diff options
| -rw-r--r-- | README | 4 | ||||
| -rw-r--r-- | manifests/config.pp | 1 | ||||
| -rw-r--r-- | manifests/header_checks_snippet.pp | 21 | ||||
| -rw-r--r-- | manifests/init.pp | 6 | ||||
| -rw-r--r-- | manifests/transport_regexp.pp | 55 | ||||
| -rw-r--r-- | manifests/transport_regexp_snippet.pp | 67 | ||||
| -rw-r--r-- | manifests/virtual_regexp.pp | 55 | ||||
| -rw-r--r-- | manifests/virtual_regexp_snippet.pp | 67 | ||||
| -rw-r--r-- | templates/master.cf.debian-etch.erb | 24 | ||||
| -rw-r--r-- | templates/master.cf.debian-lenny.erb | 28 | ||||
| -rw-r--r-- | templates/master.cf.debian-sid.erb | 26 | ||||
| -rw-r--r-- | templates/master.cf.debian-squeeze.erb | 29 | ||||
| -rw-r--r-- | templates/master.cf.debian-wheezy.erb | 28 | ||||
| -rw-r--r-- | templates/master.cf.redhat5.erb | 18 |
14 files changed, 366 insertions, 63 deletions
@@ -18,6 +18,10 @@ Config unless you are anonymizing your logs. - set $postfix_manage_header_checks="yes" to manage header checks (see postfix::header_checks for details) +- set $postfix_manage_transport_regexp="yes" to manage header checks (see + postfix::transport_regexp for details) +- set $postfix_manage_virtual_regexp="yes" to manage header checks (see + postfix::virtual_regexp for details) - set $postfix_manage_tls_policy="yes" to manage TLS policy (see postfix::tlspolicy for details) - by default, postfix will bind to all interfaces, but sometimes you don't want diff --git a/manifests/config.pp b/manifests/config.pp index 8e203a6..7b27053 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -37,6 +37,7 @@ define postfix::config ($ensure = present, $value, $nonstandard = false) { false => "test \"x$(postconf -h ${name})\" = 'x${value}'", true => "test \"x$(egrep '^${name} ' /etc/postfix/main.cf | cut -d= -f2 | cut -d' ' -f2)\" = 'x${value}'", }, + path => "/usr/bin:/usr/sbin/:/bin:/sbin", notify => Service["postfix"], require => File["/etc/postfix/main.cf"], } diff --git a/manifests/header_checks_snippet.pp b/manifests/header_checks_snippet.pp index 91d7501..454d219 100644 --- a/manifests/header_checks_snippet.pp +++ b/manifests/header_checks_snippet.pp @@ -15,7 +15,7 @@ Example usage: node "toto.example.com" { include postfix - postfix::header_checks_snippet { + postfix::header_checks { 'wrong_date': content => 'FIXME'; 'bla': source => 'puppet:///files/etc/postfix/header_checks.d/bla'; } @@ -37,22 +37,29 @@ define postfix::header_checks_snippet ( fail("Only one of \$source or \$content must specified for postfix::header_checks_snippet ${name}") } - include postfix::header_checks + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::header_checks_snippet define with ensure=present.") + } - $fragment = "postfix_header_checks_${name}" + include postfix::header_checks - concat::fragment { "$fragment": + $snippetfile = "${postfix::header_checks::postfix_header_checks_snippets_dir}/${name}" + + file { "$snippetfile": ensure => "$ensure", - target => '/etc/postfix/header_checks', + mode => 600, + owner => root, + group => 0, + notify => Exec["concat_${postfix::header_checks::postfix_merged_header_checks}"], } if $source { - Concat::Fragment["$fragment"] { + File["$snippetfile"] { source => $source, } } else { - Concat::Fragment["$fragment"] { + File["$snippetfile"] { content => $content, } } diff --git a/manifests/init.pp b/manifests/init.pp index 6d16efc..5b04a0f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -88,6 +88,12 @@ class postfix { if $postfix_use_amavisd == 'yes' { include postfix::amavis } + if $postfix_manage_transport_regexp == 'yes' { + include postfix::transport_regexp + } + if $postfix_manage_virtual_regexp == 'yes' { + include postfix::virtual_regexp + } package { ["postfix", "mailx"]: ensure => installed diff --git a/manifests/transport_regexp.pp b/manifests/transport_regexp.pp new file mode 100644 index 0000000..924ae8a --- /dev/null +++ b/manifests/transport_regexp.pp @@ -0,0 +1,55 @@ +# +# == Class: postfix::transport_regexp +# +# Manages Postfix transport_regexp by merging snippets shipped: +# - in the module's files/transport_regexp.d/ or puppet:///files/etc/postfix/transport_regexp.