diff options
author | Quentin <quentin@deuxfleurs.fr> | 2020-09-12 10:03:48 +0200 |
---|---|---|
committer | Quentin <quentin@deuxfleurs.fr> | 2020-09-12 10:03:48 +0200 |
commit | c4a6cf1534b864d3941c839d4a4dca7e505bd828 (patch) | |
tree | 3e866768cf39ae947def5b205f74fddfb435725d /consul/configuration/email/postfix | |
parent | 0550647b9348d1e36431400e0832b4340564c658 (diff) | |
download | infrastructure-c4a6cf1534b864d3941c839d4a4dca7e505bd828.tar.gz infrastructure-c4a6cf1534b864d3941c839d4a4dca7e505bd828.zip |
Rebase first step
Diffstat (limited to 'consul/configuration/email/postfix')
-rwxr-xr-x | consul/configuration/email/postfix/certs.gen | 13 | ||||
-rw-r--r-- | consul/configuration/email/postfix/dynamicmaps.cf | 9 | ||||
-rw-r--r-- | consul/configuration/email/postfix/header_checks | 3 | ||||
-rw-r--r-- | consul/configuration/email/postfix/ldap-account.cf.tpl | 12 | ||||
-rw-r--r-- | consul/configuration/email/postfix/ldap-alias.cf.tpl | 9 | ||||
-rw-r--r-- | consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl | 12 | ||||
-rw-r--r-- | consul/configuration/email/postfix/main.cf | 104 | ||||
-rw-r--r-- | consul/configuration/email/postfix/master.cf | 114 | ||||
-rw-r--r-- | consul/configuration/email/postfix/transport | 5 | ||||
-rw-r--r-- | consul/configuration/email/postfix/transport.db | bin | 12288 -> 0 bytes |
10 files changed, 0 insertions, 281 deletions
diff --git a/consul/configuration/email/postfix/certs.gen b/consul/configuration/email/postfix/certs.gen deleted file mode 100755 index f25439b..0000000 --- a/consul/configuration/email/postfix/certs.gen +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=smtp.deuxfleurs.fr" -openssl req \ - -new \ - -newkey rsa:4096 \ - -days 3650 \ - -nodes \ - -x509 \ - -subj ${TLSINFO} \ - -keyout postfix.key \ - -out postfix.crt - diff --git a/consul/configuration/email/postfix/dynamicmaps.cf b/consul/configuration/email/postfix/dynamicmaps.cf deleted file mode 100644 index 32d8f62..0000000 --- a/consul/configuration/email/postfix/dynamicmaps.cf +++ /dev/null @@ -1,9 +0,0 @@ -# Postfix dynamic maps configuration file. -# -# The first match found is the one that is used. Wildcards are not supported -# as of postfix 2.0.2 -# -#type location of .so file open function (mkmap func) -#==== ================================ ============= ============ -ldap postfix-ldap.so dict_ldap_open -sqlite postfix-sqlite.so dict_sqlite_open diff --git a/consul/configuration/email/postfix/header_checks b/consul/configuration/email/postfix/header_checks deleted file mode 100644 index cad52ec..0000000 --- a/consul/configuration/email/postfix/header_checks +++ /dev/null @@ -1,3 +0,0 @@ -/^Received:/ IGNORE -/^X-Originating-IP:/ IGNORE -/^X-Mailer:/ IGNORE diff --git a/consul/configuration/email/postfix/ldap-account.cf.tpl b/consul/configuration/email/postfix/ldap-account.cf.tpl deleted file mode 100644 index 2575f10..0000000 --- a/consul/configuration/email/postfix/ldap-account.cf.tpl +++ /dev/null @@ -1,12 +0,0 @@ -bind = yes -bind_dn = {{ key "secrets/email/postfix/ldap_binddn" | trimSpace }} -bind_pw = {{ key "secrets/email/postfix/ldap_bindpwd" | trimSpace }} -version = 3 -timeout = 20 -start_tls = no -tls_require_cert = no -server_host = ldap://bottin2.service.2.cluster.deuxfleurs.fr -scope = sub -search_base = ou=users,dc=deuxfleurs,dc=fr -query_filter = mail=%s -result_attribute = mail diff --git a/consul/configuration/email/postfix/ldap-alias.cf.tpl b/consul/configuration/email/postfix/ldap-alias.cf.tpl deleted file mode 100644 index 775c0ad..0000000 --- a/consul/configuration/email/postfix/ldap-alias.cf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -server_host = bottin2.service.2.cluster.deuxfleurs.fr -server_port = 389 -search_base = dc=deuxfleurs,dc=fr -query_filter = (&(objectClass=inetOrgPerson)(memberOf=cn=%s,ou=mailing_lists,ou=groups,dc=deuxfleurs,dc=fr)) -result_attribute = mail -bind = yes -bind_dn = {{ key "secrets/email/postfix/ldap_binddn" | trimSpace }} -bind_pw = {{ key "secrets/email/postfix/ldap_bindpwd" | trimSpace }} -version = 3 diff --git a/consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl b/consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl deleted file mode 100644 index e013953..0000000 --- a/consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl +++ /dev/null @@ -1,12 +0,0 @@ -bind = yes -bind_dn = {{ key "secrets/email/postfix/ldap_binddn" | trimSpace }} -bind_pw = {{ key "secrets/email/postfix/ldap_bindpwd" | trimSpace }} -version = 3 -timeout = 20 -start_tls = no -tls_require_cert = no -server_host = ldap://bottin2.service.2.cluster.deuxfleurs.fr -scope = sub -search_base = ou=domains,ou=groups,dc=deuxfleurs,dc=fr -query_filter = (&(objectclass=dNSDomain)(domain=%s)) -result_attribute = domain diff --git a/consul/configuration/email/postfix/main.cf b/consul/configuration/email/postfix/main.cf deleted file mode 100644 index 4204cb4..0000000 --- a/consul/configuration/email/postfix/main.cf +++ /dev/null @@ -1,104 +0,0 @@ -#=== -# Base configuration -#=== -myhostname = smtp.deuxfleurs.fr -alias_maps = hash:/etc/aliases -alias_database = hash:/etc/aliases -myorigin = /etc/mailname -mydestination = smtp.deuxfleurs.fr -mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24 -mailbox_size_limit = 0 -recipient_delimiter = + -inet_protocols = all -inet_interfaces = all -message_size_limit = 204800000 -smtpd_banner = $myhostname -biff = no -append_dot_mydomain = no -readme_directory = no -compatibility_level = 2 - -#=== -# TLS parameters -#=== -smtpd_tls_cert_file=/etc/ssl/certs/postfix.crt -smtpd_tls_key_file=/etc/ssl/private/postfix.key -smtpd_use_tls=yes -smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache -smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache -#smtp_tls_policy_maps = hash:/etc/postfix/tls_policy -smtp_tls_security_level = may - -#=== -# Remove privacy related content from emails -#=== -mime_header_checks = regexp:/etc/postfix/header_checks -header_checks = regexp:/etc/postfix/header_checks - -#=== -# Handle user authentication (handled by dovecot) -#=== -smtpd_sasl_auth_enable = yes -smtpd_sasl_path = inet:dovecot-auth.service.2.cluster.deuxfleurs.fr:1337 -smtpd_sasl_type = dovecot - -#=== -# Restrictions / Checks -#=== -# -- Inspired by: http://www.postfix.org/SMTPD_ACCESS_README.html#lists - -# Require a valid HELO -smtpd_helo_required = yes -# As we use the same postfix to send and receive, -# we can't enforce a valid HELO hostname... -#smtpd_helo_restrictions = -# reject_unknown_helo_hostname - -# Require that sender email has a valid domain -smtpd_sender_restrictions = - reject_unknown_sender_domain - -# Delivering email policy -# MyNetwork is required by sogo -smtpd_recipient_restrictions = - permit_sasl_authenticated - permit_mynetworks - reject_unauth_destination - reject_rbl_client zen.spamhaus.org - reject_rhsbl_reverse_client dbl.spamhaus.org - reject_rhsbl_helo dbl.spamhaus.org - reject_rhsbl_sender dbl.spamhaus.org - -# Sending email policy -# MyNetwork is required by sogo -smtpd_relay_restrictions = - permit_sasl_authenticated - permit_mynetworks - reject_unauth_destination - -smtpd_data_restrictions = reject_unauth_pipelining - -smtpd_client_connection_rate_limit = 2 - -#=== -# Rate limiting -#=== -slow_destination_recipient_limit = 20 -slow_destination_concurrency_limit = 2 - -#==== -# Transport configuration -#==== -transport_maps = hash:/etc/postfix/transport -virtual_mailbox_domains = ldap:/etc/postfix/ldap-virtual-domains.cf -virtual_mailbox_maps = ldap:/etc/postfix/ldap-account.cf -virtual_alias_maps = ldap:/etc/postfix/ldap-alias.cf -virtual_transport = lmtp:dovecot-lmtp.service.2.cluster.deuxfleurs.fr:24 - -#=== -# Mail filters -#=== -milter_default_action = accept -milter_protocol = 6 -smtpd_milters = inet:opendkim.service.2.cluster.deuxfleurs.fr:8999 -non_smtpd_milters = inet:opendkim.service.2.cluster.deuxfleurs.fr:8999 diff --git a/consul/configuration/email/postfix/master.cf b/consul/configuration/email/postfix/master.cf deleted file mode 100644 index 53bc601..0000000 --- a/consul/configuration/email/postfix/master.cf +++ /dev/null @@ -1,114 +0,0 @@ -# -# Postfix master process configuration file. For details on the format -# of the file, see the master(5) manual page (command: "man 5 master"). -# -# Do not forget to execute "postfix reload" after editing this file. -# -# ========================================================================== -# service type private unpriv chroot wakeup maxproc command + args -# (yes) (yes) (yes) (never) (100) -# ========================================================================== -smtp