ansible role for debian buster setting up a mailserver with postfix, rspamd, dovecot and clamav and based on PostgreSQL; journal-postfix is a log parser for postfix; Attention: user and domain administration (in PostgreSQL) is not covered here
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

mail_system.yml 2.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263
  1. # install a complete mail system with
  2. #
  3. # - postfix
  4. # - dovecot
  5. # - clamav (with unofficial signatures)
  6. # - rspamd (integrating clamav)
  7. #
  8. # not included here: list server, roundcube
  9. #
  10. # Please edit the host's config (inventory/host_vars/${hostname}):
  11. # Add a new dictionary 'mailserver':
  12. #
  13. # mailserver:
  14. # postgresql:
  15. # host: 127.0.0.1
  16. # port: 5432
  17. # dbname: mailserver
  18. # username: mailserver
  19. # password: !vault |
  20. # $ANSIBLE_VAULT;1.1;AES256
  21. # XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
  22. # XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
  23. # XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
  24. # XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
  25. # XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
  26. # postfix:
  27. # overwrite_config: no
  28. # reject_sender_login_mismatch: yes
  29. # mynetworks: "10.0.0.0/24 [2a01:XXXX:XXXX:XXXX::]/64"
  30. # verp_marker: rstxyz
  31. # dovecot:
  32. # auth_default_realm: mymaindomain.org
  33. #
  34. # Take care thate the verp_marker only contains [a-z0-9]+ (NO UPPER CASE LETTERS!).
  35. #
  36. # (Use ansible-vault encrypt_string zo encrypt the password.)
  37. #
  38. # TODOs after running this playbook:
  39. #
  40. # Configure mail DNS:
  41. #
  42. # - MX
  43. # - PTR (IPv4 and IPv6)
  44. #
  45. # SPF, DMARC and DKIM DNS records should be created when adding a domain:
  46. #
  47. # - SPF (IN TXT "v=spf1 mx" or more)
  48. # - DMARC (_dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:admin@mymaindomain.org; adkim=s; aspf=s;")
  49. # - DKIM (rspamadm dkim_keygen -d mymaindomain.org -s 20190911 -b 4096;
  50. # get the DNS entry and save the private key
  51. #
  52. # Please open the firewall: open or DNAT tcp ports 25, 143, 587, 4190 to the host (incoming)
  53. #
  54. # Replace the ssl certificates with signed ones.
  55. #
  56. # Users and domains can be added to the PostgreSQL tables;
  57. # code for that is not part of this playbook.
  58. - name: install mail_system
  59. user: root
  60. hosts: mail
  61. roles:
  62. - mail_system