Franziska Kunsmann
35e4bbf04b
All checks were successful
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between instances, which leads to the server simply accepting mails for the port on which postscreen starts up later. Since we can't predict which port this will be, we simply remove postscreen alltogether. Yes, i know i could just remove postscreen for port 2525.
54 lines
2.9 KiB
CFEngine3
54 lines
2.9 KiB
CFEngine3
# ==========================================================================
|
|
# service type private unpriv chroot wakeup maxproc command + args
|
|
# (yes) (yes) (no) (never) (100)
|
|
# ==========================================================================
|
|
smtp inet n - y - 1 smtpd
|
|
% if node.has_bundle('postfixadmin'):
|
|
-o smtpd_sasl_auth_enable=no
|
|
2525 inet n - y - 1 smtpd
|
|
-o smtpd_sasl_auth_enable=no
|
|
% endif
|
|
smtpd pass - - y - - smtpd
|
|
dnsblog unix - - y - 0 dnsblog
|
|
tlsproxy unix - - y - 0 tlsproxy
|
|
% if node.has_bundle('postfixadmin'):
|
|
submission inet n - y - - smtpd
|
|
-o syslog_name=postfix/submission
|
|
-o smtpd_tls_security_level=encrypt
|
|
-o smtpd_sasl_auth_enable=yes
|
|
-o smtpd_sasl_type=dovecot
|
|
-o smtpd_sasl_path=private/auth
|
|
-o smtpd_sasl_security_options=noanonymous
|
|
-o smtpd_client_restrictions=$mua_client_restrictions
|
|
-o smtpd_sender_restrictions=$mua_sender_restrictions
|
|
-o smtpd_relay_restrictions=$mua_relay_restrictions
|
|
-o milter_macro_daemon_name=ORIGINATING
|
|
-o smtpd_helo_required=no
|
|
-o smtpd_helo_restrictions=
|
|
-o cleanup_service_name=submission-header-cleanup
|
|
submission-header-cleanup unix n - n - 0 cleanup
|
|
-o header_checks=regexp:/etc/postfix/submission_header_cleanup
|
|
% endif
|
|
pickup unix n - y 60 1 pickup
|
|
cleanup unix n - y - 0 cleanup
|
|
qmgr unix n - n 300 1 qmgr
|
|
tlsmgr unix - - y 1000? 1 tlsmgr
|
|
rewrite unix - - y - - trivial-rewrite
|
|
bounce unix - - y - 0 bounce
|
|
defer unix - - y - 0 bounce
|
|
trace unix - - y - 0 bounce
|
|
verify unix - - y - 1 verify
|
|
flush unix n - y 1000? 0 flush
|
|
proxymap unix - - n - - proxymap
|
|
proxywrite unix - - n - 1 proxymap
|
|
smtp unix - - y - - smtp
|
|
relay unix - - y - - smtp
|
|
showq unix n - y - - showq
|
|
error unix - - y - - error
|
|
retry unix - - y - - error
|
|
discard unix - - y - - discard
|
|
local unix - n n - - local
|
|
virtual unix - n n - - virtual
|
|
lmtp unix - - y - - lmtp
|
|
anvil unix - - y - 1 anvil
|
|
scache unix - - y - 1 scache
|