From f8a46672a40b29f04a1a6417042759e2c25d4671 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Tue, 14 Jan 2014 06:48:46 +0100 Subject: Excplicitely make local services run on localhost. --- roles/IMAP/templates/etc/postfix/main.cf.j2 | 2 +- roles/common/files/etc/postfix/master.cf | 7 ++++--- roles/common/templates/etc/postfix/main.cf.j2 | 2 +- roles/webmail/templates/etc/postfix/main.cf.j2 | 2 +- 4 files changed, 7 insertions(+), 6 deletions(-) (limited to 'roles') diff --git a/roles/IMAP/templates/etc/postfix/main.cf.j2 b/roles/IMAP/templates/etc/postfix/main.cf.j2 index 2da85e9..df2e9fb 100644 --- a/roles/IMAP/templates/etc/postfix/main.cf.j2 +++ b/roles/IMAP/templates/etc/postfix/main.cf.j2 @@ -18,7 +18,7 @@ mydomain = {{ ansible_domain }} append_dot_mydomain = no # Turn off all TCP/IP listener ports except that necessary for the MDA. -master_service_disable = !2526.inet inet +master_service_disable = !127.0.0.1:2526.inet inet queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} data_directory = /var/lib/postfix-{{ postfix_instance[inst].name }} diff --git a/roles/common/files/etc/postfix/master.cf b/roles/common/files/etc/postfix/master.cf index 17613b0..325af1b 100644 --- a/roles/common/files/etc/postfix/master.cf +++ b/roles/common/files/etc/postfix/master.cf @@ -9,9 +9,6 @@ # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd -16132 inet n - - - - smtpd -2526 inet n - - - - smtpd -2580 inet n - - - - smtpd submission inet n - - - - smtpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup @@ -41,6 +38,10 @@ virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache +127.0.0.1:16132 inet n - - - - smtpd +127.0.0.1:2526 inet n - - - - smtpd +127.0.0.1:2527 inet n - - - - smtpd +127.0.0.1:2580 inet n - - - - smtpd 127.0.0.1:2599 inet n - - - - smtpd -o cleanup_service_name=cleanup-catchall cleanup-catchall unix n - - - 0 cleanup diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2 index 5728986..4c56cea 100644 --- a/roles/common/templates/etc/postfix/main.cf.j2 +++ b/roles/common/templates/etc/postfix/main.cf.j2 @@ -48,7 +48,7 @@ smtpd_tls_security_level = none # Turn off all TCP/IP listener ports except that dedicated to # samhain(8), which sadly cannot use pickup through the sendmail binary. -master_service_disable = !16132.inet inet +master_service_disable = !127.0.0.1:16132.inet inet {% set multi_instance = False %} {%- for g in postfix_instance.keys() | sort -%} diff --git a/roles/webmail/templates/etc/postfix/main.cf.j2 b/roles/webmail/templates/etc/postfix/main.cf.j2 index e9a2e7d..cb57b23 100644 --- a/roles/webmail/templates/etc/postfix/main.cf.j2 +++ b/roles/webmail/templates/etc/postfix/main.cf.j2 @@ -18,7 +18,7 @@ mydomain = {{ ansible_domain }} append_dot_mydomain = no # Turn off all TCP/IP listener ports except that necessary for the webmail. -master_service_disable = !2580.inet inet +master_service_disable = !127.0.0.1:2580.inet inet queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} data_directory = /var/lib/postfix-{{ postfix_instance[inst].name }} -- cgit v1.2.3