summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Löthberg <johannes@kyriasis.com>2015-05-10 14:03:37 +0200
committerJohannes Löthberg <johannes@kyriasis.com>2015-05-10 14:03:37 +0200
commit953f6a7a8963a2976196e83a4a937c7762b31ab8 (patch)
treee0ddd75f6ca73761b79b977b9454874ecf74fe5e
parentb549e1d88388716bf4f9022fea6ba51604c486dc (diff)
downloadsmtpd-conf-953f6a7a8963a2976196e83a4a937c7762b31ab8.tar.xz
Add smtpd.confs
-rw-r--r--lucifer.kyriasis.com/smtpd.conf70
-rw-r--r--theos.kyriasis.com/smtpd.conf85
2 files changed, 155 insertions, 0 deletions
diff --git a/lucifer.kyriasis.com/smtpd.conf b/lucifer.kyriasis.com/smtpd.conf
new file mode 100644
index 0000000..0553210
--- /dev/null
+++ b/lucifer.kyriasis.com/smtpd.conf
@@ -0,0 +1,70 @@
+##
+# PKI information
+#
+
+pki lucifer.kyriasis.com certificate "/etc/smtpd/certs/lucifer.kyriasis.com.crt"
+pki lucifer.kyriasis.com key "/etc/smtpd/certs/lucifer.kyriasis.com.key"
+pki lucifer.kyriasis.com ca "/etc/smtpd/certs/sub.class1.server.ca.pem"
+
+
+##
+# Listen directives
+#
+
+listen on eth0 port 25 tls pki lucifer.kyriasis.com auth-optional
+listen on eth0 port 587 tls-require pki lucifer.kyriasis.com auth
+listen on eth0 port 465 smtps pki lucifer.kyriasis.com auth
+
+listen on lo port 10029 tag DKIM-OUT
+
+listen on localhost
+
+
+##
+# Tables
+#
+
+# If you edit the file, you have to run "smtpctl update table users"
+table users file:/etc/smtpd/users
+
+
+##
+# Relay for hosts we act as a backup for
+#
+
+accept from any \
+ for domain "theos.kyriasis.com" \
+ relay backup lucifer.kyriasis.com
+
+
+##
+# Incoming
+#
+
+# Handle emails directly to local domain
+accept from any \
+ for domain "lucifer.kyriasis.com" \
+ deliver to mda "/usr/bin/maildrop -d %{user.username}"
+
+# Handle incoming to top-level domains
+accept from any \
+ for domain { kyriasis.com, the-tk.com } \
+ virtual <users> \
+ deliver to mda "/usr/bin/maildrop -d %{user.username}"
+
+# Handle local mail
+accept from local \
+ for local \
+ deliver to mda "/usr/bin/maildrop -d %{user.username}"
+
+
+##
+# Outgoing
+#
+
+accept tagged DKIM-OUT \
+ for any \
+ relay
+
+accept for any \
+ relay via smtp://127.0.0.1:10028
diff --git a/theos.kyriasis.com/smtpd.conf b/theos.kyriasis.com/smtpd.conf
new file mode 100644
index 0000000..baa2d0e
--- /dev/null
+++ b/theos.kyriasis.com/smtpd.conf
@@ -0,0 +1,85 @@
+##
+# PKI information
+#
+
+pki theos.kyriasis.com certificate "/etc/smtpd/certs/chained.pem"
+pki theos.kyriasis.com key "/etc/smtpd/certs/theos.kyriasis.com.key"
+pki theos.kyriasis.com ca "/etc/smtpd/certs/ca.pem"
+
+
+##
+# Listen directives
+#
+
+listen on eth0 port 25 tls pki theos.kyriasis.com auth-optional
+listen on eth0 port 587 tls-require pki theos.kyriasis.com auth
+listen on eth0 port 465 smtps pki theos.kyriasis.com auth
+
+listen on lo port 10026 tag DKIM-IN
+listen on lo port 10029 tag DKIM-OUT
+
+listen on localhost
+
+
+##
+# Tables
+#
+
+# If you edit the file, you have to run "smtpctl update table users"
+table users file:/etc/smtpd/users
+
+
+##
+# Relay for hosts we act as a backup for
+#
+
+accept from any \
+ for domain "lucifer.kyriasis.com" \
+ relay backup theos.kyriasis.com
+
+
+##
+# Incoming
+#
+
+# Handle incoming to mailing-lists
+accept tagged DKIM-IN \
+ from any \
+ for domain "lists.kyriasis.com" virtual { "@lists.kyriasis.com" = lists } \
+ deliver to mda "/usr/local/bin/mlmmj-receive -L /home/lists/spool/%{dest.user:strip}/"
+
+# Handle emails directly to local domain
+accept tagged DKIM-IN \
+ from any \
+ for domain "theos.kyriasis.com" \
+ alias { root = kyrias } \
+ deliver to mda "/usr/bin/maildrop -d %{user.username}"
+
+# Handle incoming to top-level domains
+accept tagged DKIM-IN \
+ from any \
+ for domain { kyriasis.com, the-tk.com } \
+ virtual <users> \
+ deliver to mda "/usr/bin/maildrop -d %{user.username}"
+
+# Handle local mail
+accept from local \
+ for local \
+ deliver to mda "/usr/bin/maildrop -d %{user.username}"
+
+# Relay everything not already accepted through dkimproxy
+accept from any \
+ for domain { kyriasis.com, theos.kyriasis.com, the-tk.com } \
+ relay via smtp://127.0.0.1:10025
+
+
+##
+# Outgoing
+#
+
+accept tagged DKIM-OUT \
+ for any \
+ relay
+
+accept for any \
+ relay via smtp://127.0.0.1:10028