2 files changed, 5 insertions, 0 deletions

diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2
index b182f9e..42b9aca 100644
--- a/roles/MSA/templates/etc/postfix/main.cf.j2
+++ b/roles/MSA/templates/etc/postfix/main.cf.j2
@@ -99,20 +99,23 @@ unknown_client_reject_code = 554
 
 smtpd_client_restrictions =
     permit_sasl_authenticated
     reject
 
 smtpd_helo_required     = yes
 smtpd_helo_restrictions =
     reject_invalid_helo_hostname
 
 smtpd_sender_restrictions =
     reject_non_fqdn_sender
     reject_unknown_sender_domain
 
 smtpd_recipient_restrictions =
     # RFC requirements
     reject_non_fqdn_recipient
     reject_unknown_recipient_domain
     permit_mynetworks
     permit_sasl_authenticated
     reject_unauth_destination
+
+smtpd_data_restrictions =
+    reject_unauth_pipelining
diff --git a/roles/common/tasks/logging.yml b/roles/common/tasks/logging.yml
index 312c31e..06f06b0 100644
--- a/roles/common/tasks/logging.yml
+++ b/roles/common/tasks/logging.yml
@@ -14,24 +14,26 @@
 
 - name: Configure logcheck
   copy: src=etc/logcheck/{{ item }}
         dest=/etc/logcheck/{{ item }}
         owner=root group=logcheck
         mode=0640
   with_items:
     - logcheck.conf
     - ignore.d.server/common.local
 
 - name: Minimal logging policy (1)
   lineinfile: dest=/etc/logrotate.d/rsyslog
               regexp="^/var/log/mail.(log|info)$"
               state=absent
 
 - name: Minimal logging policy (2)
   copy: src=etc/logrotate.d/fripost-mail
         dest=/etc/logrotate.d/fripost-mail
         owner=root group=root
         mode=0644
+  tags:
+    - logrotate
 
 # TODO: We also have specialized per-role logcheck rulesets, per-role
 # logrotate configuration (/etc/logrotate.d), and per-role rsyslog
 # configuration (/etc/rsyslog.d).