Initial commit

postfix/nullclient/etc/mailname

+{{ grains['id'] }}

postfix/nullclient/etc/postfix/main.cf

+{% set minion_id = grains['id'] %}
+# Set compatibility level
+compatibility_level = 2
+
+myorigin = /etc/mailname
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_use_tls=yes
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+myhostname = {{ minion_id }}
+
+# Forward everything to the OTRS queue
+alias_maps = static:web-rootmails@hs-hannover.de
+alias_database =
+local_recipient_maps = unix:passwd.byname
+
+mydestination = {{ minion_id }}, localhost
+relayhost = smtp.hs-hannover.de
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_command = procmail -a "$EXTENSION"
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = 127.0.0.1
+
+# Allow local rewriting for (local user) sender addresses
+sender_canonical_maps = hash:/etc/postfix/sender_canonical_maps
+
+# Add origin headers to outbound mail
+smtp_header_checks=regexp:/etc/postfix/smtp_header_checks
+
+# Use long queue ids on all machines
+enable_long_queue_ids = yes
+
+# Disable smtputf8 support since exchange does not support it
+smtputf8_enable = no
+

postfix/nullclient/etc/postfix/smtp_header_checks

+### THIS FILE IS MANAGED BY SALT STATE `postfix.nullclient`!
+### YOUR CHANGES WILL BE OVERWRITTEN!
+
+# Add X-HSH-Origin header with minion id
+/^Date/				PREPEND X-HSH-Origin: {{ grains['id'] }}
+

postfix/nullclient/init.sls

+{% if grains['os'] in ('Debian', 'Ubuntu') %}
+hsh_exim_not_present:
+  pkg.removed:
+    - name: [exim4, exim4-base, exim4-config, exim4-daemon-light]
+
+hsh_postfix_installed:
+  pkg.installed:
+    - name: postfix
+    - require:
+      - pkg: hsh_exim_not_present
+
+hsh_postfix_configuration:
+  file.managed:
+    - name: /etc/postfix/main.cf
+    - source: salt://postfix/nullclient/etc/postfix/main.cf
+    - template: jinja
+    - require:
+      - pkg: hsh_postfix_installed
+
+# hack for ubuntu
+hsh_postfix_mailname:
+  file.managed:
+    - name: /etc/mailname
+    - source: salt://postfix/nullclient/etc/mailname
+    - template: jinja
+    - require:
+      - pkg: hsh_postfix_installed
+
+hsh_postfix_smtp_header_checks:
+  file.managed:
+    - name: /etc/postfix/smtp_header_checks
+    - source: salt://postfix/nullclient/etc/postfix/smtp_header_checks
+    - template: jinja
+    - require:
+      - pkg: hsh_postfix_installed
+
+hsh_postfix_sender_canonical_exists:
+  file.managed:
+    - name: /etc/postfix/sender_canonical_maps
+    - require:
+      - pkg: hsh_postfix_installed
+
+hsh_postfix_postmap_sender_canonical:
+  cmd.run:
+    - name: postmap /etc/postfix/sender_canonical_maps
+    - require:
+      - file: hsh_postfix_sender_canonical_exists
+
+hsh_postfix_service_running:
+  service.running:
+    - name: postfix
+    - reload: True
+    - enable: True
+    - watch:
+      - file: hsh_postfix_configuration
+      - file: hsh_postfix_smtp_header_checks
+    - require:
+      - file: hsh_postfix_configuration
+      - pkg: hsh_postfix_installed
+      - file: hsh_postfix_sender_canonical_exists
+      - cmd: hsh_postfix_postmap_sender_canonical
+      - file: hsh_postfix_smtp_header_checks
+{% endif %}
+