From 7beb915bb8dddac847ca3aca85c187e314a6c0fa Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Tue, 11 Dec 2018 21:15:24 +0100
Subject: Outgoing SMTP: masquerade internal hostnames.

Use admin@fripost.org instead.  We were sending out (to the admin team)
system messages with non-existing or invalid envelope sender addresses,
such as <logcheck@antilop.fripost.org> or <root@mistral.fripost.org>.
---
 roles/out/templates/etc/postfix/canonical.j2 | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 roles/out/templates/etc/postfix/canonical.j2

(limited to 'roles/out/templates/etc/postfix/canonical.j2')

diff --git a/roles/out/templates/etc/postfix/canonical.j2 b/roles/out/templates/etc/postfix/canonical.j2
new file mode 100644
index 0000000..ed8bb4d
--- /dev/null
+++ b/roles/out/templates/etc/postfix/canonical.j2
@@ -0,0 +1,10 @@
+# {{ ansible_managed }}
+# Do NOT edit this file directly!
+
+# Addresses under $myhostname are typically not valid as envelope
+# recipients (eg, logcheck@, root@, etc.).  This breaks the sender
+# address verification, so we use the admin team's address in the
+# envelope.
+{% for host in groups.all | sort %}
+@{{ hostvars[host].inventory_hostname }}    admin@fripost.org
+{% endfor %}
-- 
cgit v1.2.3