X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/a0ef97a3169e9da8b4618116075d54c49b4292b4..34cf4db2749cb9993eb062f6f4a32c1f4067a6b3:/roles/email/templates/master.cf diff --git a/roles/email/templates/master.cf b/roles/email/templates/master.cf index e6eeb14..fb582cb 100644 --- a/roles/email/templates/master.cf +++ b/roles/email/templates/master.cf @@ -9,7 +9,7 @@ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) # ========================================================================== -{% if postfix.postscreen is defined and postfix.postscreen %} +{% if postfix.postscreen | default(False) %} smtp inet n - y - 1 postscreen smtpd pass - - y - - smtpd dnsblog unix - - y - 0 dnsblog @@ -17,8 +17,14 @@ tlsproxy unix - - y - 0 tlsproxy {% else %} smtp inet n - y - - smtpd {% endif %} +{% if postfix.smtpd_26 | default(False) %} +26 inet n - y - - smtpd + -o syslog_name=postfix/smtpd2 + -o smtpd_tls_security_level=encrypt + -o smtpd_recipient_restrictions=permit_mynetworks,permit_tls_clientcerts,reject +{% endif %} -{% if postfix.submission is defined and postfix.submission %} +{% if postfix.submission | default(False) %} submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt @@ -41,7 +47,20 @@ verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap +{% if postfix.smtp_outgoing is defined %} +{% for item in postfix.smtp_outgoing %} +{{item.name}} unix - - - - - smtp + -o smtp_helo_name={{item.hostname}} + -o smtp_bind_address={{item.ip}} +{% if item.ip_v6 is defined %} + -o smtp_bind_address6={{item.ip_v6}} +{% else %} + -o inet_protocols=ipv4 +{% endif %} +{% endfor %} +{% else %} smtp unix - - y - - smtp +{% endif %} relay unix - - y - - smtp # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - y - - showq