From d5927fb7247e881655488b850812e8186ae444a4 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 10 Jul 2016 05:39:25 +0200
Subject: Postfix lists/MDA instances: only include the MX:es' IPs in
 $mynetworks.

---
 roles/IMAP/templates/etc/postfix/main.cf.j2 | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'roles/IMAP/templates/etc')

diff --git a/roles/IMAP/templates/etc/postfix/main.cf.j2 b/roles/IMAP/templates/etc/postfix/main.cf.j2
index faf17de..a879d28 100644
--- a/roles/IMAP/templates/etc/postfix/main.cf.j2
+++ b/roles/IMAP/templates/etc/postfix/main.cf.j2
@@ -19,7 +19,9 @@ append_dot_mydomain = no
 
 mynetworks = 127.0.0.0/8, [::1]/128
 {%- if groups.all | length > 1 -%}
-           , {{ ipsec_subnet }}
+{%- for mx in groups.MX | sort -%}
+           , {{ ipsec[ hostvars[mx].inventory_hostname_short ] | ipaddr }}
+{%- endfor %}
 {% endif %}
 
 queue_directory       = /var/spool/postfix-{{ postfix_instance[inst].name }}
-- 
cgit v1.2.3