feat(postfix): implement virtual mailbox configuration for Dovecot LMTP

Updates the Postfix configuration to correctly handle virtual domains when Dovecot LMTP is enabled, moving away from local system delivery settings.

- Removes `postfix_mail_domain` from `postfix_mydestination` to prevent conflicts with virtual domain handling.
- Updates `main.cf` to set `virtual_transport`, `virtual_mailbox_domains`, and `virtual_mailbox_maps` instead of `mailbox_transport`.
- Adds a new template `virtual_mailbox_maps.j2` to authorize specific users defined in `dovecot_users`.
- Adds tasks to generate the virtual mailbox map file and run `postmap` upon changes.

defaults/main.yml

@@ -18,9 +18,10 @@ postfix_mail_domain: "{{ ansible_domain | default('internal.local') }}"
 # The Fully Qualified Domain Name of the mail server.
 postfix_myhostname: "mail.{{ postfix_mail_domain }}"
 
-# Comma-separated list of domains this server accepts mail for.
+# Comma-separated list of domains this server accepts mail for locally.
-# It's critical that this includes the server's own hostname and mail domain.
+# When using Dovecot with LMTP (virtual mailboxes), the mail domain is handled
-postfix_mydestination: "$myhostname, localhost.{{ postfix_mail_domain }}, localhost, {{ postfix_mail_domain }}"
+# separately via virtual_mailbox_domains, so it should NOT be included here.
+postfix_mydestination: "$myhostname, localhost.{{ postfix_mail_domain }}, localhost"
 
 # The list of "trusted" remote SMTP clients that have more privileges than "strangers".
 postfix_mynetworks: "127.0.0.0/8 [::1]/128"

tasks/main.yml

@@ -54,6 +54,29 @@
     - postfix_config
     - postfix_smarthost
 
+- name: "POSTFIX | Configure virtual mailbox maps"
+  when: dovecot_enabled | default(false) and dovecot_postfix_lmtp_enable | default(false)
+  ansible.builtin.template:
+    src: virtual_mailbox_maps.j2
+    dest: /etc/postfix/virtual_mailbox_maps
+    owner: root
+    group: root
+    mode: '0644'
+  notify: Restart Postfix
+  tags:
+    - postfix_config
+    - dovecot_config
+
+- name: "POSTFIX | Create hash map for virtual mailbox maps"
+  when: dovecot_enabled | default(false) and dovecot_postfix_lmtp_enable | default(false)
+  ansible.builtin.command:
+    cmd: postmap hash:/etc/postfix/virtual_mailbox_maps
+  changed_when: true
+  notify: Restart Postfix
+  tags:
+    - postfix_config
+    - dovecot_config
+
 - name: "DOVECOT | Install Dovecot packages"
   when: dovecot_enabled | default(false)
   ansible.builtin.apt:

templates/main.cf.j2

@@ -51,9 +51,6 @@ alias_database = hash:/etc/aliases
 
 # Dovecot Integration
 {% if dovecot_enabled | default(false) %}
-# Use Maildir format
-home_mailbox = Maildir/
-
 {% if dovecot_postfix_sasl_enable | default(false) %}
 # SASL Authentication via Dovecot
 smtpd_sasl_type = dovecot
@@ -62,7 +59,9 @@ smtpd_sasl_auth_enable = yes
 {% endif %}
 
 {% if dovecot_postfix_lmtp_enable | default(false) %}
-# Delivery via LMTP
+# Virtual mailbox configuration for Dovecot users
-mailbox_transport = lmtp:unix:private/dovecot-lmtp
+virtual_mailbox_domains = {{ postfix_mail_domain }}
+virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_maps
+virtual_transport = lmtp:unix:private/dovecot-lmtp
 {% endif %}
 {% endif %}

templates/virtual_mailbox_maps.j2

@@ -0,0 +1,8 @@
+# Virtual mailbox maps for Postfix
+# Ansible managed: {{ ansible_managed }}
+# Format: user@domain   OK
+{% if dovecot_users is defined and dovecot_users | length > 0 %}
+{% for user in dovecot_users %}
+{{ user.name }}@{{ postfix_mail_domain }}   OK
+{% endfor %}
+{% endif %}