Don't let authenticated client use arbitrary sender addresses.

The following policy is now implemented: * users can use their SASL login name as sender address; * alias and/or list owners can use the address as envelope sender; * domain postmasters can use arbitrary sender addresses under their domains; * domain owners can use arbitrary sender addresses under their domains, unless it is also an existing account name; * for known domains without owner or postmasters, other sender addresses are not allowed; and * arbitrary sender addresses under unknown domains are allowed.
author: Guilhem Moulin <guilhem@fripost.org> 2017-05-31 21:42:32 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2017-06-01 01:09:00 +0200
commit: 6e39bad3fbe75b88fca4c2e2aad8eb51af14b1be (patch)
tree: 87898c1653a36f1b23efbef55d6f876d8bc83444 /group_vars
parent: e136d3edbdb6749d4559939dc9fcbc11d166e34c (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/group_vars/all.yml b/group_vars/all.yml
index 97e2024..236527e 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -40,7 +40,8 @@ postfix_instance:
            , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.out[0]].inventory_hostname_short ], '127.0.0.1') }}"
            , port: 2525 }
   MSA:     { name: msa
-           , port: 587 }
+           , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.MSA[0]].inventory_hostname_short ], '127.0.0.1') }}"
+           , port: 2587 }
   lists:   { name: lists
            , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.lists[0]].inventory_hostname_short ], '127.0.0.1') }}"
            , port: 2527 }
author	Guilhem Moulin <guilhem@fripost.org>	2017-05-31 21:42:32 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2017-06-01 01:09:00 +0200
commit	6e39bad3fbe75b88fca4c2e2aad8eb51af14b1be (patch)
tree	87898c1653a36f1b23efbef55d6f876d8bc83444 /group_vars
parent	e136d3edbdb6749d4559939dc9fcbc11d166e34c (diff)