saltstack-formulas/postfix-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Restore policyd-spf support

Browse Source
This commit is contained in:
Gilles Dartiguelongue 2015-08-22 13:59:29 +02:00
parent 04f97681eb
commit cbd9aeebe9
5 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pillar.example
View File

@ -7,6 +7,10 @@ postfix:
enabled: True enabled: True
location: inet:172.16.0.5:6379 location: inet:172.16.0.5:6379
policyd-spf:
enabled: True
time_limit: 7200s
config: config:
smtpd_banner: $myhostname ESMTP $mail_name smtpd_banner: $myhostname ESMTP $mail_name
biff: 'no' biff: 'no'

9
postfix/files/main.cf
View File

@ -57,7 +57,14 @@
{{ set_parameter('recipient_delimiter', '+') }} {{ set_parameter('recipient_delimiter', '+') }}
{{ set_parameter('inet_interfaces', 'all') }} {{ set_parameter('inet_interfaces', 'all') }}
{{ set_parameter('message_size_limit', '41943040') }} {{ set_parameter('message_size_limit', '41943040') }}
{{ set_parameter('smtpd_relay_restrictions', ['permit_mynetworks', 'permit_sasl_authenticated', 'defer_unauth_destination']) }}
{% set relay_restrictions = ['permit_mynetworks', 'permit_sasl_authenticated', 'defer_unauth_destination'] %}
{% set policyd_spf = salt['pillar.get']('postfix:policyd-spf', {}) %}
{% if policyd_spf.get('enabled', False) %}
{% set relay_restrictions = relay_restrictions + ['check_policy_server unix:private/policyd-spf'] %}
policy-spf_time_limit = {{ policyd_spf.get('time_limit', '3600s') }}
{% endif %}
{{ set_parameter('smtpd_relay_restrictions', relay_restrictions) }}
{% set recipient_restrictions = ['permit_mynetworks', 'permit_sasl_authenticated', 'reject_unauth_destination'] %} {% set recipient_restrictions = ['permit_mynetworks', 'permit_sasl_authenticated', 'reject_unauth_destination'] %}
{% set postgrey_config = salt['pillar.get']('postfix:postgrey', {}) %} {% set postgrey_config = salt['pillar.get']('postfix:postgrey', {}) %}

4
postfix/files/master.cf
View File

@ -131,3 +131,7 @@ scache unix - - n - 1 scache
#mailman unix - n n - - pipe #mailman unix - n n - - pipe
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py # flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user} # ${nexthop} ${user}
{% if salt['pillar.get']('postfix:policyd-spf:enabled', False) %}
policy-spf unix - n n - - spawn
user=nobody argv=/usr/bin/policyd-spf
{%- endif %}

4
postfix/map.jinja
View File

@ -1,24 +1,28 @@
{% set postfix = salt['grains.filter_by']({ {% set postfix = salt['grains.filter_by']({
'Debian': { 'Debian': {
'package': 'postfix', 'package': 'postfix',
'policyd_spf_pkg': 'postfix-policyd-spf-python',
'postgrey_pkg': 'postgrey', 'postgrey_pkg': 'postgrey',
'service': 'postfix', 'service': 'postfix',
'aliases': '/etc/aliases', 'aliases': '/etc/aliases',
}, },
'Gentoo': { 'Gentoo': {
'package': 'mail-mta/postfix', 'package': 'mail-mta/postfix',
'policyd_spf_pkg': 'mail-filter/pypolicyd-spf',
'postgrey_pkg': 'mail-filter/postgrey', 'postgrey_pkg': 'mail-filter/postgrey',
'service': 'postfix', 'service': 'postfix',
'aliases': '/etc/mail/aliases', 'aliases': '/etc/mail/aliases',
}, },
'RedHat': { 'RedHat': {
'package': 'postfix', 'package': 'postfix',
'policyd_spf_pkg': 'pypolicyd-spf',
'postgrey_pkg': 'postgrey', 'postgrey_pkg': 'postgrey',
'service': 'postfix', 'service': 'postfix',
'aliases': '/etc/aliases', 'aliases': '/etc/aliases',
}, },
'Arch' : { 'Arch' : {
'package': 'postfix', 'package': 'postfix',
'policyd_spf_pkg': 'python-postfix-policyd-spf',
'postgrey_pkg': 'postgrey', 'postgrey_pkg': 'postgrey',
'service': 'postfix', 'service': 'postfix',
'aliases': '/etc/aliases', 'aliases': '/etc/aliases',

5
postfix/policyd-spf.sls Normal file
View File

@ -0,0 +1,5 @@
{% from "postfix/map.jinja" import postfix with context %}
policyd_spf:
pkg.installed:
- name: {{ postfix.policyd_spf_pkg }}