From bf960a066466d7719ada8fe7bc3dec99d237b88a Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 10 Jul 2016 05:13:33 +0200
Subject: Route all internal SMTP traffic through IPsec.

---
 roles/common/templates/etc/iptables/services.j2 | 17 -----------------
 1 file changed, 17 deletions(-)

(limited to 'roles/common/templates/etc/iptables/services.j2')

diff --git a/roles/common/templates/etc/iptables/services.j2 b/roles/common/templates/etc/iptables/services.j2
index 247f98a..2def27f 100644
--- a/roles/common/templates/etc/iptables/services.j2
+++ b/roles/common/templates/etc/iptables/services.j2
@@ -26,31 +26,14 @@ out     tcp     636                                     # LDAPS
 {% endif %}
 {% if 'MX' in group_names %}
 in      tcp     25                                      # SMTP
-{% if 'MDA' not in group_names %}
-out     tcp     {{ postfix_instance.IMAP.port }}
-{% endif %}
-{% if 'lists' not in group_names %}
-out     tcp     {{ postfix_instance.lists.port }}
-{% endif %}
 {% endif %}
 {% if 'out' in group_names %}
-{% if groups.all | difference([inventory_hostname]) %}
-in      tcp     {{ postfix_instance.out.port }}
-{% endif %}
 out     tcp     25                                      # SMTP
-{% else %}
-out     tcp     {{ postfix_instance.out.port }}
 {% endif %}
 {% if 'IMAP' in group_names %}
 in      tcp     993                                     # IMAPS
 in      tcp     4190                                    # MANAGESIEVE
 {% endif %}
-{% if 'MDA' in group_names and 'MX' not in group_names %}
-in      tcp     {{ postfix_instance.IMAP.port }}
-{% endif %}
-{% if 'lists' in group_names and 'MX' not in group_names %}
-in      tcp     {{ postfix_instance.lists.port }}
-{% endif %}
 {% if 'MSA' in group_names %}
 in      tcp     587                                     # SMTP-AUTH
 {% endif %}
-- 
cgit v1.2.3