diff options
Diffstat (limited to 'roles/MSA')
| -rw-r--r-- | roles/MSA/tasks/main.yml | 2 | ||||
| -rw-r--r-- | roles/MSA/templates/etc/postfix/main.cf.j2 | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/MSA/tasks/main.yml b/roles/MSA/tasks/main.yml index 00c205d..4f32df3 100644 --- a/roles/MSA/tasks/main.yml +++ b/roles/MSA/tasks/main.yml @@ -35,41 +35,41 @@ - main.cf - master.cf notify: - Reload Postfix - name: Copy the Regex to anonymize senders # no need to reload upon change, as cleanup(8) is short-running copy: src=etc/postfix/anonymize_sender.pcre dest=/etc/postfix-{{ postfix_instance[inst].name }}/anonymize_sender.pcre owner=root group=root mode=0644 - name: Copy the check_sender_access map copy: src=etc/postfix/check_sender_access dest=/etc/postfix-{{ postfix_instance[inst].name }}/check_sender_access owner=root group=root mode=0644 - name: Compile the check_sender_access map # no need to reload upon change, as cleanup(8) is short-running - postmap: cmd=postmap src=/etc/postfix-{{ postfix_instance[inst].name }}/check_sender_access db=cdb + postmap: cmd=postmap src=/etc/postfix-{{ postfix_instance[inst].name }}/check_sender_access db=lmdb owner=root group=root mode=0644 notify: - Reload Postfix - name: Create directory /etc/postfix/ssl file: path=/etc/postfix-{{ postfix_instance[inst].name }}/ssl state=directory owner=root group=root mode=0755 tags: - genkey - meta: flush_handlers - name: Start Postfix service: name=postfix state=started - name: Fetch Postfix's X.509 certificate # Ensure we don't fetch private data diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index 79808d5..7d7cb6d 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -86,34 +86,34 @@ disable_vrfy_command = yes address_verify_sender = $double_bounce_sender@noreply.$mydomain address_verify_poll_count = 3 address_verify_relayhost = address_verify_sender_ttl = 8069m address_verify_negative_refresh_time = 5m unverified_recipient_defer_code = 250 unverified_recipient_reject_code = 550 smtpd_client_restrictions = permit_sasl_authenticated reject smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_helo_hostname smtpd_sender_login_maps = socketmap:unix:private/sender-login:sender_login smtpd_sender_restrictions = reject_non_fqdn_sender reject_unknown_sender_domain - check_sender_access cdb:$config_directory/check_sender_access + check_sender_access lmdb:$config_directory/check_sender_access reject_known_sender_login_mismatch smtpd_relay_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain reject_unverified_recipient permit_sasl_authenticated reject smtpd_data_restrictions = reject_unauth_pipelining # vim: set filetype=pfmain : |