opuppet/module-postfix
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Switching to parametrized classes

Browse source
This commit is contained in:
Silvio Rhatto 2013-01-25 14:03:24 -02:00
parent 5e806b99e2
commit 8b78b15e57
23 changed files with 192 additions and 166 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
README
View file

@ -8,31 +8,37 @@ This module needs:
- the concat module: git://labs.riseup.net/shared-concat - the concat module: git://labs.riseup.net/shared-concat
!! Upgrade Notice (01/2013) !!
This module now uses parameterized classes, where it used global variables
before. So please whatch out before pulling, you need to change the
class declarations in your manifest !
Config Config
------ ------
- set $postfix_use_amavisd="yes" to include postfix::amavis - set $use_amavisd="yes" to include postfix::amavis
- set $postfix_anon_sasl="yes" to hide the originating IP in email - set $anon_sasl="yes" to hide the originating IP in email
relayed for an authenticated SASL client; this needs Postfix relayed for an authenticated SASL client; this needs Postfix
2.3 or later to work; beware! Postfix logs the header replacement 2.3 or later to work; beware! Postfix logs the header replacement
has been done, which means that you are storing this information, has been done, which means that you are storing this information,
unless you are anonymizing your logs. unless you are anonymizing your logs.
- set $postfix_manage_header_checks="yes" to manage header checks (see - set $manage_header_checks="yes" to manage header checks (see
postfix::header_checks for details) postfix::header_checks for details)
- set $postfix_manage_transport_regexp="yes" to manage header checks (see - set $manage_transport_regexp="yes" to manage header checks (see
postfix::transport_regexp for details) postfix::transport_regexp for details)
- set $postfix_manage_virtual_regexp="yes" to manage header checks (see - set $manage_virtual_regexp="yes" to manage header checks (see
postfix::virtual_regexp for details) postfix::virtual_regexp for details)
- set $postfix_manage_tls_policy="yes" to manage TLS policy (see - set $manage_tls_policy="yes" to manage TLS policy (see
postfix::tlspolicy for details) postfix::tlspolicy for details)
- by default, postfix will bind to all interfaces, but sometimes you don't want - by default, postfix will bind to all interfaces, but sometimes you don't want
that. To bind to specific interfaces, use the $postfix_inet_interfaces that. To bind to specific interfaces, use the $inet_interfaces
variable and set it to exactly what would be in the main.cf file. variable and set it to exactly what would be in the main.cf file.
- some hosts have weird-looking host names (dedicated servers and VPSes). To - some hosts have weird-looking host names (dedicated servers and VPSes). To
set the server's domain of origin, set the $postfix_myorigin value set the server's domain of origin, set the $myorigin value
== Example: == Example:
include postfix class { 'postfix': }
postfix::config { "relay_domains": value => "localhost host.foo.com" } postfix::config { "relay_domains": value => "localhost host.foo.com" }

2
manifests/config.pp
View file

@ -18,7 +18,7 @@ Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::config { postfix::config {
"smtp_use_tls" => "yes"; "smtp_use_tls" => "yes";

2
manifests/hash.pp
View file

@ -17,7 +17,7 @@ Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::hash { "/etc/postfix/virtual": postfix::hash { "/etc/postfix/virtual":
ensure => present, ensure => present,

2
manifests/header_checks_snippet.pp
View file

@ -14,7 +14,7 @@ Requires:
Example usage: Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::header_checks_snippet { postfix::header_checks_snippet {
'wrong_date': content => 'FIXME'; 'wrong_date': content => 'FIXME';
'bla': source => 'puppet:///files/etc/postfix/header_checks.d/bla'; 'bla': source => 'puppet:///files/etc/postfix/header_checks.d/bla';

