/[adm]/puppet/modules/postfix/templates/main.cf
ViewVC logotype

Contents of /puppet/modules/postfix/templates/main.cf

Parent Directory Parent Directory | Revision Log Revision Log


Revision 2739 - (show annotations) (download)
Wed Apr 18 14:52:42 2012 UTC (11 years, 11 months ago) by boklm
File size: 3971 byte(s)
update distribution name in smtpd banner
1 # Please be sure to read the /usr/share/doc/postfix/README.MDK file
2 # to learn about differences from stock postfix to Mandriva package.
3 # This file contains only the parameters changed from a default install
4 # see /etc/postfix/main.cf.dist for a commented, fuller version of this file.
5
6
7 # These are changed by postfix install script
8 readme_directory = /usr/share/doc/postfix/README_FILES
9 html_directory = /usr/share/doc/postfix/html
10 sendmail_path = /usr/sbin/sendmail.postfix
11 setgid_group = postdrop
12 command_directory = /usr/sbin
13 manpage_directory = /usr/share/man
14 daemon_directory = <%= lib_dir %>/postfix/
15 data_directory = /var/lib/postfix
16 newaliases_path = /usr/bin/newaliases
17 mailq_path = /usr/bin/mailq
18 queue_directory = /var/spool/postfix
19 mail_owner = postfix
20
21 # User configurable parameters
22
23 <% if all_tags.include?('postfix::simple_relay') %>
24 inet_interfaces = localhost
25 <% else %>
26 inet_interfaces = all
27 <% end %>
28
29 inet_protocols = all
30 mynetworks_style = host
31 myhostname = <%= fqdn %>
32 mydomain = <%= domain %>
33 myorigin = $mydomain
34 <%- if all_tags.include?('postfix::server::secondary') -%>
35 relay_domains = <%= domain %>,
36 ml.<%= domain %>,
37 group.<%= domain %>
38 <%- end -%>
39
40 mydestination = <%= fqdn %>
41 <%- if classes.include?('sympa::server') -%>
42 ml.<%= domain %>
43 <%- end -%>
44
45 <%- if all_tags.include?('postfix::server::primary') -%>
46
47 virtual_mailbox_domains = <%= domain %>,
48 group.<%= domain %>
49
50 # postfix complain if not set
51 # Mar 22 23:51:20 alamut postfix/virtual[22952]: fatal: bad string length 0 < 1: virtual_mailbox_base =
52 virtual_mailbox_base = /var/lib/mail
53
54 # local_recipient_maps is disabled, as we need to route all
55 # non local email to ryu as long as mageia ml are hosted
56 # there. Hence the use of fallback_transport , but this is
57 # taken in account only of local_recipient_maps is empty
58 local_recipient_maps =
59 # route ml to ryu ( ml being mageia-*@mageia )
60 fallback_transport_maps = regexp:/etc/postfix/transport_regexp
61
62 # needed by sympa to handle bounce, according to the doc
63 recipient_delimiter = +
64
65
66 alias_maps = hash:/etc/postfix/aliases
67
68 virtual_alias_maps = ldap:/etc/postfix/ldap_aliases.conf
69 ldap:/etc/postfix/group_aliases.conf
70 hash:/etc/postfix/virtual_aliases
71 <%- if classes.include?('sympa::server') -%>
72 regexp:/etc/postfix/sympa_aliases
73 <%- end -%>
74 <%- end -%>
75
76
77 <%- if all_tags.include?('postfix::server') -%>
78 transport_maps = regexp:/etc/postfix/transport_regexp
79 content_filter = smtp-filter:[127.0.0.1]:10025
80 <%- end -%>
81
82 <%- if classes.include?('sympa::server') -%>
83 sympa_destination_recipient_limit = 1
84 sympabounce_destination_recipient_limit = 1
85 <%- end -%>
86
87 #delay_warning_time = 4h
88 smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (<%= lsbdistid %>)
89 unknown_local_recipient_reject_code = 450
90 smtp-filter_destination_concurrency_limit = 2
91 lmtp-filter_destination_concurrency_limit = 2
92 # disabled for the time being, as the certificate do not exist
93 # FIXME create the cert in puppet
94 smtpd_use_tls = no
95 #smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
96 #smtpd_tls_key_file = /etc/pki/tls/private/postfix.pem
97 #smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
98
99 <%- if all_tags.include?('postfix::server') -%>
100 smtpd_etrn_restrictions = reject
101
102 smtpd_helo_required = yes
103
104 smtpd_data_restrictions = permit_mynetworks
105 reject_unauth_pipelining
106 reject_multi_recipient_bounce
107
108 smtpd_recipient_restrictions = reject_non_fqdn_recipient
109 reject_non_fqdn_sender
110 # not done yet, not sure if we need to offer this kind of service
111 # permit_sasl_authenticated
112 permit_mynetworks
113 reject_unauth_destination
114 reject_non_fqdn_helo_hostname
115 reject_unknown_sender_domain
116 reject_unknown_client
117 <%- if classes.include?('postgrey') -%>
118 check_policy_service unix:extern/postgrey/socket
119 <%- end -%>
120 <%- end -%>
121

  ViewVC Help
Powered by ViewVC 1.1.30