Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement/configuration options #100

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Enhancement/configuration options #100

wants to merge 6 commits into from

Conversation

agimenez
Copy link
Contributor

Hi @tersmitten, this is a branch where I've been doing some work to add further options that I have in my personal mail server. The main changes are the following:

  • Manage master.cf as a template. This is a potentially breaking change, but there are some options that need to be set here (like enabling postscreen or the submission service, part of this patch series too). I'm open to add any additional guards (like a configuration boolean to enable the "take over" of this file), but I wanted this to be as simple as possible, and based on a Debian default configuration file.
  • Add configuration to enable postscreen on port 25. The postscreen service provides additional protection against spam for SMTP service on port 25. Enabling this boolean will configure postscreen as well as some other services. A new configuration variable has been added to add DNSBL servers for postscreen.
  • Add submission service. According to the RFC, port 25 should be only used by servers, and users should submit mail using the submission service (587).
  • Add Dovecot SASL integration to enable client authentication using Dovecot SASL
  • Add SPF policy agent so we can make SPF checks on incoming mail. Note that the policy agent configuration itself is not handled with this role, only the integration with Postfix, so that should be handled otherwise (I found https://github.com/mbocquet/spf, which I don't use -yet-, but it may be interesting to add some reference).

@agimenez
Manage master.cf as a template
0d86b29 
Import default master.cf file to be able to configure it using vars

Signed-off-by: L. Alberto Giménez <agimenez@sysvalve.es>
@agimenez
Add option to enable postscreen(8) on port 25
31edf29 
`postscreen(8)` seems to be able to provide additional protection
against spam. It is intended to be handle the MX service on port 25
(while leaving the submission port to the standard `smtpd(8)` process,
to be used by MUAs).

This follows the basic "turning on" instructions from
http://www.postfix.org/POSTSCREEN_README.html#config, as it also needs
other postfix related services to be enabled.
@agimenez
Add options for DNSBL configuration for postscreen
93f6392 
Signed-off-by: L. Alberto Giménez <agimenez@sysvalve.es>
@agimenez
Add submission service
6bbfa2a 
Enable MUA submission for authenticated mail using TLS. Note that
Postfix doesn't implement authentication, so external implementations
must be used (e.g.: dovecot, cyrus).

Signed-off-by: L. Alberto Giménez <agimenez@sysvalve.es>
@agimenez
Set SASL options for dovecot backend
7f94e41 
Signed-off-by: L. Alberto Giménez <agimenez@sysvalve.es>
@agimenez
Add SPF policy agent
a32cef6 
Add a new boolean variable that will install and configure a SPF policy
agent for Postfix.
@agimenez
Copy link
Contributor Author

agimenez commented Oct 1, 2020

Hi @tersmitten it seems that postfix is not starting in the tests, but the travis logs don't have any information. Is there any way to get the logs or the output of journalctl to troubleshoot?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@agimenez