summaryrefslogtreecommitdiff
path: root/puppet/modules/site_postfix/manifests/mx
AgeCommit message (Expand)Author
2016-03-11Set MUA required ciphers, tighten up the mandatory protocols (#4232)Micah
2016-02-11Due to the smtps transport specifying a header_check, the received_anonMicah
2016-02-02[bug] Add smtpd_relay_restrictions to postfix confvarac
2016-01-21Make sure the certs are installed for all smtp tls clients, thusMicah
2016-01-19Make sure machines in mynetworks are able to send mail through us,Micah
2015-12-09Use client cert fingerprint lookup to determine if the user is allowedMicah
2015-09-24allow certain aliases, like 'abuse', to be publicly forwardable.elijah
2015-09-15Merge branch 'feature/rewrite_openpgp_header_7413' into developMicah Anderson
2015-09-15minor lintingMicah Anderson
2015-09-11switch aliases to use virtual_alias_mapselijah
2015-09-08rewrite openpgp header to be always correct (#7413)Micah Anderson
2015-08-21add support for configurable mail alias mapselijah
2015-07-28Support RBL blocking of incoming mail (#5923)Micah Anderson
2014-12-09Deploy leap ca cert for smtp tls config (Bug #6485)varac
2014-04-02Force satellite hosts that only speak to relayhost to have aMicah Anderson
2014-03-24fixes #5360 adds admin@ as reserved address + lintingkwadronaut
2013-12-19Fix the location of the smtp/smtpd_tls_session_cache_database (#4813)Micah Anderson
2013-12-18add a smtp_tls class and include that on both mx servers and satellitesMicah Anderson
2013-12-18rename the tls.pp to be smtpd_tls.pp, this allows us to have a separateMicah Anderson
2013-11-27disable starttls over submission for client connections, we are using TLS wra...Micah Anderson
2013-10-31certtool-postfix-gendh attempted before postfix is installed (Bug #4340)Micah Anderson
2013-10-31require postfix is installed before installing postfix-pcre (#4223)Micah Anderson
2013-10-11class moved but forgot to renamevarac
2013-10-11move site_config::checks to site_config::mx::checksvarac
2013-10-10fix site_postfix::mx::reserved_aliases class name and package arrayvarac
2013-10-09setup email account 'blacklist' by configuring reserved aliases, effectively ...Micah Anderson
2013-10-06It turns out postfix's variable for 1024bit DH parameters can actually take a...0.3.0rc3Micah Anderson
2013-10-06only use TLSv1 or later for smtp (Feature #4011)Micah Anderson
2013-10-03Merge branch 'feature/3953' into developMicah Anderson
2013-10-03It turns out postfix's variable for 1024bit DH parameters can actually take a...Micah Anderson
2013-10-02setup smtpd_tls_eecdh_grade to 'ultra' and configure the smtpd_tls_dh1024_par...Micah Anderson
2013-09-26Add client-side TLS configuration (#3868)Micah Anderson
2013-09-24fix client_ca cert+key for mx service (Feature #3921)varac
2013-09-18use x509 for postfix ca and fix names for cert+key (Feature #3833)varac
2013-09-03use check_helo_access hash:/helo_checks also for $submission_helo_restrictionsvarac
2013-09-03Sending mail fails when relaying using non-fully-qualified hostname (Feature ...varac
2013-09-03Merge branch 'feature/helo_access' into developMicah Anderson
2013-09-03add /etc/postfix/checks directory and setup a check_helo_access that allows a...Micah Anderson
2013-09-03Without smtpd_helo_required, the helo restrictions are easily bypassed by not...Micah Anderson
2013-08-31postfix enable submission port using starttls, so the client can transition t...Micah Anderson
2013-08-31change the master.cf_tail to pull in -o smtpd_recipient_restrictions=$smtps_r...Micah Anderson
2013-08-29fix smtpd mail restrictions (Feature #3166)varac
2013-08-28SMTP checks (Feature #2304)varac
2013-08-28integrate manual postfix config changes in puppet (Feature #3538)varac
2013-07-31 use smtpd_tls_security_level = may in postfix config (Bug #3348)varac
2013-07-26Merge branch 'varac/feature/mx' into feature/leap_mxMicah Anderson
2013-07-25beginning of smtp_auth config with client certsvarac
2013-07-25smtpd_checks: smtpd_delay_rejectvarac
2013-07-25smtpd_checks: smtpd_data_restrictionsvarac
2013-07-10added tls support, including smtp auth via client certvarac