103
manifests/init.pp
View file

@ -5,17 +5,55 @@
# delivery and an SMTP server listening on the loopback interface. # delivery and an SMTP server listening on the loopback interface.
# #
# Parameters: # Parameters:
# - *$postfix_smtp_listen*: address on which the smtp service will listen to. defaults to 127.0.0.1 # - *$smtp_listen*: address on which the smtp service will listen to. defaults to 127.0.0.1
# - *$root_mail_recipient*: who will recieve root's emails. defaults to "nobody" # - *$root_mail_recipient*: who will recieve root's emails. defaults to "nobody"
# - *$anon_sasl*: set $anon_sasl="yes" to hide the originating IP in email
# - *$manage_header_checks*: manage header checks
# - *$manage_tls_policy*: manage tls policy
# - *$manage_transport_regexp*: manage transport regexps
# - *$manage_virtual_regexp*: manage virtual regexps
# - *$tls_fingerprint_digest*: fingerprint digest for tls policy class
# - *$use_amavisd*: set to "yes" to configure amavis
# - *$use_dovecot_lda*: include dovecot declaration at master.cf
# - *$use_schleuder*: whether to include schleuder portion at master.cf
# - *$use_sympa*: whether to include sympa portion at master.cf
# - *$use_firma*: whether to include firma portion at master.cf
# - *$use_mlmmj*: whether to include mlmmj portion at master.cf
# - *$use_submission*: set to "yes" to enable submission section at master.cf
# - *$use_smtps*: set to "yes" to enable smtps section at master.cf
# - *$mastercf_tail*: set this for additional content to be added at the end of master.cf
# - *$inet_interfaces*: which inet interface postfix should listen on
# - *$myorigin*: sets postfix $myorigin configuration
# #
# Example usage: # Example usage:
# #
# node "toto.example.com" { # node "toto.example.com" {
# $postfix_smtp_listen = "192.168.1.10" # class { 'postfix':
# include postfix # smtp_listen => "192.168.1.10"
# }
# } # }
# #
class postfix { class postfix(
$smtp_listen = "127.0.0.1",
$root_mail_recipient = "nobody",
$anon_sasl = "no",
$manage_header_checks = "no",
$manage_tls_policy = "no",
$manage_transport_regexp = "no",
$manage_virtual_regexp = "no",
$tls_fingerprint_digest = 'sha1'
$use_amavisd = "no",
$use_dovecot_lda = "no",
$use_schleuder = "no",
$use_sympa = "no",
$use_firma = "no",
$use_mlmmj = "no",
$use_submission = "no",
$use_smtps = "no",
$mastercf_tail = "",
$inet_interfaces = 'all',
$myorigin = $::fqdn
) {
# selinux labels differ from one distribution to another # selinux labels differ from one distribution to another
case $::operatingsystem { case $::operatingsystem {
@ -33,65 +71,30 @@ class postfix {
} }
} }
# Default value for various options
case $postfix_smtp_listen {
"": { $postfix_smtp_listen = "127.0.0.1" }
}
case $root_mail_recipient {
"": { $root_mail_recipient = "nobody" }
}
case $postfix_anon_sasl {
"": { $postfix_anon_sasl = "no" }
}
case $postfix_manage_header_checks {
"": { $postfix_manage_header_checks = "no" }
}
case $postfix_manage_tls_policy {
"": { $postfix_manage_tls_policy = "no" }
}
case $postfix_use_amavisd {
"": { $postfix_use_amavisd = "no" }
}
case $postfix_use_dovecot_lda {
"": { $postfix_use_dovecot_lda = "no" }
}
case $postfix_use_schleuder {
"": { $postfix_use_schleuder = "no" }
}
case $postfix_use_sympa {
"": { $postfix_use_sympa = "no" }
}
case $postfix_mastercf_tail {
"": { $postfix_mastercf_tail = "" }
}
case $postfix_inet_interfaces {
"": { $postfix_inet_interfaces = 'all' }
}
case $postfix_myorigin {
"": { $postfix_myorigin = $fqdn }
}
# Bootstrap moduledir # Bootstrap moduledir
include common::moduledir include common::moduledir
module_dir{'postfix': } module_dir{'postfix': }
# Include optional classes # Include optional classes
if $postfix_anon_sasl == 'yes' { if $anon_sasl == 'yes' {
include postfix::anonsasl include postfix::anonsasl
} }
if $postfix_manage_header_checks == 'yes' { if $header_checks == 'yes' {
include postfix::header_checks include postfix::header_checks
} }
if $postfix_manage_tls_policy == 'yes' { if $manage_tls_policy == 'yes' {
include postfix::tlspolicy class { 'postfix::tlspolicy':
fingerprint_digest => $tls_fingerprint_digest,
}
} }
if $postfix_use_amavisd == 'yes' { if $use_amavisd == 'yes' {
include postfix::amavis include postfix::amavis
} }
if $postfix_manage_transport_regexp == 'yes' { if $manage_transport_regexp == 'yes' {
include postfix::transport_regexp include postfix::transport_regexp
} }
if $postfix_manage_virtual_regexp == 'yes' { if $manage_virtual_regexp == 'yes' {
include postfix::virtual_regexp include postfix::virtual_regexp
} }
@ -163,9 +166,9 @@ class postfix {
# Default configuration parameters # Default configuration parameters
postfix::config { postfix::config {
"myorigin": value => "${postfix_myorigin}"; "myorigin": value => "${myorigin}";
"alias_maps": value => "hash:/etc/aliases"; "alias_maps": value => "hash:/etc/aliases";
"inet_interfaces": value => "${postfix_inet_interfaces}"; "inet_interfaces": value => "${inet_interfaces}";
} }
case $::operatingsystem { case $::operatingsystem {

