim_selector: apollo, tags: ['mail', "opendkim"] }
- { role: dovecot, tags: ['mail', "dovecot"] } - { role: dovecot, tags: ['mail', "dovecot"] }
- { role: postfwd, tags: ['mail', "postfwd"] } - { role: postfwd, tags: ['mail', "postfwd"] }
......
---
postfix_smtpd_public: false
postfix_server: false
...@@ -5,7 +5,7 @@ biff = no ...@@ -5,7 +5,7 @@ biff = no
append_dot_mydomain = no append_dot_mydomain = no
{% if postfix_server %} {% if postfix_smtpd_public %}
smtpd_tls_cert_file = /etc/letsencrypt/live/{{inventory_hostname}}/fullchain.pem smtpd_tls_cert_file = /etc/letsencrypt/live/{{inventory_hostname}}/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/{{inventory_hostname}}/privkey.pem smtpd_tls_key_file = /etc/letsencrypt/live/{{inventory_hostname}}/privkey.pem
{% endif %} {% endif %}
...@@ -74,7 +74,7 @@ non_smtpd_milters=unix:/var/spool/opendkim/opendkim ...@@ -74,7 +74,7 @@ non_smtpd_milters=unix:/var/spool/opendkim/opendkim
# custom restriction classes # custom restriction classes
policy_check = policy_check =
# postfwd # postfwd
{% if postfix_server %} {% if postfix_smtpd_public %}
check_policy_service inet:127.0.0.1:10040 check_policy_service inet:127.0.0.1:10040
{% endif %} {% endif %}
......
...@@ -9,11 +9,16 @@ ...@@ -9,11 +9,16 @@
# service type private unpriv chroot wakeup maxproc command + args # service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100) # (yes) (yes) (no) (never) (100)
# ========================================================================== # ==========================================================================
{% if postfix_server %} {% if postfix_smtpd_public %}
smtp inet n - n - - smtpd smtp inet n - n - - smtpd
-o smtpd_proxy_filter=[127.0.0.1]:10025 -o smtpd_proxy_filter=[127.0.0.1]:10025
-o smtpd_client_connection_count_limit=20 -o smtpd_client_connection_count_limit=20
-o smtpd_proxy_options=speed_adjust -o smtpd_proxy_options=speed_adjust
{% else %}
localhost:smtp inet n - n - - smtpd
{% endif %}
{% if postfix_server %}
submission inet n - n - - smtpd submission inet n - n - - smtpd
-o syslog_name=postfix/submission -o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt -o smtpd_tls_security_level=encrypt
...@@ -22,9 +27,8 @@ submission inet n - n - - smtpd ...@@ -22,9 +27,8 @@ submission inet n - n - - smtpd
-o content_filter=smtp:[127.0.0.1]:10025 -o content_filter=smtp:[127.0.0.1]:10025
-o smtpd_client_connection_count_limit=10 -o smtpd_client_connection_count_limit=10
#-o smtpd_milters=unix:/var/spool/opendkim/opendkim #-o smtpd_milters=unix:/var/spool/opendkim/opendkim
{% else %}
localhost:smtp inet n - n - - smtpd
{% endif %} {% endif %}
#smtp inet n - n - 1 postscreen #smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd #smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog #dnsblog unix - - n - 0 dnsblog
...@@ -80,7 +84,7 @@ lmtp unix - - n - - lmtp ...@@ -80,7 +84,7 @@ lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil anvil unix - - n - 1 anvil
scache unix - - n - 1 scache scache unix - - n - 1 scache
{% if postfix_server %} {% if postfix_smtpd_public %}
# After-filter SMTP server. Receive mail from the content filter # After-filter SMTP server. Receive mail from the content filter
# on localhost port 10026. # on localhost port 10026.
# #
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment