postfix:
# optional: Whether to put a postscreen on port 25
postscreen: True
+ # optional: Open another SMTP daemon on port 26 that only accepts mail from local hosts
+ # (and whitelisted client certs, if applicable). Useful when the source of the mail is in
+ # a network that blocks port 25 outgoing.
+ smtpd_26: True
# optional: Whether to accept emails for arbitrary destination on the submission port,
# authenticated by dovecot. Requires a dovecot: section (see below).
submission: True
# setup mail routes for virtual mail: all mail ends up being forwarded somewhere
virtual_transport = error
-transport_maps = hash:/etc/postfix/transport_map
+transport_maps = hash:$config_directory/transport_map
mailman_destination_recipient_limit = 1
{% endif %}
{% if postfix.smtp_outgoing is defined %}
+# send mail via specific IP
default_transport = {{ postfix.default_smtp_outgoing }}
sender_dependent_default_transport_maps = hash:$config_directory/sender_transport_map
{% endif %}
{% else %}
smtp inet n - y - - smtpd
{% endif %}
+{% if postfix.smtpd_26 is defined and postfix.smtpd_26 %}
+26 inet n - y - - smtpd
+ -o syslog_name=postfix/smtpd2
+ -o smtpd_tls_security_level=encrypt
+ -o smtpd_recipient_restrictions=permit_mynetworks,permit_tls_clientcerts,reject
+{% endif %}
{% if postfix.submission is defined and postfix.submission %}
submission inet n - y - - smtpd
projects / ansible.git / commitdiff