diff options
| author | Micah Anderson <micah@leap.se> | 2014-04-01 15:28:54 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@leap.se> | 2014-04-01 15:28:54 -0400 |
| commit | 1906f13a7df02522bcd83a3c25101555870b5279 (patch) | |
| tree | 5dfce75eb9fcc1c616e491c80c09ac94718f7746 | |
| parent | 05bc6a8f3c9caadd8cbe262fc90437980bc26969 (diff) | |
Include all the ips that are allowed to send mail through the relay in
the mynetworks parameter. Previously we only allowed other mx servers to
relay to each other, but this prevents system mail from non-mx nodes
from getting out.
Fixes "Helo command rejected: You are not in domain bitmask.net (in reply to RCPT TO command))" (#5343)
Change-Id: I5e204958cb235808eedc3a1724fb2dc6c7a5b73b
| -rw-r--r-- | provider_base/services/mx.json | 2 | ||||
| -rw-r--r-- | puppet/modules/site_postfix/manifests/mx.pp | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/provider_base/services/mx.json b/provider_base/services/mx.json index 7e3f20ba..0d1ec877 100644 --- a/provider_base/services/mx.json +++ b/provider_base/services/mx.json @@ -10,7 +10,7 @@ "password": "= secret :couch_leap_mx_password", "salt": "= hex_secret :couch_leap_mx_password_salt, 128" }, - "mx_nodes": "= nodes['services' => 'mx']['environment' => '!local'].field('ip_address')", + "mynetworks": "= nodes['environment' => '!local'].field('ip_address')", "x509": { "use": true, "ca_cert": "= file :ca_cert, :missing => 'provider CA. Run `leap cert ca`'", diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp index de89c26e..a37c7af9 100644 --- a/puppet/modules/site_postfix/manifests/mx.pp +++ b/puppet/modules/site_postfix/manifests/mx.pp @@ -4,7 +4,7 @@ class site_postfix::mx { $domain = $domain_hash['full_suffix'] $host_domain = $domain_hash['full'] $cert_name = hiera('name') - $mynetworks = join(hiera('mx_nodes'), ' ') + $mynetworks = join(hiera('mynetworks'), ' ') $root_mail_recipient = hiera ('contacts') $postfix_smtp_listen = 'all' |