summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2015-04-28 14:42:03 +0200
committervarac <varacanero@zeromail.org>2015-04-28 14:42:03 +0200
commit2dc5b690662a807e276ebe6500a70620bd2934ce (patch)
tree90e78177e57200b260388f9ec7d1d34d018b0eed /puppet
parent87a2005d7a2ab9cccce67eea7f25de2a2e3d789a (diff)
parent3aa462bd2402c81ac85720ca9337d45acbf04ff3 (diff)
Merge branch '6829_reject_inbound_mail_to_system_users' into develop
Diffstat (limited to 'puppet')
-rw-r--r--puppet/modules/site_postfix/manifests/mx.pp9
1 files changed, 9 insertions, 0 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp
index 81f10b77..49692d24 100644
--- a/puppet/modules/site_postfix/manifests/mx.pp
+++ b/puppet/modules/site_postfix/manifests/mx.pp
@@ -1,3 +1,6 @@
+#
+# configure mx node
+#
class site_postfix::mx {
$domain_hash = hiera('domain')
@@ -35,6 +38,12 @@ class site_postfix::mx {
# because the satellites need to have a different value
'smtp_tls_security_level':
value => 'may';
+ # reject inbound mail to system users
+ # see https://leap.se/code/issues/6829
+ # this blocks *only* mails to system users, that don't appear in the
+ # alias map
+ 'local_recipient_maps':
+ value => '$alias_maps';
}
include site_postfix::mx::smtpd_checks