summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/modules/site_postfix/manifests/mx.pp7
-rw-r--r--puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp2
2 files changed, 6 insertions, 3 deletions
diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp
index e5dc1c7b..515b6825 100644
--- a/puppet/modules/site_postfix/manifests/mx.pp
+++ b/puppet/modules/site_postfix/manifests/mx.pp
@@ -42,8 +42,9 @@ class site_postfix::mx {
-o smtpd_tls_security_level=encrypt\n
submission inet n - n - - smtpd\n
-o smtpd_tls_security_level=encrypt\n
- -o smtpd_recipient_restrictions=\$submission_recipient_restrictions",
- require => [ X509::Key[$cert_name], X509::Cert[$cert_name],
- User['vmail'] ]
+ -o smtpd_recipient_restrictions=\$submission_recipient_restrictions\n
+ -o smtpd_helo_restrictions=\$submission_helo_restrictions",
+ require =>
+ [ X509::Key[$cert_name], X509::Cert[$cert_name], User['vmail'] ]
}
}
diff --git a/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp b/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp
index b1536d64..7aea71fb 100644
--- a/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp
+++ b/puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp
@@ -24,6 +24,8 @@ class site_postfix::mx::smtpd_checks {
value => 'permit_tls_all_clientcerts, check_recipient_access tcp:localhost:2244, reject_unauth_destination, permit';
'submission_recipient_restrictions':
value => 'permit_tls_all_clientcerts, check_recipient_access tcp:localhost:2244, reject_unauth_destination, permit';
+ 'submission_helo_restrictions':
+ value => 'permit_mynetworks, permit';
'smtpd_sender_restrictions':
value => 'permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit';
}