From 838a98f7e3d87f68b41a1a7196c98ceaad3f3890 Mon Sep 17 00:00:00 2001 From: Markus Hauschild Date: Fri, 8 Apr 2016 07:42:21 +0200 Subject: [PATCH] Update mail configs (greylisting, minor fixes). --- roles/mail/tasks/main.yml | 2 +- roles/mail/templates/postfix/main.cf.j2 | 13 +++++-------- roles/mail/templates/postfix/master.cf.j2 | 3 +-- 3 files changed, 7 insertions(+), 11 deletions(-) diff --git a/roles/mail/tasks/main.yml b/roles/mail/tasks/main.yml index b68dbc6..9be68f9 100644 --- a/roles/mail/tasks/main.yml +++ b/roles/mail/tasks/main.yml @@ -143,7 +143,7 @@ - default/spamassassin - name: Configure certificate manager - template: src=certs.j2 dest=/etc/acme/domains.d/{{ ansible_fqdn }}_mail.conf + template: src=certs.j2 dest=/etc/acme/domains.d/{{ mail_server }}_mail.conf - name: Configure certificate manager for mailman template: src=mailman/certs.j2 dest=/etc/acme/domains.d/{{ mailman_domain }}_mailman.conf diff --git a/roles/mail/templates/postfix/main.cf.j2 b/roles/mail/templates/postfix/main.cf.j2 index e4dd850..6e4839b 100644 --- a/roles/mail/templates/postfix/main.cf.j2 +++ b/roles/mail/templates/postfix/main.cf.j2 @@ -58,19 +58,16 @@ smtpd_helo_restrictions = permit_mynetworks smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination + reject_rbl_client sbl.spamhaus.org + reject_rbl_client cbl.abuseat.org check_recipient_access hash:/etc/postfix/recipient_access smtpd_data_restrictions = warn_if_reject reject_unauth_pipelining -smtpd_restriction_classes = rbl, rblgrey +smtpd_restriction_classes = greylisting -rbl = reject_rbl_client sbl.spamhaus.org - reject_rbl_client cbl.abuseat.org - -rblgrey = reject_rbl_client sbl.spamhaus.org - reject_rbl_client cbl.abuseat.org - check_policy_service unix:private/spfpolicy - check_policy_service inet:127.0.0.1:10023 +greylisting = check_policy_service unix:private/spfpolicy + check_policy_service inet:127.0.0.1:10023 content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings diff --git a/roles/mail/templates/postfix/master.cf.j2 b/roles/mail/templates/postfix/master.cf.j2 index 4cf3f8e..012f139 100644 --- a/roles/mail/templates/postfix/master.cf.j2 +++ b/roles/mail/templates/postfix/master.cf.j2 @@ -119,8 +119,7 @@ bsmtp unix - n n - - pipe scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe - flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py - ${nexthop} ${user} + flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} # dovecot dovecot unix - n n - - pipe