Commit 2ca9cc88 authored by Christopher Huhn's avatar Christopher Huhn
Browse files

Update postfixs main.cf from Debian Buster default, fixes #20

parent 6d697907
......@@ -16,4 +16,4 @@ supports 'debian'
depends 'line', '< 1.0'
depends 'chef-vault'
version '1.61.4'
version '1.61.5'
<%= template_header %>
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = <%= node['fqdn'] %>
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_alias_maps = hash:/etc/postfix/virtual
myorigin = /etc/mailname
mydestination = <%= node['fqdn'] %>, localhost.<%= node['domain'] %>, localhost <%= @mydestination ? ", #{@mydestination}" : '' %>
<%# TODO: no MX lookups as long as brackets are hard-coded here -%>
relayhost = [<%= @relay %>]
<%= "relay_domains = #{@relay_domains.join(', ')}" if @relay_domains %>
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 <%= @mynetworks %>
mailbox_size_limit = 0
<%= "message_size_limit = #{@message_size_limit}" if @message_size_limit %>
recipient_delimiter = +
<%= @default_privs ? "default_privs = #{@default_privs}\n" : '' -%>
<%- if @export_environment -%>
export_environment = <%= @export_environment.join(' ') %>
<%- end -%>
# listen for remote connections?
inet_interfaces = <%= @inet_interfaces || @mynetworks?'all':'loopback-only' %>
<%- if @ipv4_only -%>
inet_protocols = ipv4
<%- end -%>
# Seems to be missing since the start of time but is crucial to make e.g. "date | mail -s blabla7 troth" work
recipient_canonical_maps = hash:/etc/postfix/canonical
<%= template_header %>
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = <%= node['fqdn'] %>
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_alias_maps = hash:/etc/postfix/virtual
myorigin = /etc/mailname
mydestination = <%= node['fqdn'] %>, localhost.<%= node['domain'] %>, localhost <%= @mydestination ? ", #{@mydestination}" : '' %>
<%# TODO: no MX lookups as long as brackets are hard-coded here -%>
relayhost = [<%= @relay %>]
<%= "relay_domains = #{@relay_domains.join(', ')}" if @relay_domains %>
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 <%= @mynetworks %>
mailbox_size_limit = 0
<%= "message_size_limit = #{@message_size_limit}" if @message_size_limit %>
recipient_delimiter = +
<%= @default_privs ? "default_privs = #{@default_privs}\n" : '' -%>
<%- if @export_environment -%>
export_environment = <%= @export_environment.join(' ') %>
<%- end -%>
# listen for remote connections?
inet_interfaces = <%= @inet_interfaces || @mynetworks?'all':'loopback-only' %>
<%- if @ipv4_only -%>
inet_protocols = ipv4
<%- end -%>
# Seems to be missing since the start of time but is crucial to make e.g. "date | mail -s blabla7 troth" work
recipient_canonical_maps = hash:/etc/postfix/canonical
<%= template_header %>
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = <%= node['fqdn'] %>
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_alias_maps = hash:/etc/postfix/virtual
myorigin = /etc/mailname
mydestination = <%= node['fqdn'] %>, localhost.<%= node['domain'] %>, localhost <%= @mydestination ? ", #{@mydestination}" : '' %>
<%# TODO: no MX lookups as long as brackets are hard-coded here -%>
relayhost = [<%= @relay %>]
<%= "relay_domains = #{@relay_domains.join(', ')}" if @relay_domains %>
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 <%= @mynetworks %>
mailbox_size_limit = 0
<%= "message_size_limit = #{@message_size_limit}" if @message_size_limit %>
recipient_delimiter = +
<%= @default_privs ? "default_privs = #{@default_privs}\n" : '' -%>
<%- if @export_environment -%>
export_environment = <%= @export_environment.join(' ') %>
<%- end -%>
# listen for remote connections?
inet_interfaces = <%= @inet_interfaces || @mynetworks?'all':'loopback-only' %>
<%- if @ipv4_only -%>
inet_protocols = ipv4
<%- end -%>
# Seems to be missing since the start of time but is crucial to make e.g. "date | mail -s blabla7 troth" work
recipient_canonical_maps = hash:/etc/postfix/canonical
......@@ -18,6 +18,10 @@ append_dot_mydomain = no
readme_directory = no
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
......@@ -28,6 +32,7 @@ readme_directory = no
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = <%= node['fqdn'] %>
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
......@@ -52,5 +57,5 @@ inet_interfaces = <%= @inet_interfaces || @mynetworks?'all':'loopback-only' %>
inet_protocols = ipv4
<%- end -%>
# Seems to be missing since the start of time but is crucial to make e.g. "date | mail -s blabla7 troth" work
<%# crucial to make e.g. "date | mail -s blabla7 userid" work: -%>
recipient_canonical_maps = hash:/etc/postfix/canonical
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment