From cfdbad27fe0b1c5e98b127f2c3d22258e233ef11 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@leap.se>
Date: Tue, 3 Sep 2013 10:37:21 -0400
Subject: add /etc/postfix/checks directory and setup a check_helo_access that
 allows admins to have some control over problem clients connecting that
 present helo patterns that they wish to block (#3694)

Change-Id: I159c29b6fe17e3d75b607d1a6fa82856b976c9b4
---
 .../site_postfix/templates/checks/helo_access.erb   | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 puppet/modules/site_postfix/templates/checks/helo_access.erb

(limited to 'puppet/modules/site_postfix/templates/checks/helo_access.erb')

diff --git a/puppet/modules/site_postfix/templates/checks/helo_access.erb b/puppet/modules/site_postfix/templates/checks/helo_access.erb
new file mode 100644
index 00000000..bef3c11d
--- /dev/null
+++ b/puppet/modules/site_postfix/templates/checks/helo_access.erb
@@ -0,0 +1,21 @@
+# THIS FILE IS MANAGED BY PUPPET
+# To make changes to this file, please edit your platform directory under
+# puppet/modules/site_postfix/templates/checks/helo_access.erb and then deploy
+
+# The format of this file is the HELO/EHLO domain followed by an action.
+# The action could be OK to allow it, REJECT to reject it, or a custom
+# status code and message. Any lines that are prefixed by an octothorpe (#)
+# will be considered comments.
+
+# Some examples:
+#
+# Reject anyone that HELO's with foobar:
+# foobar REJECT
+#
+# Allow the switches to skip this check:
+# switch1 OK
+# switch2 OK
+
+# Reject anybody that HELO's as being in our own domain(s)
+# anyone who identifies themselves as us is a virus/spammer
+<%= domain %> 554 You are not in domain <%= domain %>
-- 
cgit v1.2.3