| Commit message (Collapse) | Author | Age | Files | |
|---|---|---|---|---|
| * | Use recipient address verification probes. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | | This is specially useful for mailing lists and the webmail, since it prevents our outgoing gateway from accepting mails known to be bouncing. However the downside is that it adds a delay of up to 6s after the RCPT TO command. | |||
| * | logjam mitigation. | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Upgrade Postfix config to Jessie (MSA & outgoing proxy). | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Remove reject_unknown_sender_domain from the MDA and outgoing SMTP. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | | | | | We already removed it from the MX:es (see 32e605d4); we need to remove it from the MDA and outgoing SMTP as well, otherwise mails could bounce or get stuck in the middle (the're rejected with 450: deferred by default). However we can keep the restriction on the entry points (MSA and webmail). | |||
| * | Hash certs using a lookup in the template instead of add a new task. | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Tell vim the underlying filetype of templates for syntax highlighting. | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Install amavisd-new on the outgoing SMTP proxy. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | For DKIM signing and virus checking. | |||
| * | Replace IPSec tunnels by app-level ephemeral TLS sessions. | Guilhem Moulin | 2015-06-07 | 2 |
| | | | | | | For some reason giraff doesn't like IPSec. App-level TLS sessions are less efficient, but thanks to ansible it still scales well. | |||
| * | Outgoing SMTP proxy. | Guilhem Moulin | 2015-06-07 | 1 |
 |
index : fripost-ansible | |
| Fripost ansible scripts |
| summaryrefslogtreecommitdiffstats |