diff options
| author | Roman Ilin <me@romanilin.is> | 2026-06-15 12:59:09 +0300 |
|---|---|---|
| committer | Roman Ilin <me@romanilin.is> | 2026-06-15 22:04:41 +0300 |
| commit | 5e4bf1268c266e63d0e92e845ad910a2103b86ff (patch) | |
| tree | 532c01a9658a05048ef1ba76d4f30fca84005643 /roles/mail/templates/postfix_main.cf.j2 | |
| download | infrastructure-main.tar.gz | |
Diffstat (limited to 'roles/mail/templates/postfix_main.cf.j2')
| -rw-r--r-- | roles/mail/templates/postfix_main.cf.j2 | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/roles/mail/templates/postfix_main.cf.j2 b/roles/mail/templates/postfix_main.cf.j2 new file mode 100644 index 0000000..df20610 --- /dev/null +++ b/roles/mail/templates/postfix_main.cf.j2 @@ -0,0 +1,27 @@ +myhostname = mail.{{ vault_public_domain }} +mydomain = {{ vault_public_domain }} +myorigin = $mydomain +mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +inet_interfaces = all +inet_protocols = ipv4 +mynetworks = 127.0.0.0/8, 10.0.0.0/24 +home_mailbox = Maildir/ +message_size_limit = 26214400 +alias_maps = lmdb:/etc/aliases +alias_database = lmdb:/etc/aliases + +smtpd_tls_cert_file = /etc/letsencrypt/live/{{ vault_public_domain }}/fullchain.pem +smtpd_tls_key_file = /etc/letsencrypt/live/{{ vault_public_domain }}/privkey.pem +smtpd_tls_security_level = may +smtp_tls_security_level = may +smtpd_tls_protocols = >=TLSv1.2 +smtp_tls_protocols = >=TLSv1.2 + +smtpd_sasl_type = dovecot +smtpd_sasl_path = private/auth +smtpd_sasl_auth_enable = yes +smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination + +smtpd_milters = inet:localhost:8891 +non_smtpd_milters = inet:localhost:8891 +milter_default_action = accept |