diff options
| author | EuAndreh <eu@euandre.org> | 2023-03-17 15:06:19 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2023-03-17 15:25:29 -0300 |
| commit | 4dadf12bb8613a610bfd1b6b044cd6b5b4ec8ed3 (patch) | |
| tree | 0777ec11876fe1567ac25389fafb9dcd81350067 /tests/internet/etc/postfix | |
| parent | queue.scm: Fix positional argument of dkimproxyout config file (diff) | |
| download | package-repository-4dadf12bb8613a610bfd1b6b044cd6b5b4ec8ed3.tar.gz package-repository-4dadf12bb8613a610bfd1b6b044cd6b5b4ec8ed3.tar.xz | |
Makefile: Streamline verification of generated config files
Diffstat (limited to 'tests/internet/etc/postfix')
| -rw-r--r-- | tests/internet/etc/postfix/main.cf.in | 36 | ||||
| -rw-r--r-- | tests/internet/etc/postfix/master.cf | 51 |
2 files changed, 87 insertions, 0 deletions
diff --git a/tests/internet/etc/postfix/main.cf.in b/tests/internet/etc/postfix/main.cf.in new file mode 100644 index 0000000..566dbcd --- /dev/null +++ b/tests/internet/etc/postfix/main.cf.in @@ -0,0 +1,36 @@ +compatibility_level = 3.6 + +queue_directory = /var/spool/postfix +data_directory = /var/lib/postfix +mail_owner = postfix +setgid_group = postdrop + +header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGNORE } } + +mail_spool_directory = /var/mail/ + +myhostname = @HOSTNAME@ + +smtpd_use_tls = yes +smtpd_tls_cert_file = /etc/letsencrypt/live/@HOSTNAME@/fullchain.pem +smtpd_tls_key_file = /etc/letsencrypt/live/@HOSTNAME@/privkey.pem +smtp_use_tls = $smtpd_use_tls +smtp_tls_cert_file = $smtpd_tls_cert_file +smtp_tls_key_file = $smtpd_tls_key_file + +smtp_tls_security_level = may + +recipient_delimiter = + + +smtpd_sasl_tls_security_options = noanonymous +smtpd_tls_security_level = may +smtpd_tls_auth_only = yes + +smtpd_relay_restrictions = $smtpd_recipient_restrictions +smtpd_recipient_restrictions = permit_mynetworks, + permit_sasl_authenticated, reject_unauth_destination +smtpd_sasl_auth_enable = yes +cyrus_sasl_config_path = /etc/sasl2 +debug_peer_list = 127.0.0.1 + +milter_default_action = accept diff --git a/tests/internet/etc/postfix/master.cf b/tests/internet/etc/postfix/master.cf new file mode 100644 index 0000000..5c25fd9 --- /dev/null +++ b/tests/internet/etc/postfix/master.cf @@ -0,0 +1,51 @@ +# ============================================================================================================ +# service type private unpriv chroot wakeup maxproc command + args +# (yes) (yes) (no) (never) (100) +# ============================================================================================================= + +anvil unix - - n - 1 anvil +bounce unix - - n - 0 bounce +cleanup unix n - n - 0 cleanup +defer unix - - n - 0 bounce +discard unix - - n - - discard +error unix - - n - - error +flush unix n - n 1000? 0 flush +lmtp unix - - n - - lmtp +local unix - n n - - local +pickup unix n - n 60 1 pickup + -o content_filter=dksign:[127.0.0.1]:10027 +proxymap unix - - n - - proxymap +proxywrite unix - - n - 1 proxymap +qmgr unix n - n 300 1 qmgr +relay unix - - n - - smtp +retry unix - - n - - error +rewrite unix - - n - - trivial-rewrite +scache unix - - n - 1 scache +showq unix n - n - - showq +smtp inet n - n - - smtpd -o syslog_name=postfix/smtp +smtp unix - - n - - smtp +tlsmgr unix - - n 1000? 1 tlsmgr +trace unix - - n - 0 bounce +verify unix - - n - 1 verify +virtual unix - n n - - virtual +postlog unix-dgram n - n - 1 postlogd + +submission inet n - n - - smtpd -o syslog_name=postfix/submission + -o smtpd_tls_security_level=encrypt + -o content_filter=dksign:[127.0.0.1]:10027 + +dksign unix - - n - - smtp + -o syslog_name=postfix/dkimproxyout-listen + -o smtp_send_xforward_command=yes + -o smtp_discard_ehlo_keywords=8bitmime,starttls + +127.0.0.1:10028 inet n - n - - smtpd + -o syslog_name=postfix/dkimproxyout-relay + -o content_filter= + -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks + -o smtpd_helo_restrictions= + -o smtpd_client_restrictions= + -o smtpd_sender_restrictions= + -o smtpd_recipient_restrictions=permit_mynetworks,reject + -o mynetworks=127.0.0.0/8 + -o smtpd_authorized_xforward_hosts=127.0.0.0/8 |