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_transport_regexp_snippets_dir" +# bellow for details. +# - via postfix::transport_regexp_snippet defines +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_manage_transport_regexp = yes +# include postfix +# postfix::config { "transport_maps": +# value => "hash:/etc/postfix/transport, regexp:/etc/postfix/transport_regexp", +# } +# } +# +class postfix::transport_regexp { + + include common::moduledir + module_dir{'postfix/transport_regexp': } + + $postfix_transport_regexp_dir = "${common::moduledir::module_dir_path}/postfix/transport_regexp" + $postfix_transport_regexp_snippets_dir = "${postfix_transport_regexp_dir}/transport_regexp.d" + $postfix_merged_transport_regexp = "${postfix_transport_regexp_dir}/merged_transport_regexp" + + file {"$postfix_transport_regexp_snippets_dir": + ensure => 'directory', + owner => 'root', + group => '0', + mode => '700', + source => [ + "puppet:///modules/site-postfix/${fqdn}/transport_regexp.d", + "puppet:///modules/site-postfix/transport_regexp.d", + "puppet:///files/etc/postfix/transport_regexp.d", + "puppet:///modules/postfix/transport_regexp.d", + ], + recurse => true, + purge => false, + } + + concatenated_file { "$postfix_merged_transport_regexp": + dir => "${postfix_transport_regexp_snippets_dir}", + require => File["$postfix_transport_regexp_snippets_dir"], + } + + config_file { '/etc/postfix/transport_regexp': + source => "$postfix_merged_transport_regexp", + subscribe => File["$postfix_merged_transport_regexp"], + } + +} diff --git a/manifests/transport_regexp_snippet.pp b/manifests/transport_regexp_snippet.pp new file mode 100644 index 0000000..eb43c37 --- /dev/null +++ b/manifests/transport_regexp_snippet.pp @@ -0,0 +1,67 @@ +/* +== Definition: postfix::transport_regexp_snippet + +Adds a transport_regexp snippets to /etc/postfix/transport_regexp. +See the postfix::transport_regexp class for details. + +Parameters: +- *source* or *content*: source or content of the transport_regexp snippet +- *ensure*: present (default) or absent + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + include postfix + postfix::transport_regexp { + 'wrong_date': content => 'FIXME'; + 'bla': source => 'puppet:///files/etc/postfix/transport_regexp.d/bla'; + } + } + +*/ + +define postfix::transport_regexp_snippet ( + $ensure = "present", + $source = '', + $content = undef +) { + + if $source == '' and $content == undef { + fail("One of \$source or \$content must be specified for postfix::transport_regexp_snippet ${name}") + } + + if $source != '' and $content != undef { + fail("Only one of \$source or \$content must specified for postfix::transport_regexp_snippet ${name}") + } + + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::transport_regexp_snippet define with ensure=present.") + } + + include postfix::transport_regexp + + $snippetfile = "${postfix::transport_regexp::postfix_transport_regexp_snippets_dir}/${name}" + + file { "$snippetfile": + ensure => "$ensure", + mode => 600, + owner => root, + group => 0, + notify => Exec["concat_${postfix::transport_regexp::postfix_merged_transport_regexp}"], + } + + if $source { + File["$snippetfile"] { + source => $source, + } + } + else { + File["$snippetfile"] { + content => $content, + } + } + +} diff --git a/manifests/virtual_regexp.pp b/manifests/virtual_regexp.pp new file mode 100644 index 0000000..db41354 --- /dev/null +++ b/manifests/virtual_regexp.pp @@ -0,0 +1,55 @@ +# +# == Class: postfix::virtual_regexp +# +# Manages Postfix virtual_regexp by merging snippets shipped: +# - in the module's files/virtual_regexp.d/ or puppet:///files/etc/postfix/virtual_regexp.d +# (the latter takes precedence if present); site-postfix module is supported +# as well, see the source argument of file {"$postfix_virtual_regexp_snippets_dir" +# bellow