diff options
Diffstat (limited to 'puppet/modules/site_postfix/manifests/mx')
| -rw-r--r-- | puppet/modules/site_postfix/manifests/mx/checks.pp | 41 | ||||
| -rw-r--r-- | puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp | 4 |
2 files changed, 43 insertions, 2 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx/checks.pp b/puppet/modules/site_postfix/manifests/mx/checks.pp new file mode 100644 index 00000000..31399d32 --- /dev/null +++ b/puppet/modules/site_postfix/manifests/mx/checks.pp @@ -0,0 +1,41 @@ +class site_postfix::checks { + + file { + '/etc/postfix/checks': + ensure => directory, + mode => '0755', + owner => root, + group => postfix, + require => Package['postfix']; + + '/etc/postfix/checks/helo_checks': + content => template('site_postfix/checks/helo_access.erb'), + mode => '0644', + owner => root, + group => root; + } + + exec { + '/usr/sbin/postmap /etc/postfix/checks/helo_checks': + refreshonly => true, + subscribe => File['/etc/postfix/checks/helo_checks']; + } + + # Anonymize the user's home IP from the email headers (Feature #3866) + package { 'postfix-pcre': ensure => installed } + + file { '/etc/postfix/checks/received_anon': + source => 'puppet:///modules/site_postfix/checks/received_anon', + mode => '0644', + owner => root, + group => root, + notify => Service['postfix'] + } + + postfix::config { + 'header_checks': + value => 'pcre:/etc/postfix/checks/received_anon', + require => File['/etc/postfix/checks/received_anon']; + } + +} diff --git a/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp b/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp index 6df53355..aea66f78 100644 --- a/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp +++ b/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp @@ -1,11 +1,11 @@ -class site_postfix::reserved_aliases { +class site_postfix::mx::reserved_aliases { postfix::mailalias { [ 'postmaster', 'hostmaster', 'domainadmin', 'certmaster', 'ssladmin', 'arin-admin', 'administrator', 'webmaster', 'www-data', 'www', 'nobody', 'sys', 'postgresql', 'mysql', 'bin', 'cron', 'lp', 'games', 'maildrop', 'abuse', 'noc', 'security', 'usenet', 'news', 'uucp', - 'ftp': + 'ftp' ]: ensure => present, recipient => 'root' } |