Add postfix/.*

postfix/README.md

@@ -0,0 +1,2 @@
+# Postfix
+Easily the only sane choice for a mail transfer agent (unless you want to go wild, and pick up qmail)

postfix/main.cf

@@ -0,0 +1,35 @@
+alias_database = hash:/etc/mail/aliases
+alias_maps = hash:/etc/postfix/aliases
+append_dot_mydomain = no
+biff = no
+broken_sasl_auth_clients = yes
+compatibility_level = 3.6
+cyrus_sasl_config_path = /etc/sasl2
+home_mailbox = Maildir/
+inet_interfaces = all
+inet_protocols = all
+milter_default_action = accept
+mydestination = $myhostname, $mydomain, mail.chaotic.ninja, localhost
+mydomain = chaotic.ninja
+myhostname = mail.chaotic.ninja
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+myorigin = /etc/mailname
+readme_directory = no
+recipient_delimiter = +
+relayhost =
+setgid_group = postdrop
+smtpd_banner = $myhostname ESMTP $mail_name (Arch Linux)
+smtpd_milters = inet:127.0.0.1:11332
+smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, defer_unauth_destination
+smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_local_domain = $myhostname
+smtpd_sasl_security_options = noanonymous
+smtpd_tls_cert_file = /etc/letsencrypt/live/chaotic.ninja/fullchain.pem
+smtpd_tls_exclude_ciphers = aNULL,eNULL,EXPORT,DES,RC4,MD5,PSK,aECDH,EDH-DSS-DES-CBC3-SHA,KRB5-DES,CBC3-SHA
+smtpd_tls_key_file = /etc/letsencrypt/live/chaotic.ninja/privkey.pem
+smtp_tls_CApath = /etc/ssl/certs
+smtp_tls_security_level = may
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+html_directory = no
+mail_owner = postfix