76 lines
2.4 KiB
YAML
76 lines
2.4 KiB
YAML
---
|
|
# defaults file for postfix
|
|
|
|
# These settings are required in postfix.
|
|
postfix_myhostname: "{{ ansible_fqdn }}"
|
|
postfix_mydomain: "{{ ansible_domain | default('localdomain', true) }}"
|
|
postfix_myorigin: "{{ ansible_domain | default('localdomain', true) }}"
|
|
|
|
# To "listen" on public interfaces, set inet_interfaces to something like
|
|
# "all" or the name of the interface, such as "eth0".
|
|
postfix_inet_interfaces: "loopback-only"
|
|
|
|
# Enable IPv4, and IPv6 if supported - if IPV4 only set to ipv4
|
|
postfix_inet_protocols: all
|
|
|
|
# The distination tells Postfix what mails to accept mail for.
|
|
postfix_mydestination: $mydomain, $myhostname, localhost.$mydomain, localhost
|
|
|
|
# To accept email from other machines, set the mynetworks to something like
|
|
# "192.168.0.0/24".
|
|
postfix_mynetworks: "127.0.0.0/8"
|
|
|
|
# These settings change the role of the postfix server to a relay host.
|
|
# postfix_relay_domains: "$mydestination"
|
|
|
|
# If you want to forward emails to another central relay server, set relayhost.
|
|
# use brackets to sent to the A-record of the relayhost.
|
|
# postfix_relayhost: [relay.example.com]
|
|
|
|
# Set the restrictions for receiving mails.
|
|
postfix_smtpd_recipient_restrictions:
|
|
- permit_mynetworks
|
|
- permit_sasl_authenticated
|
|
- reject_unauth_destination
|
|
- reject_invalid_hostname
|
|
- reject_non_fqdn_hostname
|
|
- reject_non_fqdn_sender
|
|
- reject_non_fqdn_recipient
|
|
- reject_unknown_sender_domain
|
|
- reject_unknown_recipient_domain
|
|
- reject_rbl_client sbl.spamhaus.org
|
|
- reject_rbl_client cbl.abuseat.org
|
|
- reject_rbl_client dul.dnsbl.sorbs.net
|
|
- permit
|
|
|
|
postfix_smtpd_sender_restrictions:
|
|
- reject_unknown_sender_domain
|
|
|
|
# To enable spamassassin, ensure spamassassin is installed,
|
|
# (hint: role: robertdebock.spamassassin) and set these two variables:
|
|
# postfix_spamassassin: enabled
|
|
# postfix_spamassassin_user: spamd
|
|
|
|
# To enable clamav, ensure clamav is installed,
|
|
# (hint: role: robertdebock.clamav) and set this variable:
|
|
# postfix_clamav: enabled
|
|
|
|
# You can configure aliases here. Typically redirecting `root` is a good plan.
|
|
# postfix_aliases:
|
|
# - name: root
|
|
# destination: robert@meinit.nl
|
|
|
|
# You can configure sender access controls here.
|
|
# postfix_sender_access:
|
|
# - domain: gooddomain.com
|
|
# action: OK
|
|
# - domain: baddomain.com
|
|
# action: REJECT
|
|
|
|
# You can configure recipient access controls here.
|
|
# postfix_recipient_access:
|
|
# - domain: gooddomain.com
|
|
# action: OK
|
|
# - domain: baddomain.com
|
|
# action: REJECT
|