diff options
| author | Malfurious <m@lfurio.us> | 2024-06-10 07:48:11 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2024-06-10 07:48:11 -0400 |
| commit | 4348ca29fb05e12a5308e48c908b00dc1fc83d0f (patch) | |
| tree | f325451724a0836bdc22526d452c5dc03355a96c /postfix | |
| parent | 62f01b6347a8125c071ce1d79a2e0b7725576f56 (diff) | |
| download | mailnode-4348ca29fb05e12a5308e48c908b00dc1fc83d0f.tar.gz mailnode-4348ca29fb05e12a5308e48c908b00dc1fc83d0f.zip | |
postfix: Don't chroot subprograms
Sending mail to an external server previously fails due to name
resolution error. ("Host or domain name not found. Name service error
for name=xxxxxxxxxx type=A: Host not found, try again")
The reason this was happening is because the relay process runs in a
chroot jail and can not access the docker container's resolve.conf file.
Given the system is containerized, which is like a chroot on steroids,
I'm comfortable disabling chrooting for mail processes to work around
this.
Signed-off-by: Malfurious <m@lfurio.us>
Diffstat (limited to 'postfix')
| -rw-r--r-- | postfix/master.cf | 50 |
1 files changed, 25 insertions, 25 deletions
diff --git a/postfix/master.cf b/postfix/master.cf index 0105387..d29c474 100644 --- a/postfix/master.cf +++ b/postfix/master.cf @@ -9,12 +9,12 @@ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) # ========================================================================== -smtp inet n - y - - smtpd -#smtp inet n - y - 1 postscreen -#smtpd pass - - y - - smtpd -#dnsblog unix - - y - 0 dnsblog -#tlsproxy unix - - y - 0 tlsproxy -submissions inet n - y - - smtpd +smtp inet n - n - - smtpd +#smtp inet n - n - 1 postscreen +#smtpd pass - - n - - smtpd +#dnsblog unix - - n - 0 dnsblog +#tlsproxy unix - - n - 0 tlsproxy +submissions inet n - n - - smtpd -o syslog_name=postfix/submissions -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes @@ -25,33 +25,33 @@ submissions inet n - y - - smtpd # -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -#628 inet n - y - - qmqpd -pickup unix n - y 60 1 pickup -cleanup unix n - y - 0 cleanup +#628 inet n - n - - qmqpd +pickup unix n - n 60 1 pickup +cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr #qmgr unix n - n 300 1 oqmgr -tlsmgr unix - - y 1000? 1 tlsmgr -rewrite unix - - y - - trivial-rewrite -bounce unix - - y - 0 bounce -defer unix - - y - 0 bounce -trace unix - - y - 0 bounce -verify unix - - y - 1 verify -flush unix n - y 1000? 0 flush +tlsmgr unix - - n 1000? 1 tlsmgr +rewrite unix - - n - - trivial-rewrite +bounce unix - - n - 0 bounce +defer unix - - n - 0 bounce +trace unix - - n - 0 bounce +verify unix - - n - 1 verify +flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap -smtp unix - - y - - smtp -relay unix - - y - - smtp +smtp unix - - n - - smtp +relay unix - - n - - smtp -o syslog_name=postfix/$service_name # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 -showq unix n - y - - showq -error unix - - y - - error -retry unix - - y - - error -discard unix - - y - - discard +showq unix n - n - - showq +error unix - - n - - error +retry unix - - n - - error +discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual -lmtp unix - - y - - lmtp -anvil unix - - y - 1 anvil -scache unix - - y - 1 scache +lmtp unix - - n - - lmtp +anvil unix - - n - 1 anvil +scache unix - - n - 1 scache postlog unix-dgram n - n - 1 postlogd # # ==================================================================== |