mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-24 07:37:04 +00:00
Add root@primary host alias
This commit is contained in:
parent
f60d0f4f1e
commit
1264fffb4b
@ -524,6 +524,9 @@ def get_required_aliases(env):
|
|||||||
|
|
||||||
# The hostmaster alias is exposed in the DNS SOA for each zone.
|
# The hostmaster alias is exposed in the DNS SOA for each zone.
|
||||||
aliases.add("hostmaster@" + env['PRIMARY_HOSTNAME'])
|
aliases.add("hostmaster@" + env['PRIMARY_HOSTNAME'])
|
||||||
|
|
||||||
|
# Setup root alias
|
||||||
|
aliases.add("root@" + env['PRIMARY_HOSTNAME'])
|
||||||
|
|
||||||
# Get a list of domains we serve mail for, except ones for which the only
|
# Get a list of domains we serve mail for, except ones for which the only
|
||||||
# email on that domain are the required aliases or a catch-all/domain-forwarder.
|
# email on that domain are the required aliases or a catch-all/domain-forwarder.
|
||||||
|
@ -24,4 +24,4 @@ hide_output systemctl restart systemd-journald.service
|
|||||||
# Create forward for root emails
|
# Create forward for root emails
|
||||||
cat > /root/.forward << EOF;
|
cat > /root/.forward << EOF;
|
||||||
administrator@$PRIMARY_HOSTNAME
|
administrator@$PRIMARY_HOSTNAME
|
||||||
EOF
|
EOF
|
||||||
|
@ -137,6 +137,14 @@ tools/editconf.py /etc/postfix/main.cf \
|
|||||||
tls_preempt_cipherlist=no \
|
tls_preempt_cipherlist=no \
|
||||||
smtpd_tls_received_header=yes
|
smtpd_tls_received_header=yes
|
||||||
|
|
||||||
|
# Add block_root_external to block mail send to root@PRIMARY_HOSTNAME. This mail address is only supposed to be used for local
|
||||||
|
# mail delivery (cron etc)
|
||||||
|
cat > /etc/postfix/block_root_external << EOF;
|
||||||
|
root@$PRIMARY_HOSTNAME REJECT
|
||||||
|
EOF
|
||||||
|
|
||||||
|
postmap /etc/postfix/block_root_external
|
||||||
|
|
||||||
# Prevent non-authenticated users from sending mail that requires being
|
# Prevent non-authenticated users from sending mail that requires being
|
||||||
# relayed elsewhere. We don't want to be an "open relay". On outbound
|
# relayed elsewhere. We don't want to be an "open relay". On outbound
|
||||||
# mail, require one of:
|
# mail, require one of:
|
||||||
@ -144,9 +152,10 @@ tools/editconf.py /etc/postfix/main.cf \
|
|||||||
# * `permit_sasl_authenticated`: Authenticated users (i.e. on port 587).
|
# * `permit_sasl_authenticated`: Authenticated users (i.e. on port 587).
|
||||||
# * `permit_mynetworks`: Mail that originates locally.
|
# * `permit_mynetworks`: Mail that originates locally.
|
||||||
# * `reject_unauth_destination`: No one else. (Permits mail whose destination is local and rejects other mail.)
|
# * `reject_unauth_destination`: No one else. (Permits mail whose destination is local and rejects other mail.)
|
||||||
|
# * `block_root_external`: Block mail addressed at root@PRIMARY_HOSTNAME. Root mail is only to receive mails locally send to root.
|
||||||
|
# permit_mynetworks will allow delivery of mail for root originating locally.
|
||||||
tools/editconf.py /etc/postfix/main.cf \
|
tools/editconf.py /etc/postfix/main.cf \
|
||||||
smtpd_relay_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
|
smtpd_relay_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,hash:/etc/postfix/block_root_external
|
||||||
|
|
||||||
|
|
||||||
# ### DANE
|
# ### DANE
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user