container/postfix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tls config in main.cf

Browse Source
This commit is contained in:
Sebastian Hugentobler 2016-07-08 09:58:07 +02:00
parent 057c9e3b6d
commit 6bc0fd1a62
3 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
rootfs/etc/confd/templates/main.cf.tmpl
View File

@ -28,7 +28,7 @@ smtpd_milters =
inet:{{getenv "SPAMASSASSINHOST"}}:{{getenv "SPAMASSASSINPORT"}} inet:{{getenv "SPAMASSASSINHOST"}}:{{getenv "SPAMASSASSINPORT"}}
non_smtpd_milters = $smtpd_milters non_smtpd_milters = $smtpd_milters
milter_default_action = accept milter_default_action = accept
milter_connect_macros = "i j {daemon_name} v {if_name} _" #milter_connect_macros = "i j {daemon_name} v {if_name} _"
message_size_limit = {{getenv "MESSAGESIZELIMIT"}} message_size_limit = {{getenv "MESSAGESIZELIMIT"}}
sender_dependent_default_transport_maps = hash:/etc/postfix/sender-transport sender_dependent_default_transport_maps = hash:/etc/postfix/sender-transport
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
@ -38,3 +38,11 @@ tls_preempt_cipherlist = yes
smtpd_tls_mandatory_ciphers = {{getenv "TLSMANDATORYCIPHERS"}} smtpd_tls_mandatory_ciphers = {{getenv "TLSMANDATORYCIPHERS"}}
smtpd_tls_ciphers = {{getenv "TLSCIPHERS"}} smtpd_tls_ciphers = {{getenv "TLSCIPHERS"}}
smtpd_tls_mandatory_exclude_ciphers = {{getenv "TLSMANDATORYEXCLUDECIPHERS"}} smtpd_tls_mandatory_exclude_ciphers = {{getenv "TLSMANDATORYEXCLUDECIPHERS"}}
smtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
smtp_tls_ciphers = $smtpd_tls_ciphers
lmtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
lmtp_tls_ciphers = $smtpd_tls_ciphers
smtputf8_enable = no
biff = no
smtpd_tls_key_file=/etc/ssl/mail/privkey.pem
smtpd_tls_cert_file=/etc/ssl/mail/fullchain.pem

6
rootfs/etc/confd/templates/master.cf.tmpl
View File

@ -1,8 +1,6 @@
smtp inet n - - - - smtpd smtp inet n - - - - smtpd
-o syslog_name=postfix/smtp -o syslog_name=postfix/smtp
-o myhostname={{getenv "MYDOMAIN"}} -o myhostname={{getenv "MYDOMAIN"}}
-o smtpd_tls_key_file=/etc/ssl/mail/privkey.pem
-o smtpd_tls_cert_file=/etc/ssl/mail/fullchain.pem
{{getenv "MYDOMAIN"}}-out unix - - - - - smtp {{getenv "MYDOMAIN"}}-out unix - - - - - smtp
-o smtp_helo_name={{getenv "MYHOSTNAME"}} -o smtp_helo_name={{getenv "MYHOSTNAME"}}
@ -15,14 +13,10 @@ submission inet n - - - - smtpd
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination -o smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination
-o milter_macro_daemon_name=ORIGINATING -o milter_macro_daemon_name=ORIGINATING
-o smtpd_tls_key_file=/etc/ssl/mail/privkey.pem
-o smtpd_tls_cert_file=/etc/ssl/mail/fullchain.pem
smtp inet n - n - - smtpd
pickup unix n - n 60 1 pickup pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce bounce unix - - n - 0 bounce