for details. +# - via postfix::virtual_regexp_snippet defines +# +# Example usage: +# +# node "toto.example.com" { +# $postfix_manage_virtual_regexp = yes +# include postfix +# postfix::config { "virtual_alias_maps": +# value => 'hash://postfix/virtual, regexp:/etc/postfix/virtual_regexp', +# } +# } +# +class postfix::virtual_regexp { + + include common::moduledir + module_dir{'postfix/virtual_regexp': } + + $postfix_virtual_regexp_dir = "${common::moduledir::module_dir_path}/postfix/virtual_regexp" + $postfix_virtual_regexp_snippets_dir = "${postfix_virtual_regexp_dir}/virtual_regexp.d" + $postfix_merged_virtual_regexp = "${postfix_virtual_regexp_dir}/merged_virtual_regexp" + + file {"$postfix_virtual_regexp_snippets_dir": + ensure => 'directory', + owner => 'root', + group => '0', + mode => '700', + source => [ + "puppet:///modules/site-postfix/${fqdn}/virtual_regexp.d", + "puppet:///modules/site-postfix/virtual_regexp.d", + "puppet:///files/etc/postfix/virtual_regexp.d", + "puppet:///modules/postfix/virtual_regexp.d", + ], + recurse => true, + purge => false, + } + + concatenated_file { "$postfix_merged_virtual_regexp": + dir => "${postfix_virtual_regexp_snippets_dir}", + require => File["$postfix_virtual_regexp_snippets_dir"], + } + + config_file { '/etc/postfix/virtual_regexp': + source => "$postfix_merged_virtual_regexp", + subscribe => File["$postfix_merged_virtual_regexp"], + } + +} diff --git a/manifests/virtual_regexp_snippet.pp b/manifests/virtual_regexp_snippet.pp new file mode 100644 index 0000000..b4515b4 --- /dev/null +++ b/manifests/virtual_regexp_snippet.pp @@ -0,0 +1,67 @@ +/* +== Definition: postfix::virtual_regexp_snippet + +Adds a virtual_regexp snippets to /etc/postfix/virtual_regexp. +See the postfix::virtual_regexp class for details. + +Parameters: +- *source* or *content*: source or content of the virtual_regexp snippet +- *ensure*: present (default) or absent + +Requires: +- Class["postfix"] + +Example usage: + + node "toto.example.com" { + include postfix + postfix::virtual_regexp { + 'wrong_date': content => 'FIXME'; + 'bla': source => 'puppet:///files/etc/postfix/virtual_regexp.d/bla'; + } + } + +*/ + +define postfix::virtual_regexp_snippet ( + $ensure = "present", + $source = '', + $content = undef +) { + + if $source == '' and $content == undef { + fail("One of \$source or \$content must be specified for postfix::virtual_regexp_snippet ${name}") + } + + if $source != '' and $content != undef { + fail("Only one of \$source or \$content must specified for postfix::virtual_regexp_snippet ${name}") + } + + if ($value == false) and ($ensure == "present") { + fail("The value parameter must be set when using the postfix::virtual_regexp_snippet define with ensure=present.") + } + + include postfix::virtual_regexp + + $snippetfile = "${postfix::virtual_regexp::postfix_virtual_regexp_snippets_dir}/${name}" + + file { "$snippetfile": + ensure => "$ensure", + mode => 600, + owner => root, + group => 0, + notify => Exec["concat_${postfix::virtual_regexp::postfix_merged_virtual_regexp}"], + } + + if $source { + File["$snippetfile"] { + source => $source, + } + } + else { + File["$snippetfile"] { + content => $content, + } + } + +} diff --git a/templates/master.cf.debian-etch.erb b/templates/master.cf.debian-etch.erb index 4b39f45..aaea777 100644 --- a/templates/master.cf.debian-etch.erb +++ b/templates/master.cf.debian-etch.erb @@ -9,14 +9,16 @@ # ========================================================================== <% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> -#submission inet n - - - - smtpd -# -o smtpd_enforce_tls=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -#smtps inet n - - - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd + -o smtpd_enforce_tls=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject +<% end %> +<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject +<% end %> #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup @@ -96,7 +98,7 @@ amavis unix - - - - 2 smtp <% end %> <% if postfix_use_dovecot_lda == 'yes' %> dovecot unix - n n - - pipe - flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} + flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} <% end %> <% if postfix_use_schleuder == 'yes' %> schleuder unix - n n - - pipe @@ -108,6 +110,10 @@ sympa unix - n n - - pipe sympabounce unix - n n - - pipe flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} <% end %> +<% if postfix_use_mlmmj == 'yes' %> +mlmmj unix - n n - - pipe + flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ +<%- end -%> <%- unless postfix_mastercf_tail.to_s.empty? then -%> <%= postfix_mastercf_tail %> diff --git a/templates/master.cf.debian-lenny.erb b/templates/master.cf.debian-lenny.erb index 11d0fa0..ab71f97 100644 --- a/templates/master.cf.debian-lenny.erb +++ b/templates/master.cf.debian-lenny.erb @@ -11,16 +11,18 @@ # ========================================================================== <% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> -#submission inet n - - - - smtpd -# -o smtpd_tls_security_level=encrypt -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING -#smtps inet n - - - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING +<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd + -o smtpd_tls_security_level=encrypt + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject + -o milter_macro_daemon_name=ORIGINATING +<% end %> +<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject + -o milter_macro_daemon_name=ORIGINATING +<% end %> #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup @@ -102,7 +104,7 @@ amavis unix - - - - 2 smtp <% end %> <% if postfix_use_dovecot_lda == 'yes' %> dovecot unix - n n - - pipe - flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} + flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} <% end %> <% if postfix_use_schleuder == 'yes' %> schleuder unix - n n - - pipe @@ -114,6 +116,10 @@ sympa unix - n n - - pipe sympabounce unix - n n - - pipe flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} <% end %> +<% if postfix_use_mlmmj == 'yes' %> +mlmmj unix - n n - - pipe + flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ +<%- end -%> <%- unless postfix_mastercf_tail.to_s.empty? then -%> <%= postfix_mastercf_tail %> diff --git a/templates/master.cf.debian-sid.erb b/templates/master.cf.debian-sid.erb index c71fbea..3450369 100644 --- a/templates/master.cf.debian-sid.erb +++ b/templates/master.cf.debian-sid.erb @@ -14,16 +14,18 @@ #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog #tlsproxy unix - - - - 0 tlsproxy -#submission inet n - - - - smtpd -# -o smtpd_tls_security_level=encrypt -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING -#smtps inet n - - - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING +<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd + -o smtpd_tls_security_level=encrypt + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject + -o milter_macro_daemon_name=ORIGINATING +<% end %> +<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject + -o milter_macro_daemon_name=ORIGINATING +<% end %> #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup @@ -145,6 +147,10 @@ sympa unix - n n - - pipe sympabounce unix - n n - - pipe flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} <% end %> +<% if postfix_use_mlmmj == 'yes' %> +mlmmj unix - n n - - pipe + flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ +<%- end -%> <%- unless postfix_mastercf_tail.to_s.empty? then -%> <%= postfix_mastercf_tail %> diff --git a/templates/master.cf.debian-squeeze.erb b/templates/master.cf.debian-squeeze.erb index be86a08..50084ef 100644 --- a/templates/master.cf.debian-squeeze.erb +++ b/templates/master.cf.debian-squeeze.erb @@ -10,7 +10,11 @@ # ========================================================================== <% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> -#submission inet n - - - - smtpd +<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd + -o smtpd_enforce_tls=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject +<% end %> #smtp inet n - - - 1 postscreen #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog @@ -18,11 +22,12 @@ # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING -#smtps inet n - - - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING +<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject + -o milter_macro_daemon_name=ORIGINATING +<% end %> #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup @@ -125,7 +130,7 @@ amavis unix - - - - 2 smtp <% end %> <% if postfix_use_dovecot_lda == 'yes' %> dovecot unix - n n - - pipe - flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} + flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} <% end %> <% if postfix_use_schleuder == 'yes' %> schleuder unix - n n - - pipe @@ -137,6 +142,16 @@ sympa unix - n n - - pipe sympabounce unix - n n - - pipe flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} <% end %> +<% if postfix_use_mlmmj == 'yes' %> +mlmmj unix - n n - - pipe + flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ +<%- end -%> +<% if postfix_use_firma == 'yes' %> +firma unix - n n - - pipe + flags=DRhu user=firma argv=/var/lib/firma/firma -p ${user} +firmarequest unix - n n - - pipe + flags=DRhu user=firma argv=/var/lib/firma/firma -e ${user} +<% end %> <%- unless postfix_mastercf_tail.to_s.empty? then -%> <%= postfix_mastercf_tail %> diff --git a/templates/master.cf.debian-wheezy.erb b/templates/master.cf.debian-wheezy.erb index c71fbea..14497f2 100644 --- a/templates/master.cf.debian-wheezy.erb +++ b/templates/master.cf.debian-wheezy.erb @@ -14,16 +14,18 @@ #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog #tlsproxy unix - - - - 0 tlsproxy -#submission inet n - - - - smtpd -# -o smtpd_tls_security_level=encrypt -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING -#smtps inet n - - - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING +<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd + -o smtpd_tls_security_level=encrypt + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject + -o milter_macro_daemon_name=ORIGINATING +<% end %> +<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject + -o milter_macro_daemon_name=ORIGINATING +<% end %> #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup @@ -133,7 +135,7 @@ amavis unix - - - - 2 smtp <% end %> <% if postfix_use_dovecot_lda == 'yes' %> dovecot unix - n n - - pipe - flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} + flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} <% end %> <% if postfix_use_schleuder == 'yes' %> schleuder unix - n n - - pipe @@ -145,6 +147,10 @@ sympa unix - n n - - pipe sympabounce unix - n n - - pipe flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} <% end %> +<% if postfix_use_mlmmj == 'yes' %> +mlmmj unix - n n - - pipe + flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ +<%- end -%> <%- unless postfix_mastercf_tail.to_s.empty? then -%> <%= postfix_mastercf_tail %> diff --git a/templates/master.cf.redhat5.erb b/templates/master.cf.redhat5.erb index 3d0c7d6..1d98d27 100644 --- a/templates/master.cf.redhat5.erb +++ b/templates/master.cf.redhat5.erb @@ -9,14 +9,16 @@ # ========================================================================== <%= postfix_smtp_listen %>:smtp inet n - n - - smtpd #smtp inet n - n - - smtpd -#submission inet n - n - - smtpd -# -o smtpd_enforce_tls=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -#smtps inet n - n - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +<% if postfix_use_submission == 'yes' %>submission inet n - n - - smtpd + -o smtpd_enforce_tls=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject +<% end %> +<% if postfix_use_smtps == 'yes' %>smtps inet n - n - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject +<% end %> #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup |