Rename variable to make it's purpose clearer
This commit is contained in:
parent
73de99bbda
commit
5ef68a7f78
3 changed files with 18 additions and 16 deletions
|
|
@ -47,6 +47,7 @@
|
||||||
- sender_checks
|
- sender_checks
|
||||||
- transport_global_exceptions
|
- transport_global_exceptions
|
||||||
- transport_relay
|
- transport_relay
|
||||||
|
- virtual_domains
|
||||||
notify: reload postfix
|
notify: reload postfix
|
||||||
|
|
||||||
- name: "Postfix | Run postmap"
|
- name: "Postfix | Run postmap"
|
||||||
|
|
@ -63,6 +64,7 @@
|
||||||
- file: relay_checks
|
- file: relay_checks
|
||||||
- file: sender_checks
|
- file: sender_checks
|
||||||
- file: transport_relay
|
- file: transport_relay
|
||||||
|
- file: virtual_domains
|
||||||
|
|
||||||
- name: "Postfix | Create dhparam file"
|
- name: "Postfix | Create dhparam file"
|
||||||
community.crypto.openssl_dhparam:
|
community.crypto.openssl_dhparam:
|
||||||
|
|
|
||||||
|
|
@ -128,7 +128,7 @@ smtp_sasl_security_options = noanonymous
|
||||||
#### Postscreen
|
#### Postscreen
|
||||||
postscreen_access_list =
|
postscreen_access_list =
|
||||||
permit_mynetworks
|
permit_mynetworks
|
||||||
cidr:/etc/postfix/conf.d/postscreen_access.cidr
|
cidr:{{ postfix_conf_dir }}/postscreen_access.cidr
|
||||||
postscreen_blacklist_action = drop
|
postscreen_blacklist_action = drop
|
||||||
|
|
||||||
# Pregreeting
|
# Pregreeting
|
||||||
|
|
@ -157,7 +157,7 @@ smtpd_restriction_classes = permit_login_mismatch
|
||||||
smtpd_client_restrictions =
|
smtpd_client_restrictions =
|
||||||
permit_mynetworks,
|
permit_mynetworks,
|
||||||
permit_sasl_authenticated,
|
permit_sasl_authenticated,
|
||||||
check_client_access cdb:/etc/postfix/conf.d/client_checks,
|
check_client_access cdb:{{ postfix_conf_dir }}/client_checks,
|
||||||
reject_unknown_client_hostname,
|
reject_unknown_client_hostname,
|
||||||
permit
|
permit
|
||||||
|
|
||||||
|
|
@ -168,28 +168,28 @@ smtpd_helo_required = yes
|
||||||
smtpd_helo_restrictions =
|
smtpd_helo_restrictions =
|
||||||
permit_mynetworks,
|
permit_mynetworks,
|
||||||
permit_sasl_authenticated,
|
permit_sasl_authenticated,
|
||||||
check_helo_access pcre:/etc/postfix/conf.d/helo_checks,
|
check_helo_access pcre:{{ postfix_conf_dir }}/helo_checks,
|
||||||
reject_non_fqdn_helo_hostname,
|
reject_non_fqdn_helo_hostname,
|
||||||
reject_invalid_helo_hostname,
|
reject_invalid_helo_hostname,
|
||||||
permit
|
permit
|
||||||
|
|
||||||
smtpd_sender_restrictions =
|
smtpd_sender_restrictions =
|
||||||
permit_mynetworks,
|
permit_mynetworks,
|
||||||
check_sender_access cdb:/etc/postfix/conf.d/sender_checks,
|
check_sender_access cdb:{{ postfix_conf_dir }}/sender_checks,
|
||||||
reject_non_fqdn_sender,
|
reject_non_fqdn_sender,
|
||||||
reject_unknown_sender_domain,
|
reject_unknown_sender_domain,
|
||||||
check_sender_mx_access cidr:/etc/postfix/conf.d/bogus_mx,
|
check_sender_mx_access cidr:{{ postfix_conf_dir }}/bogus_mx,
|
||||||
#Uncomment the next two lines to block mails from other servers with our domain as MAIL FROM
|
#Uncomment the next two lines to block mails from other servers with our domain as MAIL FROM
|
||||||
#permit_sasl_authenticated,
|
#permit_sasl_authenticated,
|
||||||
#check_sender_access hash:/etc/postfix/conf.d/sender_checks_domain,
|
#check_sender_access hash:{{ postfix_conf_dir }}/sender_checks_domain,
|
||||||
permit
|
permit
|
||||||
|
|
||||||
{% if postfix_submission is defined and postfix_submission %}
|
{% if postfix_submission is defined and postfix_submission %}
|
||||||
# Restrictions for submission port
|
# Restrictions for submission port
|
||||||
mua_sender_restrictions =
|
mua_sender_restrictions =
|
||||||
check_sasl_access cdb:/etc/postfix/conf.d/permit_sasl_login_mismatch,
|
check_sasl_access cdb:{{ postfix_conf_dir }}/permit_sasl_login_mismatch,
|
||||||
permit_mynetworks,
|
permit_mynetworks,
|
||||||
check_sender_access cdb:/etc/postfix/conf.d/sender_checks,