inet n - n - - smtpd -submission inet n - n - - smtpd - -o smtpd_tls_security_level=encrypt - -o smtpd_sasl_auth_enable=yes - -o smtpd_client_restrictions=permit_sasl_authenticated,reject - -o milter_macro_daemon_name=ORIGINATING -smtps inet n - n - - smtpd - -o smtpd_tls_wrappermode=yes - -o smtpd_sasl_auth_enable=yes - -o smtpd_client_restrictions=permit_sasl_authenticated,reject - -o milter_macro_daemon_name=ORIGINATING -slow unix - - n - 5 smtp - -o syslog_name=postfix-slow - -o smtp_destination_concurrency_limit=3 - -o slow_destination_rate_delay=1 - - -#628 inet n - - - - qmqpd -pickup fifo n - n 60 1 pickup -cleanup unix n - n - 0 cleanup -qmgr fifo n - n 300 1 qmgr -#qmgr fifo n - - 300 1 oqmgr -tlsmgr unix - - n 1000? 1 tlsmgr -rewrite unix - - n - - trivial-rewrite -bounce unix - - n - 0 bounce -defer unix - - n - 0 bounce -trace unix - - n - 0 bounce -verify unix - - n - 1 verify -flush unix n - n 1000? 0 flush -proxymap unix - - n - - proxymap -proxywrite unix - - n - 1 proxymap -# When relaying mail as backup MX, disable fallback_relay to avoid MX loops -smtp unix - - n - - smtp -# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 -relay unix - - n - - smtp - -o smtp_fallback_relay= -showq unix n - n - - showq -error unix - - n - - error -retry unix - - n - - error -discard unix - - n - - discard -local unix - n n - - local -virtual unix - n n - - virtual -lmtp unix - - n - - lmtp -anvil unix - - n - 1 anvil -# -# ==================================================================== -# Interfaces to non-Postfix software. Be sure to examine the manual -# pages of the non-Postfix software to find out what options it wants. -# -# Many of the following services use the Postfix pipe(8) delivery -# agent. See the pipe(8) man page for information about ${recipient} -# and other message envelope options. -# ==================================================================== -# -# maildrop. See the Postfix MAILDROP_README file for details. -# Also specify in main.cf: maildrop_destination_recipient_limit=1 -# -scache unix - - n - 1 scache -maildrop unix - n n - - pipe - flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} -# -# ==================================================================== -# -# Recent Cyrus versions can use the existing "lmtp" master.cf entry. -# -# Specify in cyrus.conf: -# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 -# -# Specify in main.cf one or more of the following: -# mailbox_transport = lmtp:inet:localhost -# virtual_transport = lmtp:inet:localhost -# -# ==================================================================== -# -# Cyrus 2.1.5 (Amos Gouaux) -# Also specify in main.cf: cyrus_destination_recipient_limit=1 -# -#cyrus unix - n n - - pipe -# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} -# -# ==================================================================== -# Old example of delivery via Cyrus. -# -#old-cyrus unix - n n - - pipe -# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} -# -# ==================================================================== -# -# See the Postfix UUCP_README file for configuration details. -# -uucp unix - n n - - pipe - flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) -# -# Other external delivery methods. -# -ifmail unix - n n - - pipe - flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) -bsmtp unix - n n - - pipe - flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient -scalemail-backend unix - n n - 2 pipe - flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} -mailman unix - n n - - pipe - flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py - ${nexthop} ${user} diff --git a/consul/configuration/email/postfix/transport b/consul/configuration/email/postfix/transport deleted file mode 100644 index 68f62c5..0000000 --- a/consul/configuration/email/postfix/transport +++ /dev/null @@ -1,5 +0,0 @@ -#wanadoo.com slow: -#wanadoo.fr slow: -#orange.com slow: -#orange.fr slow: -#smtp.orange.fr slow: diff --git a/consul/configuration/email/postfix/transport.db b/consul/configuration/email/postfix/transport.db Binary files differdeleted file mode 100644 index 487f394..0000000 --- a/consul/configuration/email/postfix/transport.db +++ /dev/null |