diff options
Diffstat (limited to 'roles/MSA')
-rw-r--r-- | roles/MSA/files/etc/postfix/anonymize_sender.pcre | 2 | ||||
-rw-r--r-- | roles/MSA/tasks/main.yml | 13 | ||||
-rw-r--r-- | roles/MSA/templates/etc/postfix/main.cf.j2 | 4 | ||||
l--------- | roles/MSA/templates/etc/postfix/smtp_tls_policy.j2 | 1 |
4 files changed, 17 insertions, 3 deletions
diff --git a/roles/MSA/files/etc/postfix/anonymize_sender.pcre b/roles/MSA/files/etc/postfix/anonymize_sender.pcre index 162e6c1..b91b981 100644 --- a/roles/MSA/files/etc/postfix/anonymize_sender.pcre +++ b/roles/MSA/files/etc/postfix/anonymize_sender.pcre @@ -1,6 +1,6 @@ /^Received:\s+from\s+(?:\S+\s+\(\S+\s+\[(?:IPv6:)?[[:xdigit:].:]{3,39}\]\)) (\s+\(using\s+(?:TLS|SSL)(?:v\S+)?\s+with\s+cipher\s+\S+\s+\(\S+\s+bits\) - (?:\s+key-exchange\s+\S+\s+(?:\([^)]+\)\s+)?server-signature\s+\S+\s+\(\d+\s+bits\)\s+server-digest\s+\S+)?\)\s+).* + (?:\s+key-exchange\s+\S+\s+(?:\([^)]+\)\s+)?server-signature\s+\S+\s+\(\d+\s+bits\)(?:\s+server-[[:alnum:]]+\s+\S+)*)?\)\s+).* (\bby\s+(?:\S+\.)?fripost\.org\s+\([^)]+\) \s+with\s+E?SMTPS?A\s+id\s+[[:xdigit:]]+;?\s.*)/x REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])${1}${2} diff --git a/roles/MSA/tasks/main.yml b/roles/MSA/tasks/main.yml index 4b38974..bf17702 100644 --- a/roles/MSA/tasks/main.yml +++ b/roles/MSA/tasks/main.yml @@ -40,6 +40,19 @@ notify: - systemctl daemon-reload +- name: Copy the SMTP TLS policy maps + template: src=etc/postfix/smtp_tls_policy.j2 + dest=/etc/postfix-{{ postfix_instance[inst].name }}/smtp_tls_policy + owner=root group=root + mode=0644 + +- name: Compile the SMTP TLS policy maps + postmap: cmd=postmap src=/etc/postfix-{{ postfix_instance[inst].name }}/smtp_tls_policy db=lmdb + owner=root group=root + mode=0644 + notify: + - Reload Postfix + - meta: flush_handlers - name: Enable Postfix sender login socketmap diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index a435b0f..bc98d9e 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -20,7 +20,7 @@ append_dot_mydomain = no mynetworks = 127.0.0.0/8, [::1]/128 {%- for h in groups.webmail | difference([inventory_hostname]) | sort -%} - , {{ ipsec[ hostvars[h].inventory_hostname_short ] | ipaddr }} + , {{ ipsec[ hostvars[h].inventory_hostname_short ] | ansible.utils.ipaddr }} {% endfor %} queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} @@ -40,7 +40,7 @@ message_size_limit = 67108864 recipient_delimiter = + # Forward everything to our internal outgoing proxy -relayhost = [{{ postfix_instance.out.addr | ipaddr }}]:{{ postfix_instance.out.port }} +relayhost = [{{ postfix_instance.out.addr | ansible.utils.ipaddr }}]:{{ postfix_instance.out.port }} relay_domains = diff --git a/roles/MSA/templates/etc/postfix/smtp_tls_policy.j2 b/roles/MSA/templates/etc/postfix/smtp_tls_policy.j2 new file mode 120000 index 0000000..b40876f --- /dev/null +++ b/roles/MSA/templates/etc/postfix/smtp_tls_policy.j2 @@ -0,0 +1 @@ +../../../../out/templates/etc/postfix/smtp_tls_policy.j2
\ No newline at end of file |