feat: self-hosted postfix

docker/postfix/postfix-main.cf

@@ -0,0 +1,50 @@
+# Postfix main configuration for newsletter sending
+# Domain and hostname will be set by entrypoint script
+
+smtpd_banner = $myhostname ESMTP
+biff = no
+append_dot_mydomain = no
+readme_directory = no
+
+# TLS parameters (for outbound connections)
+smtp_tls_security_level = may
+smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+
+# Network settings
+inet_interfaces = all
+inet_protocols = ipv4
+
+# Relay settings (don't relay for others)
+relayhost =
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.16.0.0/12 192.168.0.0/16 10.0.0.0/8
+
+# Message size limit (10MB)
+message_size_limit = 10240000
+
+# Queue settings
+maximal_queue_lifetime = 5d
+bounce_queue_lifetime = 5d
+
+# Security settings
+smtpd_helo_required = yes
+disable_vrfy_command = yes
+
+smtpd_helo_restrictions =
+    permit_mynetworks,
+    reject_invalid_helo_hostname,
+    reject_non_fqdn_helo_hostname,
+    permit
+
+smtpd_recipient_restrictions =
+    permit_mynetworks,
+    reject_unauth_destination,
+    permit
+
+# OpenDKIM integration
+milter_default_action = accept
+milter_protocol = 6
+smtpd_milters = inet:localhost:8891
+non_smtpd_milters = inet:localhost:8891
+
+# Notify on bounces
+notify_classes = bounce, delay, resource, software