diff options
-rw-r--r-- | roles/MSA/templates/etc/postfix/main.cf.j2 | 4 | ||||
-rw-r--r-- | roles/MX/templates/etc/postfix/main.cf.j2 | 4 | ||||
-rw-r--r-- | roles/common/templates/etc/postfix/main.cf.j2 | 4 | ||||
-rw-r--r-- | roles/webmail/templates/etc/postfix/main.cf.j2 | 4 |
4 files changed, 16 insertions, 0 deletions
diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index 685287a..337acd1 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -64,7 +64,11 @@ header_checks = pcre:$config_directory/anonymize_sender.pcre # Tunnel everything through IPSec smtp_tls_security_level = none +{% if 'MTA-out' in group_names %} +smtp_bind_address = 127.0.0.1 +{% else %} smtp_bind_address = 172.16.0.1 +{% endif %} # TLS smtpd_tls_security_level = encrypt diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index 570a797..9f88eef 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -81,7 +81,11 @@ smtp_data_done_timeout = 1200s # Tunnel everything through IPSec smtp_tls_security_level = none +{% if 'MTA-out' in group_names %} +smtp_bind_address = 127.0.0.1 +{% else %} smtp_bind_address = 172.16.0.1 +{% endif %} # TLS smtpd_tls_security_level = may diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2 index 4c56cea..83f97b4 100644 --- a/roles/common/templates/etc/postfix/main.cf.j2 +++ b/roles/common/templates/etc/postfix/main.cf.j2 @@ -43,7 +43,11 @@ relay_domains = # Tunnel everything through IPSec smtp_tls_security_level = none +{% if 'MTA-out' in group_names %} +smtp_bind_address = 127.0.0.1 +{% else %} smtp_bind_address = 172.16.0.1 +{% endif %} smtpd_tls_security_level = none # Turn off all TCP/IP listener ports except that dedicated to diff --git a/roles/webmail/templates/etc/postfix/main.cf.j2 b/roles/webmail/templates/etc/postfix/main.cf.j2 index cb57b23..cd026d1 100644 --- a/roles/webmail/templates/etc/postfix/main.cf.j2 +++ b/roles/webmail/templates/etc/postfix/main.cf.j2 @@ -63,7 +63,11 @@ smtp_data_done_timeout = 1200s # Tunnel everything through IPSec smtp_tls_security_level = none +{% if 'MTA-out' in group_names %} +smtp_bind_address = 127.0.0.1 +{% else %} smtp_bind_address = 172.16.0.1 +{% endif %} smtpd_tls_security_level = none |