[pfx] Looking For Advice/Guidance

Sat, 09 Sep 2023 01:25:19 -0700 

Hi All,
I'm looking for some advice / guidance / help / whatever in making sure that I'm setting up my postfix installation correctly. I've gone through various on-line tutorials and read just about all of the postfix doco, but I'm still unsure / confused about exactly how to set a couple of settings. 

I have a rather complex (network) setup which is what's throwing me "off".

***The Network***

Four domains:

 * example.local
 * example.net
 * example.com
 * example.org

Lots of servers:

 * mail.example.local
 * sql.example.local (mariadb)
 * haproxy.example.local
 * dns.example.local (plus externally facing dns servers)
 * ca.example.local
 * www.example.local
 * others(.example.local)

Notes:

 * I'm using a split-dns setup
 * example.net, .com, and .org are all Internet via their own dns server(s)
 * haproxy.example.local is a bastion host in the dmz and (almost) all
   traffic flows through it
 * haproxy.example.local proxies www.example.net, mail.example.net,
   etc, etc, etc
 * all servers apart from mail.example.local are null-client postfix
   boxes (for internal alerts, etc)
 * mail.example.local uses sql.example.local for virtual domains,
   mailboxes, etc
 * I run an interal pki (ca.example.net) and all servers have x.509
   certificates
 * haproxy.example.local runs certbot to obtain Let's Encrypt wildcard
   certs for example.net, .com, and .org, and these three certs are
   also (securely) transferred automatically upon renewal to
   mail.example.local
 * mail.example.local also has a wildcard cert for example.local (from
   our internal pki)
 * I am using virtual domains, virtual mailboxes, etc
 * Mail from example.local does not go out to the Internet
 * Mail to example.local is not received from the Internet
 * Mail from example.net, .com, & .org does go out to the Internet
 * Mail to example.net, .com, & .org is received from the Internet
 * I've set up sni for each domain's wildcard cert

***My Questions***

In the mail.example.local's postfix main.cf file:

1. Should mydomin be set to example.local or one of the external facing
   domains?
2. Should myorigin be set to example.local or one of the external
   facing domains?
3. Have I missed anything obvious to anyone?

Thanks in advance for the help

Cheers

Dulux-Oz




_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org






















					Reply via email to