add sasl-protected mail relay configuration

Oefenweb / ansible-postfix

Ansible role to set up postfix in Debian-like systems

MIT License

174 stars 83 forks source link

add sasl-protected mail relay configuration #3

Closed caboteria closed 10 years ago

caboteria commented 10 years ago

Hi, thanks for this playbook. I added the ability to configure a node to relay all mail over an sasl-protected connection. Hope it's useful.

tersmitten commented 10 years ago

Thanks for the contribution!

md5 commented 9 years ago

Given that the permissions for main.cf are set to 0644, this change makes it so that anyone who can log into the machine can read the SASL credentials.

@tersmitten Would you rather see a patch that changes the permissions on main.cf to be 0600 or one that uses smtp_sasl_password_maps and puts the password into its own /etc/postfix/sasl_passwd file that has 0600 permissions?

tersmitten commented 9 years ago

@md5 I like the smtp_sasl_password_maps approach better

md5 commented 9 years ago

Check out #10