diff options
Diffstat (limited to 'src/org/euandre')
-rw-r--r-- | src/org/euandre/queue.scm | 75 |
1 files changed, 44 insertions, 31 deletions
diff --git a/src/org/euandre/queue.scm b/src/org/euandre/queue.scm index 868ae7b..dd281aa 100644 --- a/src/org/euandre/queue.scm +++ b/src/org/euandre/queue.scm @@ -117,6 +117,7 @@ postfix-configuration-postfix postfix-configuration-mail-in-home? + postfix-configuration-enable-submission? postfix-configuration-set-sendmail? postfix-configuration-master.cf-file postfix-configuration-main.cf-file @@ -849,6 +850,7 @@ keyfile ~a/private.key postfix-configuration? (postfix postfix-configuration-postfix (default postfix)) (mail-in-home? postfix-configuration-mail-in-home? (default #f)) + (enable-submission? postfix-configuration-enable-submission? (default #f)) (set-sendmail? postfix-configuration-set-sendmail? (default #t)) (master.cf-file postfix-configuration-master.cf-file (default #f)) (main.cf-file postfix-configuration-main.cf-file (default #f)) @@ -869,18 +871,47 @@ keyfile ~a/private.key (container-namespaces postfix-configuration-container-namespaces (default (srfi-1:fold delq container:%namespaces '(net)))) (extra-mappings postfix-configuration-extra-mappings (default '()))) + + +(define submission-config " +submission inet n - n - - smtpd -o syslog_name=postfix/submission + -o smtpd_tls_security_level=encrypt + -o content_filter=dksign:[127.0.0.1]:10027") + +(define dksign-filter " + -o content_filter=dksign:[127.0.0.1]:10027") + +; FIXME: doesn't work for sendmail -t in localhost +(define dksign-config " + +dksign unix - - n - - smtp + -o syslog_name=postfix/dkimproxyout-listen + -o smtp_send_xforward_command=yes + -o smtp_discard_ehlo_keywords=8bitmime,starttls + +127.0.0.1:10028 inet n - n - - smtpd + -o syslog_name=postfix/dkimproxyout-relay + -o content_filter= + -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks + -o smtpd_helo_restrictions= + -o smtpd_client_restrictions= + -o smtpd_sender_restrictions= + -o smtpd_recipient_restrictions=permit_mynetworks,reject + -o mynetworks=127.0.0.0/8 + -o smtpd_authorized_xforward_hosts=127.0.0.0/8 +") + ; FIXME: hardcoded value of dkimproxy listen and relay +; FIXME: replace 127.0.0.1 with localhost (define (generate-master.cf config) (match-record config <postfix-configuration> - (master.cf-extra) + (enable-submission? master.cf-extra) (format #f - " -# ============================================================================================================ + "# ============================================================================================================ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) # ============================================================================================================= - anvil unix - - n - 1 anvil bounce unix - - n - 0 bounce cleanup unix n - n - 0 cleanup @@ -890,45 +921,26 @@ error unix - - n - - error flush unix n - n 1000? 0 flush lmtp unix - - n - - lmtp local unix - n n - - local -# FIXME: replace 127.0.0.1 with localhost -pickup unix n - n 60 1 pickup - -o content_filter=dksign:[127.0.0.1]:10027 +pickup unix n - n 60 1 pickup~a proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap qmgr unix n - n 300 1 qmgr -relay unix - - n - - smtp -o syslog_name=postfix/relay +relay unix - - n - - smtp retry unix - - n - - error rewrite unix - - n - - trivial-rewrite scache unix - - n - 1 scache showq unix n - n - - showq -smtp inet n - n - - smtpd -o syslog_name=postfix/smtp +smtp inet n - n - - smtpd -v -o syslog_name=postfix/smtp smtp unix - - n - - smtp -submission inet n - n - - smtpd -o syslog_name=postfix/submission - -o smtpd_tls_security_level=encrypt - -o content_filter=dksign:[127.0.0.1]:10027 tlsmgr unix - - n 1000? 1 tlsmgr trace unix - - n - 0 bounce verify unix - - n - 1 verify virtual unix - n n - - virtual postlog unix-dgram n - n - 1 postlogd - -# FIXME: doesn't work for sendmail -t in localhost -dksign unix - - n - - smtp - -o syslog_name=postfix/dkimproxyout-listen - -o smtp_send_xforward_command=yes - -o smtp_discard_ehlo_keywords=8bitmime,starttls -127.0.0.1:10028 inet n - n - - smtpd - -o syslog_name=postfix/dkimproxyout-relay - -o content_filter= - -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks - -o smtpd_helo_restrictions= - -o smtpd_client_restrictions= - -o smtpd_sender_restrictions= - -o smtpd_recipient_restrictions=permit_mynetworks,reject - -o mynetworks=127.0.0.0/8 - -o smtpd_authorized_xforward_hosts=127.0.0.0/8 -~a -" +~a~a~a" + (if enable-submission? dksign-filter "") + (if enable-submission? submission-config "") + (if enable-submission? dksign-config "") master.cf-extra))) (define (cert-for prefix config) @@ -1252,7 +1264,8 @@ max_age: 604800 postfix-certificates) (service-extension cyrus-sasl-service-type postfix-sasl-services)))) - (default-value (postfix-configuration)) + (default-value (postfix-configuration + (enable-submission? #t))) (description " Run the Postfix MTA. |