Update to Postfix 3.7 and local sockets for milters

templates/Fedora/38/etc/postfix/main.cf

@@ -2,6 +2,10 @@
 # of all parameters. For the syntax, and for a complete parameter
 # list, see the postconf(5) manual page (command: "man 5 postconf").
 #
+# TIP: use the command "postconf -n" to view main.cf parameter
+# settings, "postconf parametername" to view a specific parameter,
+# and "postconf 'parametername=value'" to set a specific parameter.
+#
 # For common configuration examples, see BASIC_CONFIGURATION_README
 # and STANDARD_CONFIGURATION_README. To find these documents, use
 # the command "postconf html_directory readme_directory", or go to
@@ -27,7 +31,7 @@
 #
 # The level below is what should be used with new (not upgrade) installs.
 #
-compatibility_level = 3.6
+compatibility_level = 3.7
 
 # SOFT BOUNCE
 #
@@ -251,11 +255,14 @@ unknown_local_recipient_reject_code = 550
 # You can specify the list of "trusted" network addresses by hand
 # or you can let Postfix do it for you (which is the default).
 #
-# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
-# clients in the same IP subnetworks as the local machine.
-# On Linux, this works correctly only with interfaces specified
-# with the "ifconfig" command.
+# By default (mynetworks_style = host), Postfix "trusts" only
+# the local machine.
 # 
+# Specify "mynetworks_style = subnet" when Postfix should "trust"
+# SMTP clients in the same IP subnetworks as the local machine.
+# On Linux, this works correctly only with interfaces specified
+# with the "ifconfig" or "ip" command.
+#
 # Specify "mynetworks_style = class" when Postfix should "trust" SMTP
 # clients in the same IP class A/B/C networks as the local machine.
 # Don't do this with a dialup site - it would cause Postfix to "trust"
@@ -285,14 +292,16 @@ unknown_local_recipient_reject_code = 550
 #mynetworks = hash:/etc/postfix/network_table
 
 # The relay_domains parameter restricts what destinations this system will
-# relay mail to.  See the smtpd_recipient_restrictions description in
-# postconf(5) for detailed information.
+# relay mail to.  See the smtpd_relay_restrictions and
+# smtpd_recipient_restrictions descriptions in  postconf(5) for detailed
+# information.
 #
 # By default, Postfix relays mail
-# - from "trusted" clients (IP address matches $mynetworks) to any destination,
+# - from "trusted" clients (IP address matches $mynetworks, or is
+#   SASL authenticated) to any destination,
 # - from "untrusted" clients to destinations that match $relay_domains or
 #   subdomains thereof, except addresses with sender-specified routing.
-# The default relay_domains value is $mydestination.
+# The default relay_domains value is empty.
 # 
 # In addition to the above, the Postfix SMTP server by default accepts mail
 # that Postfix is final destination for:
@@ -312,7 +321,7 @@ unknown_local_recipient_reject_code = 550
 # list this system as their primary or backup MX host. See the
 # permit_mx_backup restriction description in postconf(5).
 #
-#relay_domains = $mydestination
+#relay_domains = 
 
 # INTERNET OR INTRANET
 
@@ -744,9 +753,9 @@ shlib_directory = /usr/lib64/postfix
 {% if ensure_postfix.milter_list is defined and ensure_postfix.milter_list is iterable %}
 # The Milter List
 {% for milter in ensure_postfix.milter_list %}
-# -- {{ milter.description }} -- {{ milter.protocol }}:{{ milter.hostname }}:{{ milter.port }}
+# -- {{ milter.description }} -- {{ milter.protocol }}:{{ milter.destination }}
 {% endfor %}
-smtpd_milters = {% for milter in ensure_postfix.milter_list %} {{ milter.protocol }}:{{ milter.hostname }}:{{ milter.port }} {% endfor %}
+smtpd_milters = {% for milter in ensure_postfix.milter_list %} {{ milter.protocol }}:{{ milter.destination }} {% endfor %}
 {% endif %}
 
 {% if postfix_domains is defined and postfix_domains is iterable %}
@@ -763,4 +772,3 @@ message_size_limit = {{ postfix_message_size_limit }}
 smtpd_helo_restrictions = reject_unknown_helo_hostname
 smtpd_client_restrictions = reject_unknown_reverse_client_hostname reject_unauth_pipelining
 smtpd_discard_ehlo_keywords = silent-discard, dsn
-