2
manifests/mailalias.pp
View file

@ -15,7 +15,7 @@ Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::mailalias { "postmaster": postfix::mailalias { "postmaster":
ensure => present, ensure => present,

10
manifests/mailman.pp
View file

@ -4,19 +4,17 @@
# Configures a basic smtp server, able to work for the mailman mailing-list # Configures a basic smtp server, able to work for the mailman mailing-list
# manager. # manager.
# #
# Parameters:
# - every global variable which works for class "postfix" will work here.
#
# Example usage: # Example usage:
# #
# node "toto.example.com" { # node "toto.example.com" {
# include mailman # include mailman
# include postfix::mailman # class { 'postfix::mailman': }
# } # }
# #
class postfix::mailman { class postfix::mailman {
$postfix_smtp_listen = "0.0.0.0" class { 'postfix':
include postfix smtp_listen => "0.0.0.0",
}
postfix::config { postfix::config {
"mydestination": value => ""; "mydestination": value => "";

31
manifests/mta.pp
View file

@ -15,14 +15,21 @@
# - *$postfix_mydestination* # - *$postfix_mydestination*
# - every global variable which works for class "postfix" will work here. # - every global variable which works for class "postfix" will work here.
# #
# Requires:
# - Class["postfix"]
#
# Example usage: # Example usage:
# #
# node "toto.example.com" { # node "toto.example.com" {
# $postfix_relayhost = "mail.example.com"
# $postfix_smtp_listen = "0.0.0.0"
# $postfix_mydestination = "\$myorigin, myapp.example.com"
# #
# include postfix::mta # class { 'postfix':
# smtp_listen => "0.0.0.0",
# }
#
# class { 'postfix::mta':
# relayhost => "mail.example.com",
# mydestination => "\$myorigin, myapp.example.com",
# }
# #
# postfix::transport { "myapp.example.com": # postfix::transport { "myapp.example.com":
# ensure => present, # ensure => present,
@ -30,22 +37,24 @@
# } # }
# } # }
# #
class postfix::mta { class postfix::mta(
$mydestination = '',
$relayhost = ''
) {
#case $postfix_relayhost { #case $relayhost {
# "": { fail("Required \$postfix_relayhost variable is not defined.") } # "": { fail("Required relayhost parameter is not defined.") }
#} #}
case $postfix_mydestination { case $mydestination {
"": { $postfix_mydestination = "\$myorigin" } "": { $postfix_mydestination = "\$myorigin" }
default: { $postfix_mydestination = "$mydestination" }
} }
include postfix
postfix::config { postfix::config {
"mydestination": value => $postfix_mydestination; "mydestination": value => $postfix_mydestination;
"mynetworks": value => "127.0.0.0/8"; "mynetworks": value => "127.0.0.0/8";
"relayhost": value => $postfix_relayhost; "relayhost": value => $relayhost;
"virtual_alias_maps": value => "hash:/etc/postfix/virtual"; "virtual_alias_maps": value => "hash:/etc/postfix/virtual";
"transport_maps": value => "hash:/etc/postfix/transport"; "transport_maps": value => "hash:/etc/postfix/transport";
} }

