diff options
-rw-r--r-- | manifests/init.pp | 1 | ||||
-rw-r--r-- | templates/master.cf.debian-7.erb | 8 | ||||
-rw-r--r-- | templates/master.cf.debian-8.erb | 7 |
3 files changed, 12 insertions, 4 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 84eaa72..45c8e0c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -48,6 +48,7 @@ class postfix( $use_sympa = 'no', $use_firma = 'no', $use_mlmmj = 'no', + $use_postscreen = 'no', $use_submission = 'no', $use_smtps = 'no', $mastercf_tail = '', diff --git a/templates/master.cf.debian-7.erb b/templates/master.cf.debian-7.erb index 7b653fb..d243a93 100644 --- a/templates/master.cf.debian-7.erb +++ b/templates/master.cf.debian-7.erb @@ -8,8 +8,12 @@ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== -<% if @smtp_listen == 'all' %>smtp inet n - - - - smtpd -<% else %><%= @smtp_listen %>:smtp inet n - - - - smtpd<% end %> +# +<% if @use_postscreen == 'yes' and @smtp_listen == 'all' %>smtpd pass - - n - - smtpd +smtp inet n - n - 1 postscreen +tlsproxy unix - - n - 0 tlsproxy +<% elsif @use_postscreen == 'no' and @smtp_listen == 'all' %>smtp inet n - - - - smtpd +<% else %><%= @smtp_listen %>:smtp inet n - - - - smtpd<% end %> #smtp inet n - - - 1 postscreen #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog diff --git a/templates/master.cf.debian-8.erb b/templates/master.cf.debian-8.erb index 7b653fb..91d6362 100644 --- a/templates/master.cf.debian-8.erb +++ b/templates/master.cf.debian-8.erb @@ -8,8 +8,11 @@ # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== -<% if @smtp_listen == 'all' %>smtp inet n - - - - smtpd -<% else %><%= @smtp_listen %>:smtp inet n - - - - smtpd<% end %> +<% if @use_postscreen == 'yes' and @smtp_listen == 'all' %>smtpd pass - - n - - smtpd + smtp inet n - n - 1 postscreen + tlsproxy unix - - n - 0 tlsproxy +<% elsif @use_postscreen == 'no' and @smtp_listen == 'all' %>smtp inet n - - - - smtpd +<% else %><%= @smtp_listen %>:smtp inet n - - - - smtpd<% end %> #smtp inet n - - - 1 postscreen #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog |