1 |
# Please be sure to read the /usr/share/doc/postfix/README.MDK file |
2 |
# to learn about differences from stock postfix to Mandriva package. |
3 |
# This file contains only the parameters changed from a default install |
4 |
# see /etc/postfix/main.cf.dist for a commented, fuller version of this file. |
5 |
|
6 |
|
7 |
# These are changed by postfix install script |
8 |
readme_directory = /usr/share/doc/postfix/README_FILES |
9 |
html_directory = /usr/share/doc/postfix/html |
10 |
sendmail_path = /usr/sbin/sendmail.postfix |
11 |
setgid_group = postdrop |
12 |
command_directory = /usr/sbin |
13 |
manpage_directory = /usr/share/man |
14 |
daemon_directory = <%= lib_dir %>/postfix/ |
15 |
data_directory = /var/lib/postfix |
16 |
newaliases_path = /usr/bin/newaliases |
17 |
mailq_path = /usr/bin/mailq |
18 |
queue_directory = /var/spool/postfix |
19 |
mail_owner = postfix |
20 |
|
21 |
# User configurable parameters |
22 |
|
23 |
<% if all_tags.include?('postfix::simple_relay') %> |
24 |
inet_interfaces = localhost |
25 |
<% else %> |
26 |
inet_interfaces = all |
27 |
<% end %> |
28 |
|
29 |
inet_protocols = all |
30 |
mynetworks_style = host |
31 |
myhostname = <%= fqdn %> |
32 |
mydomain = <%= domain %> |
33 |
myorigin = $mydomain |
34 |
<%- if all_tags.include?('postfix::server::secondary') -%> |
35 |
relay_domains = <%= domain %>, |
36 |
ml.<%= domain %>, |
37 |
group.<%= domain %> |
38 |
<%- end -%> |
39 |
|
40 |
mydestination = <%= fqdn %> |
41 |
<%- if classes.include?('sympa::server') -%> |
42 |
ml.<%= domain %> |
43 |
<%- end -%> |
44 |
|
45 |
<%- if all_tags.include?('postfix::server::primary') -%> |
46 |
|
47 |
virtual_mailbox_domains = <%= domain %>, |
48 |
group.<%= domain %> |
49 |
|
50 |
# postfix complain if not set |
51 |
# Mar 22 23:51:20 alamut postfix/virtual[22952]: fatal: bad string length 0 < 1: virtual_mailbox_base = |
52 |
virtual_mailbox_base = /var/lib/mail |
53 |
|
54 |
# local_recipient_maps is disabled, as we need to route all |
55 |
# non local email to ryu as long as mageia ml are hosted |
56 |
# there. Hence the use of fallback_transport , but this is |
57 |
# taken in account only of local_recipient_maps is empty |
58 |
local_recipient_maps = |
59 |
# route ml to ryu ( ml being mageia-*@mageia ) |
60 |
fallback_transport_maps = regexp:/etc/postfix/transport_regexp |
61 |
|
62 |
# needed by sympa to handle bounce, according to the doc |
63 |
recipient_delimiter = + |
64 |
|
65 |
|
66 |
alias_maps = hash:/etc/postfix/aliases |
67 |
|
68 |
virtual_alias_maps = ldap:/etc/postfix/ldap_aliases.conf |
69 |
ldap:/etc/postfix/group_aliases.conf |
70 |
hash:/etc/postfix/virtual_aliases |
71 |
<%- if classes.include?('sympa::server') -%> |
72 |
regexp:/etc/postfix/sympa_aliases |
73 |
<%- end -%> |
74 |
<%- end -%> |
75 |
|
76 |
|
77 |
<%- if all_tags.include?('postfix::server') -%> |
78 |
transport_maps = regexp:/etc/postfix/transport_regexp |
79 |
content_filter = smtp-filter:[127.0.0.1]:10025 |
80 |
<%- end -%> |
81 |
|
82 |
<%- if classes.include?('sympa::server') -%> |
83 |
sympa_destination_recipient_limit = 1 |
84 |
sympabounce_destination_recipient_limit = 1 |
85 |
<%- end -%> |
86 |
|
87 |
#delay_warning_time = 4h |
88 |
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Mandriva Linux) |
89 |
unknown_local_recipient_reject_code = 450 |
90 |
smtp-filter_destination_concurrency_limit = 2 |
91 |
lmtp-filter_destination_concurrency_limit = 2 |
92 |
# disabled for the time being, as the certificate do not exist |
93 |
# FIXME create the cert in puppet |
94 |
smtpd_use_tls = no |
95 |
#smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem |
96 |
#smtpd_tls_key_file = /etc/pki/tls/private/postfix.pem |
97 |
#smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt |
98 |
|
99 |
<%- if all_tags.include?('postfix::server') -%> |
100 |
smtpd_etrn_restrictions = reject |
101 |
|
102 |
smtpd_helo_required = yes |
103 |
|
104 |
smtpd_data_restrictions = permit_mynetworks |
105 |
reject_unauth_pipelining |
106 |
reject_multi_recipient_bounce |
107 |
|
108 |
smtpd_recipient_restrictions = reject_non_fqdn_recipient |
109 |
reject_non_fqdn_sender |
110 |
# not done yet, not sure if we need to offer this kind of service |
111 |
# permit_sasl_authenticated |
112 |
permit_mynetworks |
113 |
reject_unauth_destination |
114 |
reject_non_fqdn_helo_hostname |
115 |
reject_unknown_sender_domain |
116 |
reject_unknown_client |
117 |
<%- if classes.include?('postgrey') -%> |
118 |
check_policy_service unix:extern/postgrey/socket |
119 |
<%- end -%> |
120 |
<%- end -%> |
121 |
|