diff options
| author | varac <varacanero@zeromail.org> | 2013-09-03 19:02:27 +0200 |
|---|---|---|
| committer | varac <varacanero@zeromail.org> | 2013-09-03 19:02:27 +0200 |
| commit | 11f90416ed145aeccea2562ef5cbb96ec2feb7a7 (patch) | |
| tree | f780b03eb2d081b756e8a5a7712b8b0ff38c11cd | |
| parent | b25d10864798e50dd51b9404903d3c493b44a65e (diff) | |
| parent | ccdf90ea9c48efbaa34dda8f23d6a95db9970cd9 (diff) | |
Merge branch 'feature/3667_Sending_mail_fails_when_relaying_using_non-fully-qualified_hostname' into develop
| -rw-r--r-- | puppet/modules/site_postfix/manifests/mx.pp | 17 | ||||
| -rw-r--r-- | puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp | 2 |
2 files changed, 11 insertions, 8 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp index e5dc1c7b..2d8f3db5 100644 --- a/puppet/modules/site_postfix/manifests/mx.pp +++ b/puppet/modules/site_postfix/manifests/mx.pp @@ -37,13 +37,14 @@ class site_postfix::mx { root_mail_recipient => $root_mail_recipient, smtp_listen => 'all', mastercf_tail => - "smtps inet n - - - - smtpd\n - -o smtpd_tls_wrappermode=yes\n - -o smtpd_tls_security_level=encrypt\n - submission inet n - n - - smtpd\n - -o smtpd_tls_security_level=encrypt\n - -o smtpd_recipient_restrictions=\$submission_recipient_restrictions", - require => [ X509::Key[$cert_name], X509::Cert[$cert_name], - User['vmail'] ] + "smtps inet n - - - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_tls_security_level=encrypt +submission inet n - n - - smtpd + -o smtpd_tls_security_level=encrypt + -o smtpd_recipient_restrictions=\$submission_recipient_restrictions + -o smtpd_helo_restrictions=\$submission_helo_restrictions", + require => [ + X509::Key[$cert_name], X509::Cert[$cert_name], User['vmail'] ] } } diff --git a/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp b/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp index b1536d64..0f1500a4 100644 --- a/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp +++ b/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp @@ -24,6 +24,8 @@ class site_postfix::mx::smtpd_checks { value => 'permit_tls_all_clientcerts, check_recipient_access tcp:localhost:2244, reject_unauth_destination, permit'; 'submission_recipient_restrictions': value => 'permit_tls_all_clientcerts, check_recipient_access tcp:localhost:2244, reject_unauth_destination, permit'; + 'submission_helo_restrictions': + value => 'permit_mynetworks, check_helo_access hash:$checks_dir/helo_checks, permit'; 'smtpd_sender_restrictions': value => 'permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit'; } |