# {{ ansible_managed }}
compatibility_level = 2

queue_directory = /var/spool/postfix

command_directory = /usr/bin
daemon_directory = /usr/lib/postfix/bin
data_directory = /var/lib/postfix

mail_owner = postfix

myhostname = {{mail_domain}}
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost

mynetworks_style = host

# TODO-verify
relay_domains = $mydestination

# Defaults
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps

# Optionale Delimitier
recipient_delimiter = +

home_mailbox = Maildir/

mail_spool_directory = /var/mail

# Defaults
debug_peer_level = 2
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 ddd $daemon_directory/$process_name $process_id & sleep 5


sendmail_path = /usr/bin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = /usr/share/doc/postfix
#ipv4 only -> "all" for both (später)
inet_protocols = all
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix




virtual_alias_maps = proxy:pgsql:/etc/postfix/virtual_alias_maps.cf
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/virtual_mailbox_maps.cf
#TODO Create Folder
virtual_mailbox_base = {{mail_homedir}}/
virtual_mailbox_limit = 512000000
virtual_minimum_uid = 5000
virtual_transport = dovecot
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
# Eine Mail zurzeit an Dovecot übergeben (Mehrere Empfänger)
dovecot_destination_recipient_limit = 1
local_transport = dovecot
local_recipient_maps = $virtual_mailbox_maps
transport_maps = hash:/etc/postfix/transport

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
smtpd_sender_login_maps = proxy:pgsql:/etc/postfix/virtual_sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_sender_login_mismatch, permit_sasl_authenticated
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_received_header = yes
smtpd_tls_cert_file = {{mail_ssl_public}}
smtpd_tls_key_file = {{mail_ssl_private}}
smtpd_sasl_local_domain = $mydomain
broken_sasl_auth_clients = yes
smtpd_tls_loglevel = 1