aboutsummaryrefslogtreecommitdiffstats
path: root/modules/postfix/templates
diff options
context:
space:
mode:
authorMichael Scherer <misc@mageia.org>2010-11-18 22:34:59 +0000
committerMichael Scherer <misc@mageia.org>2010-11-18 22:34:59 +0000
commita430df05b73da1ce05004b1620cc48a9c36e8fc4 (patch)
treefb251f21719b0c46ca36cbaa3c6eb615c7805263 /modules/postfix/templates
parent87e866f0d4232dde4466e8839f3891641536aa27 (diff)
downloadpuppet-a430df05b73da1ce05004b1620cc48a9c36e8fc4.tar
puppet-a430df05b73da1ce05004b1620cc48a9c36e8fc4.tar.gz
puppet-a430df05b73da1ce05004b1620cc48a9c36e8fc4.tar.bz2
puppet-a430df05b73da1ce05004b1620cc48a9c36e8fc4.tar.xz
puppet-a430df05b73da1ce05004b1620cc48a9c36e8fc4.zip
- start to merge simple relay, and add some basic antispam filtering
Diffstat (limited to 'modules/postfix/templates')
-rw-r--r--modules/postfix/templates/main.cf28
1 files changed, 27 insertions, 1 deletions
diff --git a/modules/postfix/templates/main.cf b/modules/postfix/templates/main.cf
index f5f83eed..6cb9c93f 100644
--- a/modules/postfix/templates/main.cf
+++ b/modules/postfix/templates/main.cf
@@ -23,16 +23,22 @@ mail_owner = postfix
# User configurable parameters
+<% if classes.include?('postfix::simple_relay') %>
inet_interfaces = localhost
+<% else %>
+inet_interfaces = all
+<% end %>
+
inet_protocols = all
mynetworks_style = host
myhostname = <%= fqdn %>
mydomain = <%= domain %>
mydestination = <%= fqdn %>
myorigin = $mydomain
+<%- if classes.include?('postfix::smtp_server') -%>
relay_domains = $mydestination,
ml.<%= domain %>,
-<%- if classes.include?('primary_smtp') -%>
+<%- if classes.include?('postfix::primary_smtp') -%>
<%= domain %>
<%- end -%>
transport_maps = regexp:/etc/postfix/transport_regexp
@@ -49,3 +55,23 @@ smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.pem
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
+
+<% if classes.include?('postfix::smtp_server') %>
+smtpd_recipient_restrictions =
+# not done yet
+# permit_sasl_authenticated
+ permit_mynetworks
+ reject_unauth_destination
+ reject_unauth_pipelining
+ reject_non_fqdn_recipient
+ reject_non_fqdn_sender
+ reject_non_fqdn_hostname
+ reject_invalid_hostname
+ reject_unknown_recipient_domain
+ reject_unknown_sender_domain
+ reject_unknown_client
+ <% if classes.include?('postgrey') %>
+ check_policy_service unix:extern/postgrey/socket
+ <% end %>
+<% end %>
+