diff options
Diffstat (limited to 'templates/etc/postfix')
-rw-r--r-- | templates/etc/postfix/main.cf.j2 | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/templates/etc/postfix/main.cf.j2 b/templates/etc/postfix/main.cf.j2 new file mode 100644 index 0000000..9557cc4 --- /dev/null +++ b/templates/etc/postfix/main.cf.j2 @@ -0,0 +1,47 @@ +######################################################################## +# Nullmailer configuration + +smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) +biff = no +readme_directory = no + +compatibility_level = 3.6 +smtputf8_enable = no + +myorigin = /etc/mailname +myhostname = {{ ansible_fqdn }} +mydomain = {{ ansible_domain }} +append_dot_mydomain = no + +# This server is for internal use only +mynetworks_style = host +inet_interfaces = loopback-only + +# No local delivery +mydestination = +local_transport = error:5.1.1 Mailbox unavailable +alias_maps = +local_recipient_maps = + +# All aliases are virtual +virtual_alias_maps = hash:/etc/aliases +alias_database = $virtual_alias_maps +mailbox_size_limit = 0 + +# Forward everything to our internal outgoing proxy +# TODO: User relay-smtps on 465/tcp once Hetzner opens it +relay_domains = +relayhost = [smtp.guilhem.org]:587 +default_transport = relay + +smtpd_tls_security_level = none +smtp_tls_exclude_ciphers = EXPORT, LOW, MEDIUM, aNULL, eNULL, DES, RC4, MD5 +smtp_tls_security_level = may +smtp_tls_note_starttls_offer = yes +smtp_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem +smtp_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key +smtp_tls_CApath = /etc/ssl/certs +smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache +smtp_tls_policy_maps = hash:$config_directory/tls_policy +smtp_tls_fingerprint_digest = sha256 +smtp_tls_loglevel = 1 |