aboutsummaryrefslogtreecommitdiff
path: root/roles/mail/templates/postfix_main.cf.j2
diff options
context:
space:
mode:
Diffstat (limited to 'roles/mail/templates/postfix_main.cf.j2')
-rw-r--r--roles/mail/templates/postfix_main.cf.j227
1 files changed, 27 insertions, 0 deletions
diff --git a/roles/mail/templates/postfix_main.cf.j2 b/roles/mail/templates/postfix_main.cf.j2
new file mode 100644
index 0000000..df20610
--- /dev/null
+++ b/roles/mail/templates/postfix_main.cf.j2
@@ -0,0 +1,27 @@
+myhostname = mail.{{ vault_public_domain }}
+mydomain = {{ vault_public_domain }}
+myorigin = $mydomain
+mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
+inet_interfaces = all
+inet_protocols = ipv4
+mynetworks = 127.0.0.0/8, 10.0.0.0/24
+home_mailbox = Maildir/
+message_size_limit = 26214400
+alias_maps = lmdb:/etc/aliases
+alias_database = lmdb:/etc/aliases
+
+smtpd_tls_cert_file = /etc/letsencrypt/live/{{ vault_public_domain }}/fullchain.pem
+smtpd_tls_key_file = /etc/letsencrypt/live/{{ vault_public_domain }}/privkey.pem
+smtpd_tls_security_level = may
+smtp_tls_security_level = may
+smtpd_tls_protocols = >=TLSv1.2
+smtp_tls_protocols = >=TLSv1.2
+
+smtpd_sasl_type = dovecot
+smtpd_sasl_path = private/auth
+smtpd_sasl_auth_enable = yes
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
+
+smtpd_milters = inet:localhost:8891
+non_smtpd_milters = inet:localhost:8891
+milter_default_action = accept