|
check_sender_access cdb:{{ postfix_conf_dir }}/sender_checks,
|
||||||
reject_non_fqdn_sender,
|
reject_non_fqdn_sender,
|
||||||
reject_unknown_sender_domain,
|
reject_unknown_sender_domain,
|
||||||
reject_sender_login_mismatch,
|
reject_sender_login_mismatch,
|
||||||
|
|
@ -204,13 +204,13 @@ permit_login_mismatch =
|
||||||
|
|
||||||
{% if postfix_submission is defined and postfix_submission %}
|
{% if postfix_submission is defined and postfix_submission %}
|
||||||
submission_bad_smtp_user_check =
|
submission_bad_smtp_user_check =
|
||||||
check_sasl_access cdb:/etc/postfix/conf.d/bad_smtp_auth_users
|
check_sasl_access cdb:{{ postfix_conf_dir }}/bad_smtp_auth_users
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
smtpd_relay_restrictions =
|
smtpd_relay_restrictions =
|
||||||
permit_mynetworks,
|
permit_mynetworks,
|
||||||
permit_sasl_authenticated,
|
permit_sasl_authenticated,
|
||||||
check_client_access cdb:/etc/postfix/conf.d/relay_checks,
|
check_client_access cdb:{{ postfix_conf_dir }}/relay_checks,
|
||||||
reject_unauth_destination
|
reject_unauth_destination
|
||||||
|
|
||||||
smtpd_recipient_restrictions =
|
smtpd_recipient_restrictions =
|
||||||
|
|
@ -227,7 +227,7 @@ unverified_recipient_reject_code = 550
|
||||||
|
|
||||||
smtpd_data_restrictions =
|
smtpd_data_restrictions =
|
||||||
reject_multi_recipient_bounce,
|
reject_multi_recipient_bounce,
|
||||||
check_recipient_access pcre:/etc/postfix/conf.d/header_add,
|
check_recipient_access pcre:{{ postfix_conf_dir }}/header_add,
|
||||||
|
|
||||||
### Connection limits
|
### Connection limits
|
||||||
smtpd_client_connection_rate_limit = 100
|
smtpd_client_connection_rate_limit = 100
|
||||||
|
|
@ -240,7 +240,7 @@ default_destination_rate_delay = 60s
|
||||||
default_destination_recipient_limit = 1
|
default_destination_recipient_limit = 1
|
||||||
default_destination_concurrency_failed_cohort_limit = 10
|
default_destination_concurrency_failed_cohort_limit = 10
|
||||||
|
|
||||||
header_checks = pcre:/etc/postfix/conf.d/header_checks
|
header_checks = pcre:{{ postfix_conf_dir }}/header_checks
|
||||||
|
|
||||||
### Spam and DKIM
|
### Spam and DKIM
|
||||||
{% if postfix_smtpd_milters is defined %}
|
{% if postfix_smtpd_milters is defined %}
|
||||||
|
|
|
||||||
|
|
@ -38,8 +38,8 @@ submission inet n - y - - smtpd
|
||||||
{% endif %}
|
{% endif %}
|
||||||
-o smtpd_sender_restrictions=$mua_sender_restrictions
|
-o smtpd_sender_restrictions=$mua_sender_restrictions
|
||||||
-o cleanup_service_name=subclean
|
-o cleanup_service_name=subclean
|
||||||
{% if postfix_submission_alternative_port is defined %}
|
{% if postfix_submission_non_tls_port is defined %}
|
||||||
{{ postfix_submission_alternative_port }} inet n - y - - smtpd
|
{{ postfix_submission_non_tls_port }} inet n - y - - smtpd
|
||||||
-o syslog_name=postfix/submission-local
|
-o syslog_name=postfix/submission-local
|
||||||
-o smtpd_tls_security_level=none
|
-o smtpd_tls_security_level=none
|
||||||
-o smtpd_client_restrictions=permit_mynetworks,reject
|
-o smtpd_client_restrictions=permit_mynetworks,reject
|
||||||
|
|
@ -82,9 +82,9 @@ postlog unix-dgram n - n - 1 postlogd
|
||||||
|
|
||||||
# Outbound: Remove sensible headers
|
# Outbound: Remove sensible headers
|
||||||
subclean unix n - y - 0 cleanup
|
subclean unix n - y - 0 cleanup
|
||||||
-o header_checks=regexp:/etc/postfix/conf.d/header_treatment
|
-o header_checks=regexp:{{ postfix_conf_dir }}/header_treatment
|
||||||
|
|
||||||
# Inbound: Remove some headers
|
# Inbound: Remove some headers
|
||||||
smtpd-in unix n - y - 0 cleanup
|
smtpd-in unix n - y - 0 cleanup
|
||||||
-o syslog_name=postfix/smtpd-in
|
-o syslog_name=postfix/smtpd-in
|
||||||
-o header_checks=pcre:/etc/postfix/conf.d/header_checks_inbound
|
-o header_checks=pcre:{{ postfix_conf_dir }}/header_checks_inbound
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue