Add SRS support with postsrsd
This commit is contained in:
Julian Rother
parent
64aade5949
commit
1e105b4da7
5 changed files with 93 additions and 1 deletions
|
|
@ -154,5 +154,11 @@ non_smtpd_milters = {{ ' '.join(postfix.non_smtpd_milters) }}
|
|||
# passwords or other confidential information
|
||||
notify_classes =
|
||||
|
||||
recipient_canonical_maps = {{ postfix.recipient_canonical_maps }}
|
||||
{% if postfix.srs.enable %}
|
||||
sender_canonical_maps = tcp:localhost:10001
|
||||
sender_canonical_classes = envelope_sender
|
||||
{% endif %}
|
||||
|
||||
recipient_canonical_maps = {{ postfix.recipient_canonical_maps }}{% if postfix.srs.enable %} tcp:127.0.0.1:10002{% endif %}
|
||||
|
||||
local_header_rewrite_clients = {{ postfix.local_header_rewrite_clients }}
|
||||
|
|
|
|||
62
templates/postsrsd.j2
Normal file
62
templates/postsrsd.j2
Normal file
|
|
@ -0,0 +1,62 @@
|
|||
# Default settings for PostSRSd
|
||||
|
||||
# Local domain name.
|
||||
# Addresses are rewritten to originate from this domain. The default value
|
||||
# is taken from `postconf -h mydomain` and probably okay.
|
||||
#
|
||||
SRS_DOMAIN={{ postfix.srs.domain }}
|
||||
|
||||
# Exclude additional domains.
|
||||
# You may list domains which shall not be subjected to address rewriting.
|
||||
# If a domain name starts with a dot, it matches all subdomains, but not
|
||||
# the domain itself. Separate multiple domains by space or comma.
|
||||
#
|
||||
SRS_EXCLUDE_DOMAINS={{ postfix.srs.exclude_domains|join(',') }}
|
||||
|
||||
# First separator character after SRS0 or SRS1.
|
||||
# Can be one of: -+=
|
||||
SRS_SEPARATOR==
|
||||
|
||||
# Secret key to sign rewritten addresses.
|
||||
# When postsrsd is installed for the first time, a random secret is generated
|
||||
# and stored in /etc/postsrsd.secret. For most installations, that's just fine.
|
||||
#
|
||||
SRS_SECRET=/etc/postsrsd.secret
|
||||
|
||||
# Length of hash to be used in rewritten addresses
|
||||
SRS_HASHLENGTH=4
|
||||
|
||||
# Minimum length of hash to accept when validating return addresses.
|
||||
# When increasing SRS_HASHLENGTH, set this to its previous value and
|
||||
# wait for the duration of SRS return address validity (21 days) before
|
||||
# increading this value as well.
|
||||
SRS_HASHMIN=4
|
||||
|
||||
# Local ports for TCP list.
|
||||
# These ports are used to bind the TCP list for postfix. If you change
|
||||
# these, you have to modify the postfix settings accordingly. The ports
|
||||
# are bound to the loopback interface, and should never be exposed on
|
||||
# the internet.
|
||||
#
|
||||
SRS_FORWARD_PORT=10001
|
||||
SRS_REVERSE_PORT=10002
|
||||
|
||||
# Drop root privileges and run as another user after initialization.
|
||||
# This is highly recommended as postsrsd handles untrusted input.
|
||||
#
|
||||
RUN_AS=postsrsd
|
||||
|
||||
# Bind to this address
|
||||
#
|
||||
SRS_LISTEN_ADDR=127.0.0.1
|
||||
|
||||
# Jail daemon in chroot environment
|
||||
#
|
||||
CHROOT=/var/lib/postsrsd
|
||||
|
||||
# Additional Options
|
||||
# PostSRSd understands a few rarely needed extra options:
|
||||
# -A always rewrite email addresses, even from SRS_DOMAIN
|
||||
# -t<n> set connection timeout to <n> seconds (default: 1800)
|
||||
#
|
||||
#SRS_EXTRA_OPTIONS=-A
|
||||
Loading…
Add table
Add a link
Reference in a new issue