---
- name: define Postfix virtual mailbox domain mapping
  template: src=mysql-virtual-mailbox-domains.cf.j2 dest=/etc/postfix/mysql-virtual-mailbox-domains.cf
  notify: restart postfix
- name: tell Postfix to use the virtual mailbox domain mapping
  command: postconf virtual_mailbox_domains=mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf

- name: define Postfix virtual mailbox mapping
  template: src=mysql-virtual-mailbox-maps.cf.j2 dest=/etc/postfix/mysql-virtual-mailbox-maps.cf
  notify: restart postfix
- name: tell Postfix to use the virtual mailbox mapping
  command: postconf virtual_mailbox_maps=mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf

- name: define Postfix virtual alias mapping
  template: src=mysql-virtual-alias-maps.cf.j2 dest=/etc/postfix/mysql-virtual-alias-maps.cf
  notify: restart postfix
- name: tell Postfix to use the virtual alias mapping
  command: postconf virtual_alias_maps=mysql:/etc/postfix/mysql-virtual-alias-maps.cf

- name: define Postfix email-to-email mapping (required for catchall domains)
  template: src=mysql-email2email.cf.j2 dest=/etc/postfix/mysql-email2email.cf
  notify: restart postfix
- name: tell Postfix to use the email-to-email mapping
  command: postconf virtual_alias_maps=mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf

- name: Restricting access to database mapping files that contain a password
  file: path=/etc/postfix/mysql-{{item}}.cf mode=0640
  with_items:
  - virtual-mailbox-domains
  - virtual-mailbox-maps
  - virtual-alias-maps

- name: Make Postfix use LMTP to send emails to Dovecot
  command: postconf virtual_transport=lmtp:unix:private/dovecot-lmtp

- name: Restricting delivery to Dovecot to one email at a time
  command: postconf dovecot_destination_recipient_limit=1

- name: Setting SMTP authentication type to dovecot
  command: postconf smtpd_sasl_type=dovecot

- name: Setting SMTP authentication path/socket
  command: postconf smtpd_sasl_path=private/auth

- name: Enabling SMTP authentication
  command: postconf smtpd_sasl_auth_enable=yes

- name: Setting SMTP encryption security level
  command: postconf smtpd_tls_security_level=may

- name: Setting SMTP encryption security level
  command: postconf smtpd_tls_security_level=may

- name: Enforce SMTP encryption
  command: postconf smtpd_tls_auth_only=yes

- name: Set TLS encryption certificate
  command: postconf smtpd_tls_cert_file=/etc/ssl/certs/mailserver.pem

- name: Set TLS encryption key
  command: postconf smtpd_tls_key_file=/etc/ssl/private/mailserver.pem

# - name: Enabling Spamassassin milter
#   command: postconf smtpd_milters=unix:/spamass/spamass.sock

# - name: Configuring Spamassassin milter
#   command: postconf milter_connect_macros="i j {daemon_name} v {if_name} _"

# - name: Setting spamd options
#   copy: src=etc-default-spamassassin dest=/etc/default/spamassassin
#   notify: restart spamassassin

# - name: Adding user spamass-milter to debian-spamd group
#   user: name=spamass-milter groups=debian-spamd
#   notify: restart spamassassin

# - name: Enabling spamd at startup
#   command: systemctl enable spamassassin

- name: Allow emails up to 40 MB large
  command: postconf message_size_limit=41943040

- name: Make Postfix listen on all interfaces
  command: postconf inet_interfaces=all