diff options
Diffstat (limited to 'roles/MX/templates/etc/postfix/main.cf.j2')
-rw-r--r-- | roles/MX/templates/etc/postfix/main.cf.j2 | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index a2cc2a8..d10f901 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -37,7 +37,7 @@ message_size_limit = 67108864 recipient_delimiter = + # Forward everything to our internal outgoing proxy -relayhost = [{{ postfix_instance.out.addr | ipaddr }}]:{{ postfix_instance.out.port }} +relayhost = [{{ postfix_instance.out.addr | ansible.utils.ipaddr }}]:{{ postfix_instance.out.port }} relay_domains = @@ -123,6 +123,7 @@ postscreen_dnsbl_sites = postscreen_greet_action = enforce postscreen_whitelist_interfaces = static:all +smtpd_milters = { unix:public/opendmarc, protocol=6, default_action=accept } smtpd_client_restrictions = permit_mynetworks @@ -148,10 +149,6 @@ smtpd_recipient_restrictions = check_recipient_access ldap:$config_directory/reject-unknown-client-hostname.cf reject_rhsbl_reverse_client dbl.spamhaus.org=127.0.1.[2..99] reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99] - # defer if "abused legit": DBL return code in the 127.0.1.100+ range - defer_if_reject - reject_rhsbl_reverse_client dbl.spamhaus.org=127.0.1.[100..254] - reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[100..254] smtpd_data_restrictions = reject_unauth_pipelining |