3 files changed, 8 insertions, 4 deletions

diff --git a/roles/common/files/etc/postfix/master.cf b/roles/common/files/etc/postfix/master.cf
index 4fdbff3..e845371 100644
--- a/roles/common/files/etc/postfix/master.cf
+++ b/roles/common/files/etc/postfix/master.cf
@@ -39,6 +39,7 @@ lmtp      unix  -       -       -       -       -       lmtp
 anvil     unix  -       -       -       -       1       anvil
 scache    unix  -       -       -       -       1       scache
 127.0.0.1:16132 inet n  -       -       -       -       smtpd
+2525      inet  n       -       -       -       -       smtpd
 2526      inet  n       -       -       -       -       smtpd
 2527      inet  n       -       -       -       -       smtpd
   -o mynetworks=0.0.0.0/0
diff --git a/roles/common/templates/etc/iptables/services.j2 b/roles/common/templates/etc/iptables/services.j2
index 4e21dfc..923aa35 100644
--- a/roles/common/templates/etc/iptables/services.j2
+++ b/roles/common/templates/etc/iptables/services.j2
@@ -19,6 +19,9 @@ in      tcp     {{ ansible_ssh_port|default('22') }}    # SSH
 {% if 'MX' in group_names %}
 in      tcp     25                                      # SMTP
 {% endif %}
+{% if 'out' in group_names %}
+#out     tcp     25                                     # SMTP
+{% endif %}
 {% if 'IMAP' in group_names %}
 in      tcp     993                                     # IMAPS
 in      tcp     4190                                    # ManageSieve
diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2
index e594c1e..70d4b98 100644
--- a/roles/common/templates/etc/postfix/main.cf.j2
+++ b/roles/common/templates/etc/postfix/main.cf.j2
@@ -31,16 +31,16 @@ virtual_alias_maps    = cdb:/etc/aliases
 alias_database        = $virtual_alias_maps
 
 # Forward everything to our internal mailhub
-{% if 'MTA-out' in group_names %}
-relayhost     = [127.0.0.1]:{{ postfix_instance["MTA-out"].port }}
+{% if 'out' in group_names %}
+relayhost     = [127.0.0.1]:{{ postfix_instance.out.port }}
 {% else %}
-relayhost     = [outgoing.fripost.org]:{{ postfix_instance["MTA-out"].port }}
+relayhost     = [outgoing.fripost.org]:{{ postfix_instance.out.port }}
 {% endif %}
 relay_domains =
 
 # Tunnel everything through IPSec
 smtp_tls_security_level  = none
-{% if 'MTA-out' in group_names %}
+{% if 'out' in group_names %}
 smtp_bind_address        = 127.0.0.1
 {% else %}
 smtp_bind_address        = 172.16.0.1