From 4c7c2a269d7ccc2f727ec9f2ea033f3cbe1ff9b6 Mon Sep 17 00:00:00 2001 From: Alexander Weidinger Date: Fri, 8 Dec 2017 13:20:01 +0100 Subject: [PATCH] master.cf: made submission configurable --- pillar.example | 5 +++++ postfix/files/master.cf | 19 +++++++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/pillar.example b/pillar.example index 6199c41..9733ba2 100644 --- a/pillar.example +++ b/pillar.example @@ -2,6 +2,11 @@ postfix: manage_master_config: True master_config: enable_submission: False + # To replace the defaults use this: + submission: + smtpd_tls_security_level: encrypt + smtpd_sasl_auth_enable: yes + smtpd_client_restrictions: permit_sasl_authenticated,reject enable_service: True diff --git a/postfix/files/master.cf b/postfix/files/master.cf index c993a80..39d7615 100644 --- a/postfix/files/master.cf +++ b/postfix/files/master.cf @@ -1,4 +1,13 @@ +{%- macro set_option(parameter, value) -%} + {%- if value is number or value is string -%} +-o {{ parameter }}={{ value }} + {%- elif value is iterable -%} +-o {{ parameter }}={{ value | join(', ')}} + {%- endif -%} +{%- endmacro -%} + {% set master_config = salt['pillar.get']('postfix:master_config', {}) -%} + # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master" or @@ -15,11 +24,17 @@ smtp inet n - n - - smtpd #smtpd pass - - n - - smtpd #dnsblog unix - - n - 0 dnsblog #tlsproxy unix - - n - 0 tlsproxy -{% if master_config.get('enable_submission', False) %} +{%- if master_config.get('enable_submission', False) %} submission inet n - n - - smtpd +{%- if master_config.get('submission', False) -%} +{% for parameter, value in master_config.get('submission', {}).items() %} + {{ set_option(parameter, value) }} +{%- endfor -%} +{% else %} # -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes +{% endif %} # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions @@ -27,7 +42,7 @@ submission inet n - n - - smtpd # -o smtpd_recipient_restrictions= # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING -{% endif %} +{% endif -%} #smtps inet n - n - - smtpd # -o syslog_name=postfix/smtps # -o smtpd_tls_wrappermode=yes