flyingscorpio/self-hosting
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

[mailserver_postfix] Enable submissions (465 without STARTTLS)

Browse source
This commit is contained in:
Tunui Franken 2025-02-01 20:59:14 +01:00
parent 27433263e7
commit e822e40945
6 changed files with 19 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
roles/mailserver_postfix/files/nftables/input.d/smtp-submission.conf
View file

@ -1 +0,0 @@
tcp dport {25, 587} accept comment "Allow SMTP/submission from all"

1
roles/mailserver_postfix/files/nftables/output.d/smtp-submission.conf
View file

@ -1 +0,0 @@
tcp dport {25, 587} accept comment "Allow SMTP/submission to all"

4
roles/mailserver_postfix/tasks/main.yml
View file

@ -52,8 +52,8 @@
- name: Allow incoming and outgoing SMTP/submission - name: Allow incoming and outgoing SMTP/submission
become: true become: true
ansible.builtin.copy: ansible.builtin.template:
src: "nftables/{{ item }}.d/smtp-submission.conf" src: "nftables/{{ item }}.d/smtp-submission.conf.j2"
dest: "/etc/nftables/{{ item }}.d/smtp-submission.conf" dest: "/etc/nftables/{{ item }}.d/smtp-submission.conf"
mode: 0640 mode: 0640
notify: Reload nftables service notify: Reload nftables service

11
roles/mailserver_postfix/templates/master.cf.j2
View file

@ -27,6 +27,17 @@ submission inet n - y - - smtpd
-o smtpd_relay_restrictions= -o smtpd_relay_restrictions=
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING -o milter_macro_daemon_name=ORIGINATING
submissions inet n - y - - smtpd
-o syslog_name=postfix/submissions
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=permit_mynetworks,reject_sender_login_mismatch,permit_sasl_authenticated,reject
-o smtpd_relay_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
#628 inet n - y - - qmqpd #628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup cleanup unix n - y - 0 cleanup

3
roles/mailserver_postfix/templates/nftables/input.d/smtp-submission.conf.j2 Normal file
View file

@ -0,0 +1,3 @@
# {{ ansible_managed }}
tcp dport {25, 465, 587} accept comment "Allow SMTP/submission from all"

3
roles/mailserver_postfix/templates/nftables/output.d/smtp-submission.conf.j2 Normal file
View file

@ -0,0 +1,3 @@
# {{ ansible_managed }}
tcp dport {25, 465, 587} accept comment "Allow SMTP/submission to all"