{{ ansible_managed | comment }} myhostname = {{ postfix__hostname }} smtpd_banner = $myhostname ESMTP biff = no # appending .domain is the MUA's job. append_dot_mydomain = no #delay_warning_time = 4h compatibility_level = 3.6 virtual_alias_maps = texthash:/etc/postfix/virtual virtual_mailbox_domains = {{ postfix__virtual_mailbox_domains | join(" ") }} virtual_mailbox_maps = texthash:/etc/postfix/vmailbox virtual_transport = lmtp:unix:private/dovecot-lmtp smtpd_sender_login_maps = $virtual_mailbox_maps, $virtual_alias_maps #smtpd_sasl_type = dovecot #smtpd_sasl_path = private/auth alias_maps = # TODO peut-ĂȘtre #smtpd_helo_required = yes #strict_rfc821_envelopes = yes # TLS parameters smtp_tls_CApath = /etc/ssl/certs smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_security_level = may # M2M smtpd_client_restrictions = permit smtpd_helo_restrictions = permit smtpd_recipient_restrictions = reject_unverified_recipient, permit smtpd_relay_restrictions = reject_unauth_destination, permit smtpd_sender_restrictions = permit # MUA mua_client_restrictions = permit_sasl_authenticated, reject mua_helo_restrictions = permit # TODO match envelope mua_recipient_restrictions = reject_authenticated_sender_login_mismatch, permit_sasl_authenticated, reject mua_reject_unlisted_sender = yes mua_reject_unlisted_recipient = no mua_relay_restrictions = permit mua_sasl_local_domain = {{ postfix__sasl_local_domain }} mua_sender_restrictions = permit # TODO mails depuis *@infra.auro.re + localhost #smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination #mailbox_size_limit = 0 recipient_delimiter = {{ postfix__recipient_delimiter }} inet_interfaces = all inet_protocols = all default_destination_rate_delay = {{ postfix__destination_rate_delay }} smtp_destination_concurrency_limit = {{ postfix__destination_concurrency_limit }} smtp_destination_recipient_limit = {{ postfix__destination_recipient_limit }}