24
manifests/satellite.pp
View file

@ -14,14 +14,18 @@
# Example usage: # Example usage:
# #
# node "toto.local.lan" { # node "toto.local.lan" {
# $postfix_relayhost = "mail.example.com" # class { 'postfix::satellite':
# $valid_fqdn = "toto.example.com" # relayhost => "mail.example.com"
# $root_mail_recipient = "the.sysadmin@example.com" # valid_fqdn => "toto.example.com"
# # root_mail_recipient => "the.sysadmin@example.com"
# include postfix::satellite # }
# } # }
# #
class postfix::satellite { class postfix::satellite(
$relayhost = '',
$valid_fqdn = '',
$root_mail_recipient = ''
) {
# If $valid_fqdn exists, use it to override $fqdn # If $valid_fqdn exists, use it to override $fqdn
case $valid_fqdn { case $valid_fqdn {
@ -29,7 +33,13 @@ class postfix::satellite {
default: { $fqdn = "${valid_fqdn}" } default: { $fqdn = "${valid_fqdn}" }
} }
include postfix::mta class { 'postfix:
root_mail_recipient => $root_mail_recipient,
}
class { 'postfix::mta':
relayhost => $relayhost,
}
postfix::virtual {"@${valid_fqdn}": postfix::virtual {"@${valid_fqdn}":
ensure => present, ensure => present,

13
manifests/tlspolicy.pp
View file

@ -5,18 +5,15 @@
# via postfix::tlspolicy_snippet defines # via postfix::tlspolicy_snippet defines
# #
# Parameters: # Parameters:
# - $postfix_tls_fingerprint_digest (defaults to sha1) # - $fingerprint_digest (defaults to sha1)
# #
# Note that this class is useless when used directly. # Note that this class is useless when used directly.
# The postfix::tlspolicy_snippet defines takes care of importing # The postfix::tlspolicy_snippet defines takes care of importing
# it anyway. # it anyway.
# #
class postfix::tlspolicy { class postfix::tlspolicy(
$fingerprint_digest = 'sha1'
# Default value for parameters ) {
case $postfix_tls_fingerprint_digest {
"": { $postfix_tls_fingerprint_digest = 'sha1' }
}
include common::moduledir include common::moduledir
module_dir{'postfix/tls_policy': } module_dir{'postfix/tls_policy': }
@ -37,7 +34,7 @@ class postfix::tlspolicy {
} }
postfix::config { postfix::config {
'smtp_tls_fingerprint_digest': value => "$postfix_tls_fingerprint_digest"; 'smtp_tls_fingerprint_digest': value => "$fingerprint_digest";
} }
postfix::config { 'smtp_tls_policy_maps': postfix::config { 'smtp_tls_policy_maps':

5
manifests/tlspolicy_snippet.pp
View file

@ -16,8 +16,9 @@ Requires:
Example usage: Example usage:
node "toto.example.com" { node "toto.example.com" {
$postfix_manage_tls_policy = yes class { 'postfix':
include postfix manage_tls_policy => 'yes',
}
postfix::tlspolicy_snippet { postfix::tlspolicy_snippet {
'example.com': value => 'encrypt'; 'example.com': value => 'encrypt';
'.example.com': value => 'encrypt'; '.example.com': value => 'encrypt';

2
manifests/transport.pp
View file

@ -18,7 +18,7 @@ Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::hash { "/etc/postfix/transport": postfix::hash { "/etc/postfix/transport":
ensure => present, ensure => present,

5
manifests/transport_regexp.pp
View file

@ -11,8 +11,9 @@
# Example usage: # Example usage:
# #
# node "toto.example.com" { # node "toto.example.com" {
# $postfix_manage_transport_regexp = yes # class { 'postfix':
# include postfix # manage_transport_regexp => 'yes',
# }
# postfix::config { "transport_maps": # postfix::config { "transport_maps":
# value => "hash:/etc/postfix/transport, regexp:/etc/postfix/transport_regexp", # value => "hash:/etc/postfix/transport, regexp:/etc/postfix/transport_regexp",
# } # }

