fix(postfix): Enforce usage of haproxy

Apparently one needs to configure `-o smtpd_upstream_proxy_protocol=haproxy` for other inet services as well in order to actually make it through. This patch enables it on smtp and submissions ports. The hint for that came from experimenting and the docker-mailserver project. References: https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/kubernetes/#proxy-port-to-service-via-proxy-protocol

fix(postfix): Enforce usage of haproxy
5c5ad8bd · Sheogorath · 3fd9106c · 5c5ad8bd · 5c5ad8bd
Verified Commit 5c5ad8bd authored 2 years ago by Sheogorath
--- a/images/postfix/config/main.cf
+++ b/images/postfix/config/main.cf
@@ -92,6 +92,8 @@ postscreen_upstream_proxy_timeout = 5s
 postscreen_access_list = permit_mynetworks
 postscreen_blacklist_action = drop
 postscreen_greet_action = ignore
+# Disable zombie detection
+postscreen_greet_banner =
 postscreen_dnsbl_action = enforce
 postscreen_dnsbl_threshold = 3
 postscreen_dnsbl_allowlist_threshold = -1

--- a/images/postfix/config/master.cf
+++ b/images/postfix/config/master.cf
@@ -8,6 +8,7 @@
 smtpd     pass  -       -       -       -       -       smtpd
    -o smtpd_tls_received_header=yes
    -o content_filter=
+    -o smtpd_upstream_proxy_protocol=haproxy
 dnsblog   unix  -       -       -       -       0       dnsblog
 tlsproxy  unix  -       -       -       -       0       tlsproxy
 #smtps     inet  n       -       -       -       -       smtpd