adding basic postscreen functionality for debian #2303

author: kwadronaut <kwadronaut@leap.se> 2016-01-27 12:09:33 +0100
committer: kwadronaut <kwadronaut@leap.se> 2016-01-27 12:09:33 +0100
commit: 7a92279d623493dd95de8eaaca5815e625e305a3 (patch)
tree: 92a3004f0fdca8f85af5e1e3800a00c5c691a635
parent: 3a5ca6c754451405fd0c3efec7dc72bed57f4081 (diff)
3 files changed, 12 insertions, 4 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index 84eaa72..45c8e0c 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -48,6 +48,7 @@ class postfix(
   $use_sympa               = 'no',
   $use_firma               = 'no',
   $use_mlmmj               = 'no',
+  $use_postscreen          = 'no',
   $use_submission          = 'no',
   $use_smtps               = 'no',
   $mastercf_tail           = '',
diff --git a/templates/master.cf.debian-7.erb b/templates/master.cf.debian-7.erb
index 7b653fb..d243a93 100644
--- a/templates/master.cf.debian-7.erb
+++ b/templates/master.cf.debian-7.erb
@@ -8,8 +8,12 @@
 # service type  private unpriv  chroot  wakeup  maxproc command + args
 #               (yes)   (yes)   (yes)   (never) (100)
 # ==========================================================================
-<% if @smtp_listen == 'all' %>smtp      inet  n       -       -       -       -       smtpd
-<% else %><%= @smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd<% end %>
+#
+<% if @use_postscreen == 'yes' and @smtp_listen == 'all' %>smtpd     pass  -       -       n       -       -       smtpd
+smtp      inet  n       -       n       -       1       postscreen
+tlsproxy  unix  -       -       n       -       0       tlsproxy
+<% elsif @use_postscreen == 'no' and @smtp_listen == 'all' %>smtp      inet  n       -       -       -       -       smtpd
+<% else  %><%= @smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd<% end %>
 #smtp      inet  n       -       -       -       1       postscreen
 #smtpd     pass  -       -       -       -       -       smtpd
 #dnsblog   unix  -       -       -       -       0       dnsblog
diff --git a/templates/master.cf.debian-8.erb b/templates/master.cf.debian-8.erb
index 7b653fb..91d6362 100644
--- a/templates/master.cf.debian-8.erb
+++ b/templates/master.cf.debian-8.erb
@@ -8,8 +8,11 @@
 # service type  private unpriv  chroot  wakeup  maxproc command + args
 #               (yes)   (yes)   (yes)   (never) (100)
 # ==========================================================================
-<% if @smtp_listen == 'all' %>smtp      inet  n       -       -       -       -       smtpd
-<% else %><%= @smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd<% end %>
+<% if @use_postscreen == 'yes' and @smtp_listen == 'all' %>smtpd     pass  -       -       n       -       -       smtpd
+	smtp      inet  n       -       n       -       1       postscreen
+	tlsproxy  unix  -       -       n       -       0       tlsproxy
+<% elsif @use_postscreen == 'no' and @smtp_listen == 'all' %>smtp      inet  n       -       -       -       -       smtpd
+<% else  %><%= @smtp_listen %>:smtp      inet  n       -       -       -       -       smtpd<% end %>
 #smtp      inet  n       -       -       -       1       postscreen
 #smtpd     pass  -       -       -       -       -       smtpd
 #dnsblog   unix  -       -       -       -       0       dnsblog
author	kwadronaut <kwadronaut@leap.se>	2016-01-27 12:09:33 +0100
committer	kwadronaut <kwadronaut@leap.se>	2016-01-27 12:09:33 +0100
commit	7a92279d623493dd95de8eaaca5815e625e305a3 (patch)
tree	92a3004f0fdca8f85af5e1e3800a00c5c691a635
parent	3a5ca6c754451405fd0c3efec7dc72bed57f4081 (diff)