summaryrefslogtreecommitdiffstats
path: root/roles/common
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common')
-rw-r--r--roles/common/files/etc/postfix/master.cf1
-rw-r--r--roles/common/templates/etc/fail2ban/jail.local.j210
-rw-r--r--roles/common/templates/etc/iptables/services.j23
3 files changed, 14 insertions, 0 deletions
diff --git a/roles/common/files/etc/postfix/master.cf b/roles/common/files/etc/postfix/master.cf
index fa8fed9..3540e32 100644
--- a/roles/common/files/etc/postfix/master.cf
+++ b/roles/common/files/etc/postfix/master.cf
@@ -11,6 +11,7 @@
smtp inet n - - - - smtpd
16132 inet n - - - - smtpd
2526 inet n - - - - smtpd
+submission inet n - - - - smtpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
diff --git a/roles/common/templates/etc/fail2ban/jail.local.j2 b/roles/common/templates/etc/fail2ban/jail.local.j2
index 96f2d6b..661c862 100644
--- a/roles/common/templates/etc/fail2ban/jail.local.j2
+++ b/roles/common/templates/etc/fail2ban/jail.local.j2
@@ -71,3 +71,13 @@ port = imap2,imap3,imaps,pop3,pop3s
filter = dovecot
logpath = /var/log/mail.log
{% endif %}
+
+
+{% if 'MSA' in group_names %}
+[sasl]
+
+enabled = true
+port = submission
+filter = sasl
+logpath = /var/log/mail.warn
+{% endif %}
diff --git a/roles/common/templates/etc/iptables/services.j2 b/roles/common/templates/etc/iptables/services.j2
index cd7a8bd..5243ae1 100644
--- a/roles/common/templates/etc/iptables/services.j2
+++ b/roles/common/templates/etc/iptables/services.j2
@@ -18,3 +18,6 @@ in tcp 25 # SMTP
{% if 'IMAP' in group_names %}
in tcp 993 # IMAPS
{% endif %}
+{% if 'MSA' in group_names %}
+in tcp 587 # SMTP-AUTH
+{% endif %}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 04:59:58 +0000