From df3f691a00149cd38fb1ffc68d73588f6f7c8d81 Mon Sep 17 00:00:00 2001 From: Alexander Christoph Bihlmaier Date: Wed, 30 Oct 2019 13:11:12 +0100 Subject: [PATCH 1/4] add support for Suse --- vars/Suse.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 vars/Suse.yml diff --git a/vars/Suse.yml b/vars/Suse.yml new file mode 100644 index 0000000..e3ecdd9 --- /dev/null +++ b/vars/Suse.yml @@ -0,0 +1,10 @@ +--- +# vars file for arillso.postfix + +postfix_packages: + - postfix + - cyrus-sasl-plain + - cyrus-sasl + - mailx + +psotfix_daemon_directory: /usr/libexec/postfix From e9d54a3a01688da0a5cfa300282c0d68e8aafcd2 Mon Sep 17 00:00:00 2001 From: Alexander Christoph Bihlmaier Date: Tue, 14 Jan 2020 08:19:15 +0100 Subject: [PATCH 2/4] changed defaults --- defaults/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 1559388..b5b3d38 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -20,10 +20,10 @@ postfix_mydestination: - localhost postfix_relayhost: -postfix_relayhost_port: +postfix_relayhost_port: 25 postfix_relaytls: true -postfix_sasl_auth_enable: true -postfix_sasl_user: +postfix_sasl_auth_enable: false +postfix_sasl_user: false postfix_sasl_password: postfix_sasl_security_options: noanonymous From 6a31e72e09999959e4b224ebb0dea96c2dc6f5c0 Mon Sep 17 00:00:00 2001 From: Alexander Christoph Bihlmaier Date: Tue, 14 Jan 2020 08:19:57 +0100 Subject: [PATCH 3/4] creating /etc/postfix/sasl_passwd when sasl is configured --- tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 894da31..69ddeb3 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -37,12 +37,12 @@ - name: configure sasl username/password become: true template: - src: sasl_passwd.j2 - dest: /etc/postfix/sasl_passwd - owner: root - group: root - mode: 0600 - when: postfix_relayhost != false + src: sasl_passwd.j2 + dest: /etc/postfix/sasl_passwd + owner: root + group: root + mode: 0600 + when: postfix_sasl_user != false notify: - postmap sasl_passwd - restart postfix From 10f6bc4627e159f70729af04bac9556a9bae4cc4 Mon Sep 17 00:00:00 2001 From: Alexander Christoph Bihlmaier Date: Tue, 14 Jan 2020 08:20:26 +0100 Subject: [PATCH 4/4] introduce smtpd_recipient_restrictions --- templates/main.cf.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/templates/main.cf.j2 b/templates/main.cf.j2 index 33e2b4c..582a6b0 100644 --- a/templates/main.cf.j2 +++ b/templates/main.cf.j2 @@ -1,7 +1,7 @@ # {{ ansible_managed }} disable_vrfy_command = {{ postfix_disable_vrfy_command }} -# smtpd_banner = $myhostname ESMTP $mail_name +smtpd_banner = $myhostname ESMTP biff = no # appending .domain is the MUA's job. @@ -52,6 +52,8 @@ debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 +smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination + {% if postfix_relayhost %} relayhost = [{{ postfix_relayhost }}]:{{ postfix_relayhost_port }} {% if postfix_sasl_auth_enable %} @@ -64,4 +66,4 @@ smtp_tls_security_level = encrypt smtp_tls_note_starttls_offer = yes {% endif %} {% endif %} -{% endif %} \ No newline at end of file +{% endif %}