Coder Social home page Coder Social logo

ansible-postfix's Introduction

postfix

Build Status Ansible Galaxy

Set up a postfix server in Debian-like systems.

Requirements

None

Variables

  • postfix_install [default: [postfix, mailutils, libsasl2-2, sasl2-bin, libsasl2-modules]]: Packages to install
  • postfix_hostname [default: {{ ansible_fqdn }}]: Host name, used for myhostname and in mydestination
  • postfix_mailname [default: {{ ansible_fqdn }}]: Mail name (in /etc/mailname), used for myorigin
  • postfix_aliases [default: []]: Aliases to ensure present in /etc/aliases
  • postfix_virtual_aliases [default: []]: Virtual aliases to ensure present in /etc/postfix/virtual
  • postfix_sender_canonical_maps [default: []]: Sender address rewriting in /etc/postfix/sender_canonical_maps (see)
  • postfix_generic: [default: []]: Generic table address mapping in /etc/postfix/generic (see)
  • postfix_mydestination [default: ["{{ postfix_hostname }}", 'localdomain', 'localhost', 'localhost.localdomain']]: Specifies what domains this machine will deliver locally, instead of forwarding to another machine
  • postfix_mynetworks [default: ['127.0.0.0/8', '[::ffff:127.0.0.0]/104', '[::1]/128']]: The list of "trusted" remote SMTP clients that have more privileges than "strangers"
  • postfix_inet_interfaces [default: all]: Network interfaces to bind (see)
  • postfix_inet_protocols [default: all]: The Internet protocols Postfix will attempt to use when making or accepting connections (see)
  • postfix_sasl_auth_enable [default: true]: Enable SASL authentication in the SMTP client
  • postfix_relayhost [default: false (no relay host)]: Hostname to relay all email to
  • postfix_relayhost_port [default: 587]: Relay port (on postfix_relayhost, if set)
  • postfix_smtpd_relay_restrictions [optional]: List of access restrictions for mail relay control (see)
  • postfix_sasl_security_options [default: noanonymous]: SMTP client SASL security options
  • postfix_sasl_mechanism_filter [default: '']: SMTP client SASL authentication mechanism filter (see)
  • postfix_relaytls [default: false]: Use TLS when sending with a relay host
  • postfix_smtp_tls_cafile [optional]: A file containing CA certificates of root CAs trusted to sign either remote SMTP server certificates or intermediate CA certificates (e.g. /etc/ssl/certs/ca-certificates.crt)
  • postfix_sasl_user [default: postmaster@{{ ansible_domain }}]: SASL relay username
  • postfix_sasl_password [default: k8+haga4@#pR]: SASL relay password Make sure to change!
  • postfix_smtpd_banner [default: $myhostname ESMTP $mail_name (Ubuntu)]: Greeting banner You MUST specify $myhostname at the start of the text. This is required by the SMTP protocol.
  • postfix_disable_vrfy_command [default: false]: Disable the SMTP VRFY command. This stops some techniques used to harvest email addresses

Dependencies

  • debconf
  • debconf-utils

Example

A simple example that doesn't use SASL relaying:

---
- hosts: all
  roles:
    - postfix
  vars:
    postfix_aliases:
      - user: root
        alias: [email protected]

A simple example with virtual aliases for mail forwarding that doesn't use SASL relaying:

---
- hosts: all
  roles:
    - postfix
  vars:
    postfix_mydestination:
      - "{{ postfix_hostname }}"
      - '$mydomain'
      - localdomain
      - localhost
      - localhost.localdomain
    postfix_virtual_aliases:
      - virtual: [email protected]
        alias: [email protected]
      - virtual: [email protected]
        alias: [email protected], [email protected]

A simple example that rewrites the sender address:

---
- hosts: all
  roles:
    - postfix
  vars:
    postfix_sender_canonical_maps:
      - sender: root
        rewrite: [email protected]

Provide the relay host name if you want to enable relaying:

---
- hosts: all
  roles:
    - postfix
  vars:
    postfix_aliases:
      - user: root
        alias: [email protected]
    postfix_relayhost: mail.yourdomain.org

For AWS SES support:

---
- hosts: all
  roles:
    - postfix
  vars:
    postfix_aliases:
      - user: root
        alias: [email protected]
    postfix_relayhost: email-smtp.us-east-1.amazonaws.com
    postfix_relaytls: true
    # AWS IAM SES credentials (not access key):
    postfix_sasl_user: AKIXXXXXXXXXXXXXXXXX
    postfix_sasl_password: ASDFXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

For MailHog support:

---
- hosts: all
  roles:
    - postfix
  vars:
    postfix_aliases:
      - user: root
        alias: [email protected]
    postfix_relayhost: "{{ ansible_lo['ipv4']['address'] }}"
    postfix_relayhost_port: 1025
    postfix_sasl_auth_enable: false

For Gmail support:

---
- hosts: all
  roles:
    - postfix
  vars:
    postfix_aliases:
      - user: root
        alias: [email protected]
    postfix_relayhost: smtp.gmail.com
    postfix_relaytls: true
    postfix_smtp_tls_cafile: /etc/ssl/certs/ca-certificates.crt
    postfix_sasl_user: 'foo'
    postfix_sasl_password: 'bar'

If you configure your Google account for extra security to use the 2-step verification, then postfix won't send out emails anymore and you might notice error messages in the /var/log/mail.log file

To fix this issue, you need to visit the (Authorizing applications & sites) page under your Google Account settings. On this page page enter the name of the application to be authorized (Postfix) and click on Generate button. Set the postfix_sasl_password variable with the password generated by this page.

License

MIT

Author Information

Mischa ter Smitten

Feedback, bug-reports, requests, ...

Are welcome!

ansible-postfix's People

Contributors

brunoleon avatar caboteria avatar dennisse avatar dsteinkopf avatar ei-grad avatar insanity54 avatar jardleex avatar jblancogl avatar jordiclariana avatar lafarer avatar md5 avatar mugwhump avatar mvdriel avatar oggers avatar p3dda avatar robbwagoner avatar tersmitten avatar tolien avatar

Watchers

avatar

Forkers

jwhb

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.