30 lines
1.5 KiB
Django/Jinja
30 lines
1.5 KiB
Django/Jinja
# SPDX-License-Identifier: MIT
|
|
# Per 'man 5 postconfig': When the same parameter is defined multiple
|
|
# times, only the last instance is remembered.
|
|
#
|
|
# While that's true we still do not want to duplicate params that
|
|
# originally exist in main.cf. If we did and inevitably set our params
|
|
# to different values than the default main.cf params Postfix tools such
|
|
# as mailq/sendmail, postqueue etc. would warn us that we're duplicating
|
|
# and reconfiguring params multiple times. Tools would begin reporting
|
|
# 'warning: main.cf, line <n>: overriding earlier entry'. This is a
|
|
# useful feature for when some config /actually/ goes wrong so we don't
|
|
# want to contaminate troubleshooting by forcing this behavior with our
|
|
# Ansible-managed config.
|
|
#
|
|
# For each of the params below we've gone ahead and commented out the
|
|
# same param where it appeared before this Ansible-managed config block.
|
|
# That way we're avoiding param duplicates.
|
|
myhostname = {{ ansible_fqdn }}
|
|
mydestination = $myhostname, localhost.$mydomain, localhost
|
|
inet_interfaces = loopback-only
|
|
relayhost = [{{ somta__e_mail_default_sender_submission_server_fqdn }}]:{{ somta__e_mail_default_sender_submission_server_port }}
|
|
sender_canonical_classes = envelope_sender, header_sender
|
|
sender_canonical_maps = pcre:/etc/postfix/sender_canonical_maps
|
|
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
|
|
smtp_sasl_auth_enable = yes
|
|
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
|
|
smtp_sasl_tls_security_options = noanonymous
|
|
smtp_tls_security_level = encrypt
|
|
# debug_peer_list = example.com, mail.example.net, 1.2.3.4
|