2
manifests/transport_regexp_snippet.pp
View file

@ -14,7 +14,7 @@ Requires:
Example usage: Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::transport_regexp { postfix::transport_regexp {
'wrong_date': content => 'FIXME'; 'wrong_date': content => 'FIXME';
'bla': source => 'puppet:///files/etc/postfix/transport_regexp.d/bla'; 'bla': source => 'puppet:///files/etc/postfix/transport_regexp.d/bla';

2
manifests/virtual.pp
View file

@ -18,7 +18,7 @@ Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::hash { "/etc/postfix/virtual": postfix::hash { "/etc/postfix/virtual":
ensure => present, ensure => present,

5
manifests/virtual_regexp.pp
View file

@ -11,8 +11,9 @@
# Example usage: # Example usage:
# #
# node "toto.example.com" { # node "toto.example.com" {
# $postfix_manage_virtual_regexp = yes # class { 'postfix':
# include postfix # manage_virtual_regexp => 'yes',
# }
# postfix::config { "virtual_alias_maps": # postfix::config { "virtual_alias_maps":
# value => 'hash://postfix/virtual, regexp:/etc/postfix/virtual_regexp', # value => 'hash://postfix/virtual, regexp:/etc/postfix/virtual_regexp',
# } # }

2
manifests/virtual_regexp_snippet.pp
View file

@ -14,7 +14,7 @@ Requires:
Example usage: Example usage:
node "toto.example.com" { node "toto.example.com" {
include postfix class { 'postfix': }
postfix::virtual_regexp { postfix::virtual_regexp {
'wrong_date': content => 'FIXME'; 'wrong_date': content => 'FIXME';
'bla': source => 'puppet:///files/etc/postfix/virtual_regexp.d/bla'; 'bla': source => 'puppet:///files/etc/postfix/virtual_regexp.d/bla';

22
templates/master.cf.debian-etch.erb
View file

@ -7,14 +7,14 @@
# service type private unpriv chroot wakeup maxproc command + args # service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100) # (yes) (yes) (yes) (never) (100)
# ========================================================================== # ==========================================================================
<% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% if smtp_listen == 'all' %>smtp inet n - - - - smtpd
<% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> <% else %><%= smtp_listen %>:smtp inet n - - - - smtpd<% end %>
<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd <% if use_submission == 'yes' %>submission inet n - - - - smtpd
-o smtpd_enforce_tls=yes -o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
<% end %> <% end %>
<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd <% if use_smtps == 'yes' %>smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
@ -77,7 +77,7 @@ scalemail-backend unix - n n - 2 pipe
mailman unix - n n - - pipe mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user} ${nexthop} ${user}
<% if postfix_use_amavisd == 'yes' %> <% if use_amavisd == 'yes' %>
amavis unix - - - - 2 smtp amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200 -o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes -o smtp_send_xforward_command=yes
@ -96,25 +96,25 @@ amavis unix - - - - 2 smtp
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1 -o smtpd_bind_address=127.0.0.1
<% end %> <% end %>
<% if postfix_use_dovecot_lda == 'yes' %> <% if use_dovecot_lda == 'yes' %>
dovecot unix - n n - - pipe dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}
<% end %> <% end %>
<% if postfix_use_schleuder == 'yes' %> <% if use_schleuder == 'yes' %>
schleuder unix - n n - - pipe schleuder unix - n n - - pipe
flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user} flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
<% end %> <% end %>
<% if postfix_use_sympa == 'yes' %> <% if use_sympa == 'yes' %>
sympa unix - n n - - pipe sympa unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient} flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
sympabounce unix - n n - - pipe sympabounce unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
<% end %> <% end %>
<% if postfix_use_mlmmj == 'yes' %> <% if use_mlmmj == 'yes' %>
mlmmj unix - n n - - pipe mlmmj unix - n n - - pipe
flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/
<%- end -%> <%- end -%>
<%- unless postfix_mastercf_tail.to_s.empty? then -%> <%- unless mastercf_tail.to_s.empty? then -%>
<%= postfix_mastercf_tail %> <%= mastercf_tail %>
<%- end -%> <%- end -%>

