crans_bcfg2/Python/etc/postfix/master.cf

# -*- mode: python; coding: utf-8 -*-

include("ip")

header("Fichier de configuration des démons de postfix.")

@# +------------------------+
@# | Utils pour le template |
@# +------------------------+

# Indique si c'est un MX principal ou secondaire.
main = has("mail-mx-main")
secondary = has("mail-mx-secondary")
# Indique si c'est un MX public, par exemple le serveur
# des adherents est utilise uniquement en interne
public = has("mail-mx-public")

# Si vrai alors delivre localement les mails des adherents.
users = has("users")

tracker = has("tracker")

pub = pubip()
adm = admip()
loc = "127.0.0.1"
if has("titanic"):
    ext = "82.225.39.54"

@# Postfix master process configuration file.  Each line describes how
@# a mailer component program should be run. The fields that make up
@# each line are described below. A "-" field value requests that a
@# default value be used for that field.
@#
@# Service: any name that is valid for the specified transport type
@# (the next field).  With INET transports, a service is specified as
@# host:port.  The host part (and colon) may be omitted. Either host
@# or port may be given in symbolic form or in numeric form. Examples
@# for the SMTP server:  localhost:smtp receives mail via the loopback
@# interface only; 10025 receives mail on port 10025.
@#
@# Transport type: "inet" for Internet sockets, "unix" for UNIX-domain
@# sockets, "fifo" for named pipes.
@#
@# Private: whether or not access is restricted to the mail system.
@# Default is private service.  Internet (inet) sockets can't be private.
@#
@# Unprivileged: whether the service runs with root privileges or as
@# the owner of the Postfix system (the owner name is controlled by the
@# mail_owner configuration variable in the main.cf file).
@#
@# Chroot: whether or not the service runs chrooted to the mail queue
@# directory (pathname is controlled by the queue_directory configuration
@# variable in the main.cf file). Presently, all Postfix daemons can run
@# chrooted, except for the pipe, virtual and local delivery daemons.
@# The files in the examples/chroot-setup subdirectory describe how
@# to set up a Postfix chroot environment for your type of machine.
@#
@# Wakeup time: automatically wake up the named service after the
@# specified number of seconds. A ? at the end of the wakeup time
@# field requests that wake up events be sent only to services that
@# are actually being used.  Specify 0 for no wakeup. Presently, only
@# the pickup, queue manager and flush daemons need a wakeup timer.
@#
@# Max procs: the maximum number of processes that may execute this
@# service simultaneously. Default is to use a globally configurable
@# limit (the default_process_limit configuration parameter in main.cf).
@# Specify 0 for no process count limit.
@#
@# Command + args: the command to be executed. The command name is
@# relative to the Postfix program directory (pathname is controlled by
@# the program_directory configuration variable). Adding one or more
@# -v options turns on verbose logging for that service; adding a -D
@# option enables symbolic debugging (see the debugger_command variable
@# in the main.cf configuration file). See individual command man pages
@# for specific command-line options, if any.
@#
@# In order to use the "uucp" message tranport below, set up entries
@# in the transport table.
@#
@# In order to use the "cyrus" message transport below, configure it
@# in main.cf as the mailbox_transport.
@#
@# SPECIFY ONLY PROGRAMS THAT ARE WRITTEN TO RUN AS POSTFIX DAEMONS.
@# ALL DAEMONS SPECIFIED HERE MUST SPEAK A POSTFIX-INTERNAL PROTOCOL.
@#
@# DO NOT CHANGE THE ZERO PROCESS LIMIT FOR CLEANUP/BOUNCE/DEFER OR
@# POSTFIX WILL BECOME STUCK UP UNDER HEAVY LOAD
@#
@# DO NOT CHANGE THE ONE PROCESS LIMIT FOR PICKUP/QMGR OR POSTFIX WILL
@# DELIVER MAIL MULTIPLE TIMES.
@#
@# DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES.
@#
@# ==========================================================================
@# service type	private	unpriv	chroot	wakeup	maxproc	command + args
@# 		(yes)	(yes)	(yes)	(never)	(50)
@# ==========================================================================
if main or secondary:
    @smtp      inet  n       -       -       -       1       postscreen
    @smtpd     pass  -       -       -       -       -       smtpd
else:
    @smtp      inet  n       -       -       -       -       smtpd
if tracker:
    @  -o receive_override_options=no_address_mappings
if main or secondary:
    @dnsblog   unix  -       -       -       -       0       dnsblog
if main:
    @submission inet n       -       -       -       -       smtpd
    @  -o smtpd_tls_security_level=encrypt
    @  -o smtpd_sasl_auth_enable=yes
    @  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    @  -o milter_macro_daemon_name=ORIGINATING
    @smtps     inet  n       -       -       -       -       smtpd
    @  -o smtpd_tls_wrappermode=yes
    @  -o smtpd_sasl_auth_enable=yes
    @  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    if not public:
        @  -o content_filter=lmtp:[amavis.adm.crans.org]:10024
@#628	  inet	n	-	-	-	-	qmqpd
@pickup   fifo	n	-	-	60	1	pickup
@cleanup  unix	n	-	-	-	0	cleanup
@qmgr     fifo	n	-	-	300	1	qmgr
#qmgr	  fifo	n	-	-	300	1	nqmgr
@rewrite	  unix	-	-	-	-	-	trivial-rewrite
@bounce	  unix	-	-	-	-	0	bounce
@defer	  unix	-	-	-	-	0	bounce
@trace	  unix	-	-	-	-	0	bounce
@verify	  unix	-	-	-	-	1	verify
@flush	  unix	n	-	-	1000?	0	flush
@proxymap unix	-	-	n	-	-	proxymap
@smtp	  unix	-	-	-	-	-	smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
@relay     unix  -       -       -       -       -       smtp
if main:
    @  -o fallback_relay=
@showq     unix	n	-	-	-	-	showq
@error     unix	-	-	-	-	-	error
@retry     unix  -       -       -       -       -       error
@discard   unix  -       -       -       -       -       discard
@local	  unix	-	n	n	-	-	local
@virtual	  unix	-	n	n	-	-	virtual
@lmtp	  unix	-	-	n	-	5	lmtp
@anvil     unix  -       -       -       -       1       anvil
@scache	  unix	-	-	-	-	1	scache
@slow      unix  -   -   n   -   1   smtp
@#
@# Interfaces to non-Postfix software. Be sure to examine the manual
@# pages of the non-Postfix software to find out what options it wants.
@# The Cyrus deliver program has changed incompatibly.
@#
@cyrus	  unix	-	n	n	-	-	pipe
@  flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m $${extension} $${user}
if has("news"):
    @corbeau    unix  -       n       n       -       -       pipe
    @user=respbats:adm argv=/usr/scripts/corbeau
@uucp	  unix	-	n	n	-	-	pipe
@  flags=Fqhu user=uucp argv=uux -r -n -z -a$$sender - $$nexthop!rmail ($$recipient)
@ifmail    unix  -       n       n       -       -       pipe
@  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $$nexthop ($$recipient)
@bsmtp     unix  -       n       n       -       -       pipe
@  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$$nexthop -f$$sender $$recipient
@scalemail-backend unix	-	n	n	-	2	pipe
@  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store $${nexthop} $${user} $${extension}

@# only used by postfix-tls
@tlsmgr    unix  -       -       n       300     1       tlsmgr