smtp-relay

SMTP Relay Charm

  • Loïc Gomez
Channel Revision Published Runs on
latest/stable 36 16 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
latest/stable 37 16 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
latest/stable 35 02 Aug 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 5 01 Sep 2022
Ubuntu 22.04 Ubuntu 20.04
juju deploy smtp-relay
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04 20.04

Learn about configurations >

  • additional_smtpd_recipient_restrictions | string

    YAML formatted list of additional smtpd_recipient_restrictions.

    http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions

  • admin_email | string

    Administrator's email address where root@ emails will go.

  • allowed_relay_networks | string

    List of allowed networks to relay without authenticating.

  • append_x_envelope_to | boolean

    Configure Postfix to append X-Envelope-To header consisting of the email address of the recipient, per the envelope.

    This is useful to allow end users filter by destination when they receive emails for multiple individual or shared aliases.

  • connection_limit | int

    Default: 100

    Maximum number of simultaneous SMTP connections allowed.

  • domain | string

    Primary domain for hostname generation, it will be $application-$unit.$domain. Default is '' to use the system FQDN.

  • enable_rate_limits | boolean

    Enable various rate limiting features.

    smtpd_client_auth_rate_limit 8 smtpd_client_connection_rate_limit 8 smtpd_client_new_tls_session_rate_limit 8

  • enable_reject_unknown_recipient_domain | boolean

    Reject mail for when recipient's domain cannot be resolved.

    http://www.postfix.org/postconf.5.html#reject_unknown_recipient_domain

  • enable_reject_unknown_sender_domain | boolean

    Default: True

    Reject mail for when sender's domain cannot be resolved.

    http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain

  • enable_smtp_auth | boolean

    Default: True

    Enable SMTP authentication.

  • enable_spf | boolean

    Enable SPF checking.

  • header_checks | string

    Perform various header checks and action on. See:

    http://www.postfix.org/header_checks.5.html

  • log_retention | int

    Default: 120

    Number of days of mail logs to retain during rotation.

  • message_size_limit | int

    Default: 61440000

    Maximum size of messages allowed (default 60MBytes).

  • nagios_context | string

    Default: juju

    Used by the nrpe subordinate charms. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.

  • nagios_servicegroups | string

    A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup

  • relay_access_sources | string

    Restrict access based on CIDR source per:

    http://www.postfix.org/cidr_table.5.html

  • relay_domains | string

    Optional list of destination domains this system will relay mail to.

    http://www.postfix.org/postconf.5.html#relay_domains

  • relay_host | string

    SMTP relay host (or smart host) to forward mail to.

  • relay_recipient_maps | string

    Optional lookup tables that alias specific mail addresses or domains to other local or remote addresses (use 'MANUAL' to indicate it is managed outside of juju configs).

    Use 'COMBINED' to use both virtual_alias_maps and transport_maps as value for relay_recipient_maps.

    Allows for all configured aliases and transports to be valid recipients for relay_domains.

    http://www.postfix.org/postconf.5.html#relay_recipient_maps

  • restrict_recipients | string

    Access map for restrictions by recipient address or domain (default '' to allow all).

  • restrict_sender_access | string

    Restrict relay only from senders from specified domains, addresses, or hosts (default '' is to allow all).

  • restrict_senders | string

    Access map for restrictions by sender address or domain (default '' to allow all, use 'MANUAL' to indicate it is managed outside of juju configs).

  • sender_login_maps | string

    Restrict sender addresses to authenticated users defined by this map (use 'MANUAL' to indicate it is managed outside of juju configs).

  • smtp_auth_users | string

    List of user and crypt password hashes (use mkpasswd to generate). e.g.

    myuser1:$1$bPb0IPiM$kmrSMZkZvICKKHXu66daQ. myuser2:$6$3rGBbaMbEiGhnGKz$KLGFv8kDTjqa3xeUgA6A1Rie1zGSf3sLT85vF1s59Yj//F36qLB/J8rUfIIndaDtkxeb5iR3gs1uBn9fNyJDD1

  • smtp_header_checks | string

    Perform various header checks and action on. See:

    http://www.postfix.org/header_checks.5.html

    NOTE: You almost always want to use header_checks instead of this.

