summaryrefslogtreecommitdiff
path: root/puppet/modules
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-02-09 16:32:46 -0500
committerMicah <micah@leap.se>2016-02-11 10:35:39 -0500
commitcee2702b9c66e7e303494822993f46986685d87a (patch)
treeef779c6333c4f4dd803c334c1270a2bfc24befa0 /puppet/modules
parent23e65fd524674f65f75651147c5c787382f20909 (diff)
Due to the smtps transport specifying a header_check, the received_anon
replacement wasn't being done. (#7890) This moves that replacement into its own class, clears the old value and sets it properly in the smtps transport. Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75
Diffstat (limited to 'puppet/modules')
-rw-r--r--puppet/modules/site_postfix/manifests/mx.pp21
-rw-r--r--puppet/modules/site_postfix/manifests/mx/checks.pp18
-rw-r--r--puppet/modules/site_postfix/manifests/mx/received_anon.pp13
3 files changed, 25 insertions, 27 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp
index 02b9fbdd..c4ab1bba 100644
--- a/puppet/modules/site_postfix/manifests/mx.pp
+++ b/puppet/modules/site_postfix/manifests/mx.pp
@@ -79,16 +79,19 @@ class site_postfix::mx {
value => 'smtp';
'mailbox_command':
value => '';
+ 'header_checks':
+ value => '';
}
- include site_postfix::mx::smtpd_checks
- include site_postfix::mx::checks
- include site_postfix::mx::smtp_tls
- include site_postfix::mx::smtpd_tls
- include site_postfix::mx::static_aliases
- include site_postfix::mx::rewrite_openpgp_header
- include clamav
- include postfwd
+ include ::site_postfix::mx::smtpd_checks
+ include ::site_postfix::mx::checks
+ include ::site_postfix::mx::smtp_tls
+ include ::site_postfix::mx::smtpd_tls
+ include ::site_postfix::mx::static_aliases
+ include ::site_postfix::mx::rewrite_openpgp_header
+ include ::site_postfix::mx::received_anon
+ include ::clamav
+ include ::postfwd
# greater verbosity for debugging, take out for production
#include site_postfix::debug
@@ -111,7 +114,7 @@ ${smtpd_relay_restrictions} -o smtpd_recipient_restrictions=\$smtps_recipient_r
-o smtpd_client_restrictions=
-o cleanup_service_name=clean_smtps
clean_smtps unix n - n - 0 cleanup
- -o header_checks=pcre:/etc/postfix/checks/rewrite_openpgp_headers"
+ -o header_checks=pcre:/etc/postfix/checks/rewrite_openpgp_headers,pcre:/etc/postfix/checks/received_anon"
class { 'postfix':
preseed => true,
diff --git a/puppet/modules/site_postfix/manifests/mx/checks.pp b/puppet/modules/site_postfix/manifests/mx/checks.pp
index 5d75a5e5..f406ad34 100644
--- a/puppet/modules/site_postfix/manifests/mx/checks.pp
+++ b/puppet/modules/site_postfix/manifests/mx/checks.pp
@@ -20,22 +20,4 @@ class site_postfix::mx::checks {
refreshonly => true,
subscribe => File['/etc/postfix/checks/helo_checks'];
}
-
- # Anonymize the user's home IP from the email headers (Feature #3866)
- package { 'postfix-pcre': ensure => installed, require => Package['postfix'] }
-
- file { '/etc/postfix/checks/received_anon':
- source => 'puppet:///modules/site_postfix/checks/received_anon',
- mode => '0644',
- owner => root,
- group => root,
- notify => Service['postfix']
- }
-
- postfix::config {
- 'header_checks':
- value => 'pcre:/etc/postfix/checks/received_anon',
- require => File['/etc/postfix/checks/received_anon'];
- }
-
}
diff --git a/puppet/modules/site_postfix/manifests/mx/received_anon.pp b/puppet/modules/site_postfix/manifests/mx/received_anon.pp
new file mode 100644
index 00000000..51ba3faa
--- /dev/null
+++ b/puppet/modules/site_postfix/manifests/mx/received_anon.pp
@@ -0,0 +1,13 @@
+# Anonymize the user's home IP from the email headers (Feature #3866)
+class site_postfix::mx::received_anon {
+
+ package { 'postfix-pcre': ensure => installed, require => Package['postfix'] }
+
+ file { '/etc/postfix/checks/received_anon':
+ source => 'puppet:///modules/site_postfix/checks/received_anon',
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['postfix']
+ }
+}