class nodo::mail { # Class for mail nodes $mail_host = true $postfix_relayhost = "$domain" $postfix_smtp_listen = "$ipaddress" $postfix_mydestination = "\$myorigin" include nodo::vserver include postfix::mta include database # The needed packages package { [ 'postfix-mysql', 'dovecot-imapd', 'maildrop' ]: ensure => installed, } package { [ 'libauthen-sasl-cyrus-perl', 'libpam-mysql', 'libsasl2-modules', 'libsasl2-modules-sql', 'libgsasl7', 'sasl2-bin' ]: ensure => installed, } package { [ 'postgrey', 'amavisd-new', 'spamassassin', 'spamc' ]: ensure => installed, } package { [ 'clamav-base', 'clamav-daemon', 'clamav-freshclam' ]: ensure => installed, } package { [ 'squirrelmail', 'squirrelmail-secure-login', 'squirrelmail-locales' ]: ensure => installed, } # Postfix configuration postfix::config { "myhostname": value => "$fqdn" } postfix::config { "mailbox_command": value => '/usr/bin/maildrop -d ${USER}' } # SASL postfix::config { "smtpd_sasl_auth_enable": value => 'yes' } postfix::config { "smtpd_sasl_local_domain": value => '$myhostname' } postfix::config { "smtpd_sasl_security_options": value => 'noanonymous' } postfix::config { "broken_sasl_auth_clients": value => 'yes' } postfix::config { "smtpd_sasl_authenticated_header": value => 'yes' } # Recipient restrictions postfix::config { "smtpd_recipient_restrictions": value => 'permit_mynetworks, \ permit_sasl_authenticated, \ reject_unauth_destination, \ reject_rbl_client psbl.surriel.com, \ check_policy_service inet:127.0.0.1:10023' } }