ISTI-ansible-roles
/
ansible-role-postfix
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

smtpd_recipient_restrictions and smtpd_client_restrictions are now customizable.

This commit is contained in:
Andrea Dell'Amico 2020-08-11 17:59:44 +02:00
parent db95704162
commit 2c2f874e97
2 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
defaults/main.yml
View File

@ -68,9 +68,26 @@ postfix_milter_action: tempfail
# SMTP server that not accept authenticated clients. # SMTP server that not accept authenticated clients.
############################################################################# #############################################################################
postfix_smtpd_server: False postfix_smtpd_server: False
postfix_smtpd_server_restrictions:
- permit_mynetworks
- reject_unknown_recipient_domain
- reject_non_fqdn_recipient
- reject_unauth_destination
- reject_unauth_pipelining
- reject_unlisted_recipient
# SMTP server that routes emails coming from outside # SMTP server that routes emails coming from outside
############################################################################# #############################################################################
postfix_mx_server: False postfix_mx_server: False
postfix_smtpd_mx_client_restrictions:
- reject_unknown_sender_domain
- reject_non_fqdn_sender
- reject_non_fqdn_recipient
- reject_invalid_hostname
- reject_unauth_destination
- reject_unknown_recipient_domain
- reject_unlisted_recipient
############################################################################# #############################################################################
# SMTP submission server: accepts authenticated clients # SMTP submission server: accepts authenticated clients
############################################################################# #############################################################################

19
templates/main.cf.j2
View File

@ -582,12 +582,9 @@ smtpd_milters =
{% if postfix_smtpd_server %} {% if postfix_smtpd_server %}
smtpd_recipient_restrictions = smtpd_recipient_restrictions =
permit_mynetworks {% for recipient_rule in postfix_smtpd_server_restrictions %}
reject_unknown_recipient_domain {{ recipient_rule }}
reject_non_fqdn_recipient {% endfor %}
reject_unauth_destination
reject_unauth_pipelining
reject_unlisted_recipient
{% if postfix_rbl_enabled %} {% if postfix_rbl_enabled %}
reject_rbl_client {{ postfix_rbl_list }} reject_rbl_client {{ postfix_rbl_list }}
{% endif %} {% endif %}
@ -599,13 +596,9 @@ smtpd_client_restrictions =
permit_sasl_authenticated permit_sasl_authenticated
{% endif %} {% endif %}
{% if postfix_mx_server %} {% if postfix_mx_server %}
reject_unknown_sender_domain {% for client_rule in postfix_smtpd_mx_client_restrictions %}
reject_non_fqdn_sender {{ client_rule }}
reject_non_fqdn_recipient {% endfor %}
reject_invalid_hostname
reject_unauth_destination
reject_unknown_recipient_domain
reject_unlisted_recipient
{% if postfix_rbl_enabled %} {% if postfix_rbl_enabled %}
reject_rbl_client {{ postfix_rbl_list }} reject_rbl_client {{ postfix_rbl_list }}
{% endif %} {% endif %}