22
templates/master.cf.debian-lenny.erb
View file

@ -9,15 +9,15 @@
# service type private unpriv chroot wakeup maxproc command + args # service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100) # (yes) (yes) (yes) (never) (100)
# ========================================================================== # ==========================================================================
<% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% if smtp_listen == 'all' %>smtp inet n - - - - smtpd
<% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> <% else %><%= smtp_listen %>:smtp inet n - - - - smtpd<% end %>
<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd <% if use_submission == 'yes' %>submission inet n - - - - smtpd
-o smtpd_tls_security_level=encrypt -o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING -o milter_macro_daemon_name=ORIGINATING
<% end %> <% end %>
<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd <% if use_smtps == 'yes' %>smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
@ -83,7 +83,7 @@ scalemail-backend unix - n n - 2 pipe
mailman unix - n n - - pipe mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user} ${nexthop} ${user}
<% if postfix_use_amavisd == 'yes' %> <% if use_amavisd == 'yes' %>
amavis unix - - - - 2 smtp amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200 -o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes -o smtp_send_xforward_command=yes
@ -102,25 +102,25 @@ amavis unix - - - - 2 smtp
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1 -o smtpd_bind_address=127.0.0.1
<% end %> <% end %>
<% if postfix_use_dovecot_lda == 'yes' %> <% if use_dovecot_lda == 'yes' %>
dovecot unix - n n - - pipe dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}
<% end %> <% end %>
<% if postfix_use_schleuder == 'yes' %> <% if use_schleuder == 'yes' %>
schleuder unix - n n - - pipe schleuder unix - n n - - pipe
flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user} flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
<% end %> <% end %>
<% if postfix_use_sympa == 'yes' %> <% if use_sympa == 'yes' %>
sympa unix - n n - - pipe sympa unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient} flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
sympabounce unix - n n - - pipe sympabounce unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
<% end %> <% end %>
<% if postfix_use_mlmmj == 'yes' %> <% if use_mlmmj == 'yes' %>
mlmmj unix - n n - - pipe mlmmj unix - n n - - pipe
flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/
<%- end -%> <%- end -%>
<%- unless postfix_mastercf_tail.to_s.empty? then -%> <%- unless mastercf_tail.to_s.empty? then -%>
<%= postfix_mastercf_tail %> <%= mastercf_tail %>
<%- end -%> <%- end -%>

22
templates/master.cf.debian-sid.erb
View file

@ -8,19 +8,19 @@
# service type private unpriv chroot wakeup maxproc command + args # service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100) # (yes) (yes) (yes) (never) (100)
# ========================================================================== # ==========================================================================
<% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% if smtp_listen == 'all' %>smtp inet n - - - - smtpd
<% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> <% else %><%= smtp_listen %>:smtp inet n - - - - smtpd<% end %>
#smtp inet n - - - 1 postscreen #smtp inet n - - - 1 postscreen
#smtpd pass - - - - - smtpd #smtpd pass - - - - - smtpd
#dnsblog unix - - - - 0 dnsblog #dnsblog unix - - - - 0 dnsblog
#tlsproxy unix - - - - 0 tlsproxy #tlsproxy unix - - - - 0 tlsproxy
<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd <% if use_submission == 'yes' %>submission inet n - - - - smtpd
-o smtpd_tls_security_level=encrypt -o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING -o milter_macro_daemon_name=ORIGINATING
<% end %> <% end %>
<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd <% if use_smtps == 'yes' %>smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
@ -114,7 +114,7 @@ mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user} ${nexthop} ${user}
<% if postfix_use_amavisd == 'yes' %> <% if use_amavisd == 'yes' %>
amavis unix - - - - 2 smtp amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200 -o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes -o smtp_send_xforward_command=yes
@ -133,25 +133,25 @@ amavis unix - - - - 2 smtp
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1 -o smtpd_bind_address=127.0.0.1
<% end %> <% end %>
<% if postfix_use_dovecot_lda == 'yes' %> <% if use_dovecot_lda == 'yes' %>
dovecot unix - n n - - pipe dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
<% end %> <% end %>
<% if postfix_use_schleuder == 'yes' %> <% if use_schleuder == 'yes' %>
schleuder unix - n n - - pipe schleuder unix - n n - - pipe
flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user} flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
<% end %> <% end %>
<% if postfix_use_sympa == 'yes' %> <% if use_sympa == 'yes' %>
sympa unix - n n - - pipe sympa unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient} flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
sympabounce unix - n n - - pipe sympabounce unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
<% end %> <% end %>
<% if postfix_use_mlmmj == 'yes' %> <% if use_mlmmj == 'yes' %>
mlmmj unix - n n - - pipe mlmmj unix - n n - - pipe
flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/
<%- end -%> <%- end -%>
<%- unless postfix_mastercf_tail.to_s.empty? then -%> <%- unless mastercf_tail.to_s.empty? then -%>
<%= postfix_mastercf_tail %> <%= mastercf_tail %>
<%- end -%> <%- end -%>

