From cee2702b9c66e7e303494822993f46986685d87a Mon Sep 17 00:00:00 2001
From: Micah <micah@leap.se>
Date: Tue, 9 Feb 2016 16:32:46 -0500
Subject: Due to the smtps transport specifying a header_check, the
 received_anon replacement wasn't being done. (#7890)

This moves that replacement into its own class, clears the old value and
sets it properly in the smtps transport.

Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75
---
 puppet/modules/site_postfix/manifests/mx.pp         | 21 ++++++++++++---------
 puppet/modules/site_postfix/manifests/mx/checks.pp  | 18 ------------------
 .../site_postfix/manifests/mx/received_anon.pp      | 13 +++++++++++++
 3 files changed, 25 insertions(+), 27 deletions(-)
 create mode 100644 puppet/modules/site_postfix/manifests/mx/received_anon.pp

diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp
index 02b9fbdd..c4ab1bba 100644
--- a/puppet/modules/site_postfix/manifests/mx.pp
+++ b/puppet/modules/site_postfix/manifests/mx.pp
@@ -79,16 +79,19 @@ class site_postfix::mx {
       value => 'smtp';
     'mailbox_command':
       value => '';
+    'header_checks':
+      value => '';
   }
 
-  include site_postfix::mx::smtpd_checks
-  include site_postfix::mx::checks
-  include site_postfix::mx::smtp_tls
-  include site_postfix::mx::smtpd_tls
-  include site_postfix::mx::static_aliases
-  include site_postfix::mx::rewrite_openpgp_header
-  include clamav
-  include postfwd
+  include ::site_postfix::mx::smtpd_checks
+  include ::site_postfix::mx::checks
+  include ::site_postfix::mx::smtp_tls
+  include ::site_postfix::mx::smtpd_tls
+  include ::site_postfix::mx::static_aliases
+  include ::site_postfix::mx::rewrite_openpgp_header
+  include ::site_postfix::mx::received_anon
+  include ::clamav
+  include ::postfwd
 
   # greater verbosity for debugging, take out for production
   #include site_postfix::debug
@@ -111,7 +114,7 @@ ${smtpd_relay_restrictions}  -o smtpd_recipient_restrictions=\$smtps_recipient_r
   -o smtpd_client_restrictions=
   -o cleanup_service_name=clean_smtps
 clean_smtps   unix  n - n - 0 cleanup
-  -o header_checks=pcre:/etc/postfix/checks/rewrite_openpgp_headers"
+  -o header_checks=pcre:/etc/postfix/checks/rewrite_openpgp_headers,pcre:/etc/postfix/checks/received_anon"
 
   class { 'postfix':
     preseed             => true,
diff --git a/puppet/modules/site_postfix/manifests/mx/checks.pp b/puppet/modules/site_postfix/manifests/mx/checks.pp
index 5d75a5e5..f406ad34 100644
--- a/puppet/modules/site_postfix/manifests/mx/checks.pp
+++ b/puppet/modules/site_postfix/manifests/mx/checks.pp
@@ -20,22 +20,4 @@ class site_postfix::mx::checks {
       refreshonly => true,
       subscribe   => File['/etc/postfix/checks/helo_checks'];
   }
-
-  # Anonymize the user's home IP from the email headers (Feature #3866)
-  package { 'postfix-pcre': ensure => installed, require => Package['postfix'] }
-
-  file { '/etc/postfix/checks/received_anon':
-    source  => 'puppet:///modules/site_postfix/checks/received_anon',
-    mode    => '0644',
-    owner   => root,
-    group   => root,
-    notify  => Service['postfix']
-  }
-
-  postfix::config {
-    'header_checks':
-      value   => 'pcre:/etc/postfix/checks/received_anon',
-      require => File['/etc/postfix/checks/received_anon'];
-  }
-
 }
diff --git a/puppet/modules/site_postfix/manifests/mx/received_anon.pp b/puppet/modules/site_postfix/manifests/mx/received_anon.pp
new file mode 100644
index 00000000..51ba3faa
--- /dev/null
+++ b/puppet/modules/site_postfix/manifests/mx/received_anon.pp
@@ -0,0 +1,13 @@
+# Anonymize the user's home IP from the email headers (Feature #3866) 
+class site_postfix::mx::received_anon {
+
+  package { 'postfix-pcre': ensure => installed, require => Package['postfix'] }
+
+  file { '/etc/postfix/checks/received_anon':
+    source => 'puppet:///modules/site_postfix/checks/received_anon',
+    mode   => '0644',
+    owner  => root,
+    group  => root,
+    notify => Service['postfix']
+  }
+}
-- 
cgit v1.2.3