diff options
| author | Micah Anderson <micah@leap.se> | 2013-08-30 15:01:15 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@leap.se> | 2013-08-31 08:31:55 -0400 |
| commit | 27efd6072ecf13b4bbdb098ee70eb81eb5cdc81c (patch) | |
| tree | 8c8f4156538e893b2f919d1bb370edbf6c3f78ce /puppet/modules/site_postfix/manifests/mx.pp | |
| parent | 8b7e1d9afda6a0ae2a8ff5548d9c8ab78370693b (diff) | |
change the master.cf_tail to pull in -o smtpd_recipient_restrictions=$smtps_recipient_restrictions from main.cf, allowing us to setup specific restrictions for the smtps port
move permit_tls_all_clientcerts from the smtpd_data_restrictions and smtpd_recipient_restrictions to only be in smtps_recipient_restrictions
make a note about the permit_tls_all_clientcerts being something that we don't want in the future
remove check_sender_access check which was doing an unnecessary lookup
Change-Id: If9101512e42f7cd82c0e06543cef696d6063f8dc
Diffstat (limited to 'puppet/modules/site_postfix/manifests/mx.pp')
| -rw-r--r-- | puppet/modules/site_postfix/manifests/mx.pp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp index 18815f70..e9f662c3 100644 --- a/puppet/modules/site_postfix/manifests/mx.pp +++ b/puppet/modules/site_postfix/manifests/mx.pp @@ -35,7 +35,7 @@ class site_postfix::mx { preseed => true, root_mail_recipient => $root_mail_recipient, smtp_listen => 'all', - mastercf_tail => "smtps inet n - - - - smtpd\n -o smtpd_tls_wrappermode=yes\n -o smtpd_tls_security_level=encrypt\n", + mastercf_tail => "smtps inet n - - - - smtpd\n -o smtpd_tls_wrappermode=yes\n -o smtpd_tls_security_level=encrypt\n -o smtpd_recipient_restrictions=\$smtps_recipient_restrictions", require => [ X509::Key[$cert_name], X509::Cert[$cert_name], User['vmail'] ] } |