24
templates/master.cf.debian-squeeze.erb
View file

@ -8,9 +8,9 @@
# service type private unpriv chroot wakeup maxproc command + args # service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100) # (yes) (yes) (yes) (never) (100)
# ========================================================================== # ==========================================================================
<% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% if smtp_listen == 'all' %>smtp inet n - - - - smtpd
<% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> <% else %><%= smtp_listen %>:smtp inet n - - - - smtpd<% end %>
<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd <% if use_submission == 'yes' %>submission inet n - - - - smtpd
-o smtpd_enforce_tls=yes -o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
@ -22,7 +22,7 @@
# -o smtpd_sasl_auth_enable=yes # -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING # -o milter_macro_daemon_name=ORIGINATING
<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd <% if use_smtps == 'yes' %>smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
@ -109,7 +109,7 @@ scalemail-backend unix - n n - 2 pipe
mailman unix - n n - - pipe mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user} ${nexthop} ${user}
<% if postfix_use_amavisd == 'yes' %> <% if use_amavisd == 'yes' %>
amavis unix - - - - 2 smtp amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200 -o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes -o smtp_send_xforward_command=yes
@ -128,31 +128,31 @@ amavis unix - - - - 2 smtp
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1 -o smtpd_bind_address=127.0.0.1
<% end %> <% end %>
<% if postfix_use_dovecot_lda == 'yes' %> <% if use_dovecot_lda == 'yes' %>
dovecot unix - n n - - pipe dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}
<% end %> <% end %>
<% if postfix_use_schleuder == 'yes' %> <% if use_schleuder == 'yes' %>
schleuder unix - n n - - pipe schleuder unix - n n - - pipe
flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user} flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
<% end %> <% end %>
<% if postfix_use_sympa == 'yes' %> <% if use_sympa == 'yes' %>
sympa unix - n n - - pipe sympa unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient} flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
sympabounce unix - n n - - pipe sympabounce unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
<% end %> <% end %>
<% if postfix_use_mlmmj == 'yes' %> <% if use_mlmmj == 'yes' %>
mlmmj unix - n n - - pipe mlmmj unix - n n - - pipe
flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/
<%- end -%> <%- end -%>
<% if postfix_use_firma == 'yes' %> <% if use_firma == 'yes' %>
firma unix - n n - - pipe firma unix - n n - - pipe
flags=DRhu user=firma argv=/var/lib/firma/firma -p ${user} flags=DRhu user=firma argv=/var/lib/firma/firma -p ${user}
firmarequest unix - n n - - pipe firmarequest unix - n n - - pipe
flags=DRhu user=firma argv=/var/lib/firma/firma -e ${user} flags=DRhu user=firma argv=/var/lib/firma/firma -e ${user}
<% end %> <% end %>
<%- unless postfix_mastercf_tail.to_s.empty? then -%> <%- unless mastercf_tail.to_s.empty? then -%>
<%= postfix_mastercf_tail %> <%= mastercf_tail %>
<%- end -%> <%- end -%>

