diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/modules/site_postfix/files/checks/received_anon | 2 | ||||
| -rw-r--r-- | puppet/modules/site_postfix/manifests/checks.pp | 20 | 
2 files changed, 21 insertions, 1 deletions
| diff --git a/puppet/modules/site_postfix/files/checks/received_anon b/puppet/modules/site_postfix/files/checks/received_anon new file mode 100644 index 00000000..2822973e --- /dev/null +++ b/puppet/modules/site_postfix/files/checks/received_anon @@ -0,0 +1,2 @@ +/^Received: from (.* \([-._[:alnum:]]+ \[[.[:digit:]]{7,15}\]\))([[:space:]]+).*(\(using [.[:alnum:]]+ with cipher [-A-Z0-9]+ \([0-9]+\/[0-9]+ bits\)\))[[:space:]]+\(Client CN "([[:alnum:]]+)", Issuer "[[:print:]]+" \(verified OK\)\)[[:space:]]+by ([.[:alnum:]]+) \(([^)]+)\) with (E?SMTPS?A?) id ([A-F[:digit:]]+).*/ + REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])${2}${3}${2}(Authenticated sender: $4)${2}with $7 id $8 diff --git a/puppet/modules/site_postfix/manifests/checks.pp b/puppet/modules/site_postfix/manifests/checks.pp index 06f9a7a4..31399d32 100644 --- a/puppet/modules/site_postfix/manifests/checks.pp +++ b/puppet/modules/site_postfix/manifests/checks.pp @@ -6,7 +6,7 @@ class site_postfix::checks {        mode    => '0755',        owner   => root,        group   => postfix, -      require => Class['postfix']; +      require => Package['postfix'];      '/etc/postfix/checks/helo_checks':        content => template('site_postfix/checks/helo_access.erb'), @@ -20,4 +20,22 @@ class site_postfix::checks {        refreshonly => true,        subscribe   => File['/etc/postfix/checks/helo_checks'];    } + +  # Anonymize the user's home IP from the email headers (Feature #3866) +  package { 'postfix-pcre': ensure => installed } + +  file { '/etc/postfix/checks/received_anon': +    source  => 'puppet:///modules/site_postfix/checks/received_anon', +    mode    => '0644', +    owner   => root, +    group   => root, +    notify  => Service['postfix'] +  } + +  postfix::config { +    'header_checks': +      value   => 'pcre:/etc/postfix/checks/received_anon', +      require => File['/etc/postfix/checks/received_anon']; +  } +  } | 
