Merge branch 'master' of git://labs.riseup.net/shared-postfix

2012-04-06 21:09:51 -03:00 · 2012-04-06 21:09:51 -03:00 · 462db65ec4
commit 462db65ec4
parent 6a44990813 5108973b37
3 changed files with 164 additions and 2 deletions
--- a/5
+++ b/5
@ -16,6 +16,11 @@ Config
  postfix::header_checks for details)
 - set $postfix_manage_tls_policy="yes" to manage TLS policy (see
  postfix::tlspolicy for details)
+- by default, postfix will bind to all interfaces, but sometimes you don't want
+  that. To bind to specific interfaces, use the $postfix_inet_interfaces
+  variable and set it to exactly what would be in the main.cf file.
+- some hosts have weird-looking host names (dedicated servers and VPSes). To
+  set the server's domain of origin, set the $postfix_myorigin value

 == Example:

--- a/manifests/classes/postfix.pp
+++ b/manifests/classes/postfix.pp
@ -64,6 +64,12 @@ class postfix {
  case $postfix_mastercf_tail {
    "":   { $postfix_mastercf_tail = "" }
  }
+  case $postfix_inet_interfaces {
+    "": { $postfix_inet_interfaces = 'all' }
+  }
+  case $postfix_myorigin {
+    "": { $postfix_myorigin = $fqdn }
+  }

  # Bootstrap moduledir
  include common::moduledir
@ -151,9 +157,9 @@ class postfix {

  # Default configuration parameters
  postfix::config {
-    "myorigin":   value => "${fqdn}";
+    "myorigin":   value => "${postfix_myorigin}";
    "alias_maps": value => "hash:/etc/aliases";
-    "inet_interfaces": value => "all";
+    "inet_interfaces": value => "${postfix_inet_interfaces}";
  }

  case $operatingsystem {
--- a/templates/master.cf.debian-sid.erb
+++ b/templates/master.cf.debian-sid.erb
@ -0,0 +1,151 @@
+#
+# Postfix master process configuration file.  For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master").
+#
+# Do not forget to execute "postfix reload" after editing this file.
+#
+# ==========================================================================
+# service type  private unpriv  chroot  wakeup  maxproc command + args
+#               (yes)   (yes)   (yes)   (never) (100)
+# ==========================================================================
+<% if postfix_smtp_listen == 'all' %>smtp      inet  n       -       -       -       -       smtpd
+<% else %><%= postfix_smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd<% end %>
+#smtp      inet  n       -       -       -       1       postscreen
+#smtpd     pass  -       -       -       -       -       smtpd
+#dnsblog   unix  -       -       -       -       0       dnsblog
+#tlsproxy  unix  -       -       -       -       0       tlsproxy
+#submission inet n       -       -       -       -       smtpd
+#  -o smtpd_tls_security_level=encrypt
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#  -o milter_macro_daemon_name=ORIGINATING
+#smtps     inet  n       -       -       -       -       smtpd
+#  -o smtpd_tls_wrappermode=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#  -o milter_macro_daemon_name=ORIGINATING
+#628       inet  n       -       -       -       -       qmqpd
+pickup    fifo  n       -       -       60      1       pickup
+cleanup   unix  n       -       -       -       0       cleanup
+qmgr      fifo  n       -       n       300     1       qmgr
+#qmgr     fifo  n       -       -       300     1       oqmgr
+tlsmgr    unix  -       -       -       1000?   1       tlsmgr
+rewrite   unix  -       -       -       -       -       trivial-rewrite
+bounce    unix  -       -       -       -       0       bounce
+defer     unix  -       -       -       -       0       bounce
+trace     unix  -       -       -       -       0       bounce
+verify    unix  -       -       -       -       1       verify
+flush     unix  n       -       -       1000?   0       flush
+proxymap  unix  -       -       n       -       -       proxymap
+proxywrite unix -       -       n       -       1       proxymap
+smtp      unix  -       -       -       -       -       smtp
+# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
+relay     unix  -       -       -       -       -       smtp
+	-o smtp_fallback_relay=
+#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq     unix  n       -       -       -       -       showq
+error     unix  -       -       -       -       -       error
+retry     unix  -       -       -       -       -       error
+discard   unix  -       -       -       -       -       discard
+local     unix  -       n       n       -       -       local
+virtual   unix  -       n       n       -       -       virtual
+lmtp      unix  -       -       -       -       -       lmtp
+anvil     unix  -       -       -       -       1       anvil
+scache    unix  -       -       -       -       1       scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent.  See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop  unix  -       n       n       -       -       pipe
+  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# ====================================================================
+#
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
+#
+# Specify in cyrus.conf:
+#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
+#
+# Specify in main.cf one or more of the following:
+#  mailbox_transport = lmtp:inet:localhost
+#  virtual_transport = lmtp:inet:localhost
+#
+# ====================================================================
+#
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+#
+#cyrus     unix  -       n       n       -       -       pipe
+#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
+# Old example of delivery via Cyrus.
+#
+#old-cyrus unix  -       n       n       -       -       pipe
+#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp      unix  -       n       n       -       -       pipe
+  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail    unix  -       n       n       -       -       pipe
+  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp     unix  -       n       n       -       -       pipe
+  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix	-	n	n	-	2	pipe
+  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman   unix  -       n       n       -       -       pipe
+  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+  ${nexthop} ${user}
+
+<% if postfix_use_amavisd == 'yes' %>
+amavis unix - - - - 2 smtp
+        -o smtp_data_done_timeout=1200
+        -o smtp_send_xforward_command=yes
+
+127.0.0.1:10025 inet n - - - - smtpd
+        -o content_filter=
+        -o local_recipient_maps=
+        -o relay_recipient_maps=
+        -o smtpd_restriction_classes=
+        -o smtpd_client_restrictions=
+        -o smtpd_helo_restrictions=
+        -o smtpd_sender_restrictions=
+        -o smtpd_recipient_restrictions=permit_mynetworks,reject
+        -o mynetworks=127.0.0.0/8
+        -o strict_rfc821_envelopes=yes
+        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
+        -o smtpd_bind_address=127.0.0.1
+<% end %>
+<% if postfix_use_dovecot_lda == 'yes' %>
+dovecot   unix  -       n       n       -       -       pipe
+  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
+<% end %>
+<% if postfix_use_schleuder == 'yes' %>
+schleuder  unix  -       n       n       -       -       pipe
+  flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
+<% end %>
+<% if postfix_use_sympa == 'yes' %>
+sympa        unix  -       n       n       -       -       pipe
+  flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
+sympabounce  unix  -       n       n       -       -       pipe
+  flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
+<% end %>
+
+<%- unless postfix_mastercf_tail.to_s.empty? then -%>
+<%= postfix_mastercf_tail %>
+<%- end -%>