diff --git a/templates/etc/opendkim.conf.j2 b/templates/etc/opendkim.conf.j2 index 376dfcf..990a7d6 100644 --- a/templates/etc/opendkim.conf.j2 +++ b/templates/etc/opendkim.conf.j2 @@ -36,7 +36,7 @@ AutoRestartRate 10/1h ## Specifies the path to the process ID file. {% if ansible_os_family == "RedHat" and ansible_distribution_major_version == '7' %} PidFile /var/run/opendkim/opendkim.pid -{% elif ansible_os_family == "RedHat" and ansible_distribution_major_version >= '8' %} +{% elif ansible_os_family == "RedHat" and ansible_distribution_major_version == '8' %} PidFile /run/opendkim/opendkim.pid {% endif %} @@ -60,7 +60,6 @@ LogWhy yes UserID opendkim:opendkim ## Create a socket through which your MTA can communicate. -#Socket local:/run/opendkim/opendkim.sock Socket inet:8891@localhost ## Required to use local socket with MTAs that access the socket as a non- diff --git a/templates/etc/postfix/main.cf.j2 b/templates/etc/postfix/main.cf.j2 index 7d25b53..4e7ef1c 100644 --- a/templates/etc/postfix/main.cf.j2 +++ b/templates/etc/postfix/main.cf.j2 @@ -810,6 +810,7 @@ milter_protocol = 2 # SASL smtpd_sasl_auth_enable = yes +broken_sasl_auth_clients = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_authenticated_header = yes @@ -831,7 +832,7 @@ smtpd_tls_CAfile = /etc/lego/certificates/{{ postfix_myhostname }}.issuer.crt {% endif %} smtpd_tls_loglevel = 1 smtpd_tls_session_cache_timeout = 3600s -#smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache +smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache smtpd_use_tls=yes smtpd_tls_auth_only = yes smtpd_tls_mandatory_ciphers=high @@ -847,7 +848,7 @@ smtp_tls_cert_file = /etc/lego/certificates/{{ postfix_myhostname }}.crt smtp_tls_CAfile = /etc/lego/certificates/{{ postfix_myhostname }}.issuer.crt smtp_tls_loglevel = 1 smtp_tls_session_cache_timeout = 3600s -#smtp_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache +smtp_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache smtp_use_tls=yes smtp_tls_mandatory_ciphers=high smtp_tls_protocols = !SSLv2, !SSLv3