Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 22. Configuring Postfix MTA by using RHEL system roles
With the postfix
RHEL system role, you can consistently streamline automated configurations of the Postfix service, a Sendmail-compatible mail transfer agent (MTA) with modular design and a variety of configuration options. The rhel-system-roles
package contains this RHEL system role, and also the reference documentation.
22.1. Using the postfix
RHEL system role to automate basic Postfix MTA administration
You can install, configure and start the Postfix Mail Transfer Agent on the managed nodes by using the postfix
RHEL system role.
Prerequisites
- You have prepared the control node and the managed nodes.
- You are logged in to the control node as a user who can run playbooks on the managed nodes.
-
The account you use to connect to the managed nodes has
sudo
permissions on them.
Procedure
Create a playbook file, for example
~/playbook.yml
, with the following content:--- - name: Manage postfix hosts: managed-node-01.example.com roles: - rhel-system-roles.postfix vars: postfix_conf: relay_domains: $mydestination relayhost: example.com
If you want Postfix to use a different hostname than the fully-qualified domain name (FQDN) that is returned by the
gethostname()
function, add themyhostname
parameter under thepostfix_conf:
line in the file:myhostname = smtp.example.com
If the domain name differs from the domain name in the
myhostname
parameter, add themydomain
parameter. Otherwise, the$myhostname
minus the first component is used.mydomain = <example.com>
Use
postfix_manage_firewall: true
variable to ensure that the SMTP port is open in the firewall on the servers.Manage the SMTP related ports,
25/tcp
,465/tcp
, and587/tcp
. If the variable is set tofalse
, thepostfix
role does not manage the firewall. The default isfalse
.NoteThe
postfix_manage_firewall
variable is limited to adding ports. It cannot be used for removing ports. If you want to remove ports, use thefirewall
RHEL system role directly.If your scenario involves using non-standard ports, set the
postfix_manage_selinux: true
variable to ensure that the port is properly labeled for SELinux on the servers.NoteThe
postfix_manage_selinux
variable is limited to adding rules to the SELinux policy. It cannot remove rules from the policy. If you want to remove rules, use theselinux
RHEL system role directly.
Validate the playbook syntax:
$ ansible-playbook --syntax-check ~/playbook.yml
Note that this command only validates the syntax and does not protect against a wrong but valid configuration.
Run the playbook:
$ ansible-playbook ~/playbook.yml
Additional resources
-
/usr/share/ansible/roles/rhel-system-roles.postfix/README.md
file -
/usr/share/doc/rhel-system-roles/postfix/
directory