  • smtpd_forbid_bare_newline | string

    Reject or restrict input lines from an SMTP client that end in <LF> instead of the standard <CR><LF>. Such line endings are commonly allowed with UNIX-based SMTP servers, but they violate RFC 5321, and allowing such line endings can make a server vulnerable to SMTP smuggling.

    As of Postfix 3.9, this defaults to "normalize"; formerly "no".

    http://www.postfix.org/postconf.5.html#smtpd_forbid_bare_newline

  • smtpd_forbid_bare_newline_exclusions | string

    Exclude the specified clients from smtpd_forbid_bare_newline enforcement.

    This defaults to "$mynetworks".

    http://www.postfix.org/postconf.5.html#smtpd_forbid_bare_newline_exclusions

  • smtpd_forbid_bare_newline_reject_code | string

    The numerical Postfix SMTP server response code when rejecting a request with "smtpd_forbid_bare_newline = reject". Specify a 5XX status code (521 to disconnect).

    This defaults to "550".

    http://www.postfix.org/postconf.5.html#smtpd_forbid_bare_newline_reject_code

  • spf_check_maps | string

    Only perform SPF checks for specified domains. Otherwise, perform for all. Be sure to set enable_spf.

  • spf_skip_addresses | string

    Set of comma-separated CIDR addresses to skip SPF checks (whitelist).

  • syslog_forwarders | string

    Set of comma-separated label:addresses to forward mail.* logs to. e.g. myhost:192.0.2.1.

  • tls_ciphers | string

    Default: HIGH

    The minimum TLS cipher grade that the Postfix SMTP server will use with TLS encryption. Cipher types listed in smtpd_tls_exclude_ciphers are excluded from the base definition of the selected cipher grade.

    This only applies to incoming connections to smtpd and not outbound to other MTAs as it may cause deliverability issues.

    http://www.postfix.org/postconf.5.html#smtpd_tls_ciphers

  • tls_exclude_ciphers | string

    Default: aNULL, eNULL, DES, 3DES, MD5, RC4, CAMELLIA

    List of ciphers or cipher types to exclude from the SMTP server cipher list at all TLS security levels. Excluding valid ciphers can create interoperability problems. DO NOT exclude ciphers unless it is essential to do so.

    This only applies to incoming connections to smtpd and not outbound to other MTAs as it may cause deliverability issues.

    http://www.postfix.org/postconf.5.html#smtpd_tls_exclude_ciphers

  • tls_policy_maps | string

    Free-form TLS policy map per:

    http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps

  • tls_protocols | string

    Default: !SSLv2, !SSLv3

    TLS protocols accepted by the Postfix SMTP server with TLS encryption. If the list is empty, the server supports all available TLS protocol versions. A non-empty value is a list of protocol names to include or exclude, separated by whitespace, commas or colons.

    This only applies to incoming connections to smtpd and not outbound to other MTAs as it may cause deliverability issues.

    http://www.postfix.org/postconf.5.html#smtpd_tls_protocols

  • tls_security_level | string

    Default: may

    The SMTP TLS security level for the Postfix SMTP server; when a non-empty value is specified, this overrides the obsolete parameters smtpd_use_tls and smtpd_enforce_tls.

    This only applies to incoming connections to smtpd and not outbound to other MTAs as it may cause deliverability issues.

    http://www.postfix.org/postconf.5.html#smtpd_tls_security_level

  • transport_maps | string

    Optional lookup tables with mappings from recipient address to message delivery transport or next-hop destination (use 'MANUAL' to indicate it is managed outside of juju configs).

    http://www.postfix.org/postconf.5.html#transport_maps

  • virtual_alias_domains | string

    Optional list of domains for which all addresses are aliased to addresses in other local or remote domains.

    http://www.postfix.org/postconf.5.html#virtual_alias_domains

  • virtual_alias_maps | string

    Optional lookup tables that alias specific mail addresses or domains to other local or remote addresses (use 'MANUAL' to indicate it is managed outside of juju configs).

    http://www.postfix.org/postconf.5.html#virtual_alias_maps

  • virtual_alias_maps_type | string

    Default: hash

    Specify the map type used for virtual aliases.

    https://www.postfix.org/DATABASE_README.html#types