22
templates/master.cf.debian-wheezy.erb
View file

@ -8,19 +8,19 @@
# service type private unpriv chroot wakeup maxproc command + args # service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100) # (yes) (yes) (yes) (never) (100)
# ========================================================================== # ==========================================================================
<% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd <% if smtp_listen == 'all' %>smtp inet n - - - - smtpd
<% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %> <% else %><%= smtp_listen %>:smtp inet n - - - - smtpd<% end %>
#smtp inet n - - - 1 postscreen #smtp inet n - - - 1 postscreen
#smtpd pass - - - - - smtpd #smtpd pass - - - - - smtpd
#dnsblog unix - - - - 0 dnsblog #dnsblog unix - - - - 0 dnsblog
#tlsproxy unix - - - - 0 tlsproxy #tlsproxy unix - - - - 0 tlsproxy
<% if postfix_use_submission == 'yes' %>submission inet n - - - - smtpd <% if use_submission == 'yes' %>submission inet n - - - - smtpd
-o smtpd_tls_security_level=encrypt -o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING -o milter_macro_daemon_name=ORIGINATING
<% end %> <% end %>
<% if postfix_use_smtps == 'yes' %>smtps inet n - - - - smtpd <% if use_smtps == 'yes' %>smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
@ -114,7 +114,7 @@ mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user} ${nexthop} ${user}
<% if postfix_use_amavisd == 'yes' %> <% if use_amavisd == 'yes' %>
amavis unix - - - - 2 smtp amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200 -o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes -o smtp_send_xforward_command=yes
@ -133,25 +133,25 @@ amavis unix - - - - 2 smtp
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1 -o smtpd_bind_address=127.0.0.1
<% end %> <% end %>
<% if postfix_use_dovecot_lda == 'yes' %> <% if use_dovecot_lda == 'yes' %>
dovecot unix - n n - - pipe dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension} flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}
<% end %> <% end %>
<% if postfix_use_schleuder == 'yes' %> <% if use_schleuder == 'yes' %>
schleuder unix - n n - - pipe schleuder unix - n n - - pipe
flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user} flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
<% end %> <% end %>
<% if postfix_use_sympa == 'yes' %> <% if use_sympa == 'yes' %>
sympa unix - n n - - pipe sympa unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient} flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
sympabounce unix - n n - - pipe sympabounce unix - n n - - pipe
flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user} flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
<% end %> <% end %>
<% if postfix_use_mlmmj == 'yes' %> <% if use_mlmmj == 'yes' %>
mlmmj unix - n n - - pipe mlmmj unix - n n - - pipe
flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/ flags=DORhu user=mlmmj argv=/usr/bin/mlmmj-recieve -F -L /var/spool/mlmmj/$nexthop/
<%- end -%> <%- end -%>
<%- unless postfix_mastercf_tail.to_s.empty? then -%> <%- unless mastercf_tail.to_s.empty? then -%>
<%= postfix_mastercf_tail %> <%= mastercf_tail %>
<%- end -%> <%- end -%>

10
templates/master.cf.redhat5.erb
View file

@ -7,14 +7,14 @@
# service type private unpriv chroot wakeup maxproc command + args # service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100) # (yes) (yes) (yes) (never) (100)
# ========================================================================== # ==========================================================================
<%= postfix_smtp_listen %>:smtp inet n - n - - smtpd <%= smtp_listen %>:smtp inet n - n - - smtpd
#smtp inet n - n - - smtpd #smtp inet n - n - - smtpd
<% if postfix_use_submission == 'yes' %>submission inet n - n - - smtpd <% if use_submission == 'yes' %>submission inet n - n - - smtpd
-o smtpd_enforce_tls=yes -o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
<% end %> <% end %>
<% if postfix_use_smtps == 'yes' %>smtps inet n - n - - smtpd <% if use_smtps == 'yes' %>smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
@ -82,6 +82,6 @@ ifmail unix - n n - - pipe
bsmtp unix - n n - - pipe bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
<%- unless postfix_mastercf_tail.to_s.empty? then -%> <%- unless mastercf_tail.to_s.empty? then -%>
<%= postfix_mastercf_tail %> <%= mastercf_tail %>
<%- end -%> <%- end -%>