From 6dc22513d0e978993c200bd39786cf932c311159 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Fri, 2 Jun 2017 10:06:34 +0200 Subject: postfix: enable XFORWARD command from our internal relays. --- roles/common/templates/etc/postfix/master.cf.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/common/templates/etc/postfix/master.cf.j2 b/roles/common/templates/etc/postfix/master.cf.j2 index 71deb29..e2c743d 100644 --- a/roles/common/templates/etc/postfix/master.cf.j2 +++ b/roles/common/templates/etc/postfix/master.cf.j2 @@ -28,9 +28,11 @@ submission inet n - - - - smtpd -o smtpd_tls_security_level=none -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_exceptions_networks= + -o smtpd_authorized_xforward_hosts=127.0.0.0/8,[::1]/128{{ ipsec_subnet is defined | ternary(','+ipsec_subnet, '') }} {% endif %} {% elif inst in ['IMAP', 'out', 'lists'] %} [{{ postfix_instance[inst].addr }}]:{{ postfix_instance[inst].port }} inet n - - - - smtpd + -o smtpd_authorized_xforward_hosts=127.0.0.0/8,[::1]/128{{ ipsec_subnet is defined | ternary(','+ipsec_subnet, '') }} {% endif %} pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup -- cgit v1.2.3