Add more Postfix configuration files

diff --git a/test-vagrant-salt/salt/testvm/postfix/aliases b/test-vagrant-salt/salt/testvm/postfix/aliases
index 23b4e5e..0f98505 100644 (file)
--- a/test-vagrant-salt/salt/testvm/postfix/aliases
+++ b/test-vagrant-salt/salt/testvm/postfix/aliases
@@ -59,13 +59,6 @@ web:            www-data
 webmestre:      web
 webmaster:      web
 
-# newsletter :
-
 # Newsletter
 info+newsletter:    otrs.platal+newsletter
 info+nlp:           otrs.platal+newsletter
-
-# bounces of the NL
-retour-nl:          /var/mail/retour-nl
-#info+newsletter:   retour-nl@mx1.polytechnique.org
-#info+nlp:          retour-nl@mx1.polytechnique.org

diff --git a/test-vagrant-salt/salt/testvm/postfix/helo_access.regexp b/test-vagrant-salt/salt/testvm/postfix/helo_access.regexp
new file mode 100644 (file)
index 0000000..2303d33
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/helo_access.regexp
@@ -0,0 +1 @@
+/^\[[[:digit:]\.]*\]$/          WARN Literal IP in HELO hostnames not allowed here, please check your configuration

diff --git a/test-vagrant-salt/salt/testvm/postfix/init.sls b/test-vagrant-salt/salt/testvm/postfix/init.sls
index 209a1e4..6aa618a 100644 (file)
--- a/test-vagrant-salt/salt/testvm/postfix/init.sls
+++ b/test-vagrant-salt/salt/testvm/postfix/init.sls
@@ -8,7 +8,9 @@ no-other-mta:
 
 postfix-pkg:
   pkg.installed:
-    - name: postfix
+    - pkgs:
+      - postfix
+      - postfix-mysql
     - require:
       - pkg: no-other-mta
 
@@ -28,7 +30,7 @@ postfix-daemon:
       - pkg: postfix-pkg
 
 # Simple file copy, with jinja templates
-{% for file in 'main.cf', 'master.cf', 'conversion_underscore.regex' %}
+{% for file in 'main.cf', 'master.cf', 'conversion_underscore.regex', 'helo_access.regexp' %}
 /etc/postfix/{{ file }}:
   file.managed:
     - source: salt://testvm/postfix/{{ file }}
@@ -52,7 +54,7 @@ postfix-daemon:
       - file: /etc/postfix/aliases
 
 # Compile files with postmap
-{% for file in 'client_access', 'helo_access' %}
+{% for file in 'client_access', 'helo_access', 'recipient_access', 'renamed_lists', 'tls_policy', 'transport', 'transport-testvm' %}
 /etc/postfix/{{ file }}:
   file.managed:
     - source: salt://testvm/postfix/{{ file }}

diff --git a/test-vagrant-salt/salt/testvm/postfix/mailman-reecriture.regex b/test-vagrant-salt/salt/testvm/postfix/mailman-reecriture.regex
new file mode 100644 (file)
index 0000000..5a4b5e5
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/mailman-reecriture.regex
@@ -0,0 +1 @@
+/^(.*)_([^+]*)@listes.polytechnique.org$/  ${2}@${1}

diff --git a/test-vagrant-salt/salt/testvm/postfix/mailman-transport.regex b/test-vagrant-salt/salt/testvm/postfix/mailman-transport.regex
new file mode 100644 (file)
index 0000000..e332cf6
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/mailman-transport.regex
@@ -0,0 +1,4 @@
+/^.*\+post@listes.polytechnique.org$/        pipemm:
+/^.*\+admin@listes.polytechnique.org$/       pipemm:
+/^.*\+owner@listes.polytechnique.org$/       pipemm:
+/^.*\+bounces@listes.polytechnique.org$/     pipemm:

diff --git a/test-vagrant-salt/salt/testvm/postfix/mailman.regex b/test-vagrant-salt/salt/testvm/postfix/mailman.regex
new file mode 100644 (file)
index 0000000..37fc20d
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/mailman.regex
@@ -0,0 +1 @@
+/^(postmaster|root|abuse)@listes\.polytechnique\.org$/          $1@polytechnique.org

diff --git a/test-vagrant-salt/salt/testvm/postfix/recipient_access b/test-vagrant-salt/salt/testvm/postfix/recipient_access
new file mode 100644 (file)
index 0000000..440a66b
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/recipient_access
@@ -0,0 +1,6 @@
+postmaster@testvm.example.com           OK
+support@testvm.example.com              OK
+abuse@testvm.example.com                OK
+
+imap.polytechnique.org                 REJECT forbidden from outside
+hruid.polytechnique.org                REJECT forbidden from outside

diff --git a/test-vagrant-salt/salt/testvm/postfix/renamed_lists b/test-vagrant-salt/salt/testvm/postfix/renamed_lists
new file mode 100644 (file)
index 0000000..672dbd8
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/renamed_lists
@@ -0,0 +1,2 @@
+tech-email     infra@staff.example.com
+bureau         bureau@staff.example.com

diff --git a/test-vagrant-salt/salt/testvm/postfix/tls_policy b/test-vagrant-salt/salt/testvm/postfix/tls_policy
new file mode 100644 (file)
index 0000000..bcc5766
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/tls_policy
@@ -0,0 +1,4 @@
+# This file defines for which destinations or [hostname] we use TLS (or not)
+{% for mx_name in pillar['postfix']['all_mx'].keys() %}
+[{{ mx_name }}.polytechnique.org]        secure
+{% endfor %}

diff --git a/test-vagrant-salt/salt/testvm/postfix/transport b/test-vagrant-salt/salt/testvm/postfix/transport
new file mode 100644 (file)
index 0000000..738fff9
--- /dev/null
+++ b/test-vagrant-salt/salt/testvm/postfix/transport
@@ -0,0 +1,6 @@
+# Uncomment this to always defer this transport, until "mailq -q" or "sendmail -q" (see qmgr(8) and defer_transports)
+# After the queue has been flushed, deferred:[xxxx[:NN]] acts like smtp:[xxxx[:NN]]
+# imap.polytechnique.org          deferred:[imap.polytechnique.org]
+
+g.polytechnique.org                    localsmtp:[127.0.0.1]:20000
+bounces.m4x.org                        discard:"Bad or no SRS mail to @bounces.m4x.org"

diff --git a/test-vagrant-salt/salt/testvm/postfix/transport-testvm b/test-vagrant-salt/salt/testvm/postfix/transport-testvm
new file mode 100644 (file)
index 0000000..e69de29