upgrade tf providers; do not reset all defaults in postfix; enable spoof protection [ci skip]

2024-01-01 21:23:06 +00:00 · 2024-01-01 21:23:06 +00:00 · 46fc529ee1
commit 46fc529ee1
parent e781fdc64b
3 changed files with 77 additions and 59 deletions
--- a/modules/kubernetes/mailserver/variables.tf
+++ b/modules/kubernetes/mailserver/variables.tf
@ -1,5 +1,18 @@
+# this is appended and merged to the main postfix.cf
+# see defaults - https://github.com/docker-mailserver/docker-mailserver/blob/master/target/postfix/main.cf
 variable "postfix_cf" {
  default = <<EOT
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
+smtp_sasl_security_options = noanonymous
+smtp_sasl_tls_security_options = noanonymous
+smtp_tls_security_level = encrypt
+header_size_limit = 4096000
+relayhost = [smtp.sendgrid.net]:587
+EOT
+}
+variable "postfix_cf_reference_DO_NOT_USE" {
+  default = <<EOT
 # See /usr/share/postfix/main.cf.dist for a commented, more complete version

 smtpd_banner = $myhostname ESMTP $mail_name (Debian)