increase max msg limit and reject unknown client hostname [ci skip]

2024-01-01 20:38:09 +00:00 · 2024-01-01 20:38:09 +00:00 · e781fdc64b
commit e781fdc64b
parent 16ae437484
1 changed files with 23 additions and 21 deletions
--- a/modules/kubernetes/mailserver/main.tf
+++ b/modules/kubernetes/mailserver/main.tf
@ -29,21 +29,23 @@ resource "kubernetes_config_map" "mailserver_env_config" {
  }
  data = {
-    DMS_DEBUG           = "0"
+    DMS_DEBUG                              = "0"
-    ENABLE_CLAMAV       = "0"
+    ENABLE_CLAMAV                          = "0"
-    ENABLE_FAIL2BAN     = "0"
+    ENABLE_FAIL2BAN                        = "0"
-    ENABLE_FETCHMAIL    = "0"
+    ENABLE_FETCHMAIL                       = "0"
-    ENABLE_POSTGREY     = "0"
+    ENABLE_POSTGREY                        = "0"
-    ENABLE_SASLAUTHD    = "0"
+    ENABLE_SASLAUTHD                       = "0"
-    ENABLE_SPAMASSASSIN = "0"
+    ENABLE_SPAMASSASSIN                    = "0"
-    ENABLE_SRS          = "1"
+    ENABLE_SRS                             = "1"
-    FETCHMAIL_POLL      = "120"
+    FETCHMAIL_POLL                         = "120"
-    ONE_DIR             = "1"
+    ONE_DIR                                = "1"
-    OVERRIDE_HOSTNAME   = "mail.viktorbarzin.me"
+    OVERRIDE_HOSTNAME                      = "mail.viktorbarzin.me"
-    TLS_LEVEL           = "intermediate"
+    POSTFIX_MESSAGE_SIZE_LIMIT             = 1024 * 1024 * 200 # 200 MB
-    SSL_TYPE            = "manual"
+    POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME = "1"
-    SSL_CERT_PATH       = "/tmp/ssl/tls.crt"
+    TLS_LEVEL                              = "intermediate"
-    SSL_KEY_PATH        = "/tmp/ssl/tls.key"
+    SSL_TYPE                               = "manual"
    SSL_CERT_PATH                          = "/tmp/ssl/tls.crt"
    SSL_KEY_PATH                           = "/tmp/ssl/tls.key"
  }
 }
@ -183,12 +185,12 @@ resource "kubernetes_deployment" "mailserver" {
            sub_path   = "postfix-accounts.cf"
            read_only  = true
          }
-          volume_mount {
+          # volume_mount {
-            name       = "config"
+          #   name       = "config"
-            mount_path = "/tmp/docker-mailserver/postfix-main.cf"
+          #   mount_path = "/tmp/docker-mailserver/postfix-main.cf"
-            sub_path   = "postfix-main.cf"
+          #   sub_path   = "postfix-main.cf"
-            read_only  = true
+          #   read_only  = true
-          }
+          # }
          volume_mount {
            name       = "config"
            mount_path = "/tmp/docker-mailserver/postfix-virtual.cf"