diff options
| author |  Joe Banks <[email protected]> | 2024-08-19 19:52:11 +0100 |
|---|---|---|
| committer | Joe Banks <[email protected]> | 2024-08-19 19:52:11 +0100 |
| commit | c810faccbc540d4b28446af8c54b19bd8ac20ad3 (patch) | |
| tree | 03d758f4fe0c9ee3bc8ce205ae035f20c4b46dc5 | |
| parent | Update formatting of CORS_ORIGINS in Thallium configmap (diff) | |
Only allow LDAP postfix lookups for postfix destination domains
5 files changed, 5 insertions, 0 deletions
diff --git a/ansible/roles/postfix/templates/ldap/ldap-group-aliases.cf.j2 b/ansible/roles/postfix/templates/ldap/ldap-group-aliases.cf.j2 index 9965e0d..4c55417 100644 --- a/ansible/roles/postfix/templates/ldap/ldap-group-aliases.cf.j2 +++ b/ansible/roles/postfix/templates/ldap/ldap-group-aliases.cf.j2 @@ -6,6 +6,7 @@ bind_dn = {{ postfix_bind_user }} bind_pw = {{ postfix_bind_password }} search_base = cn=groups,cn=accounts,dc=box,dc=pydis,dc=wtf query_filter = (cn=%u) +domain = {{ postfix_destination_domains | join(', ') }} special_result_attribute = member result_attribute = mail version = 3 diff --git a/ansible/roles/postfix/templates/ldap/ldap-registeredaddress.cf.j2 b/ansible/roles/postfix/templates/ldap/ldap-registeredaddress.cf.j2 index 2089b95..67fa9e2 100644 --- a/ansible/roles/postfix/templates/ldap/ldap-registeredaddress.cf.j2 +++ b/ansible/roles/postfix/templates/ldap/ldap-registeredaddress.cf.j2 @@ -6,6 +6,7 @@ bind_dn = {{ postfix_bind_user }} bind_pw = {{ postfix_bind_password }} search_base = {{ postfix_bind_search_base }} query_filter = (mail=%u@{{ postfix_mailname }}) +domain = {{ postfix_destination_domains | join(', ') }} result_attribute = registeredAddress result_format = %s version = 3 diff --git a/ansible/roles/postfix/templates/ldap/ldap-relay-recipients.cf.j2 b/ansible/roles/postfix/templates/ldap/ldap-relay-recipients.cf.j2 index 8a7a4e8..2d9f48f 100644 --- a/ansible/roles/postfix/templates/ldap/ldap-relay-recipients.cf.j2 +++ b/ansible/roles/postfix/templates/ldap/ldap-relay-recipients.cf.j2 @@ -6,6 +6,7 @@ bind_dn = {{ postfix_bind_user }} bind_pw = {{ postfix_bind_password }} search_base = {{ postfix_bind_search_base }} query_filter = (mail=%u@{{ postfix_mailname }}) +domain = {{ postfix_destination_domains | join(', ') }} result_attribute = mail result_format = %s version = 3 diff --git a/ansible/roles/postfix/templates/ldap/ldap-service-mail.cf.j2 b/ansible/roles/postfix/templates/ldap/ldap-service-mail.cf.j2 index a0dc1c3..1d4a877 100644 --- a/ansible/roles/postfix/templates/ldap/ldap-service-mail.cf.j2 +++ b/ansible/roles/postfix/templates/ldap/ldap-service-mail.cf.j2 @@ -6,6 +6,7 @@ bind_dn = {{ postfix_bind_user }} bind_pw = {{ postfix_bind_password }} search_base = {{ postfix_bind_search_base }} query_filter = (&(mail=%[email protected])(mail=%s)) +domain = {{ postfix_destination_domains | join(', ') }} result_attribute = uid result_format = %s@localhost version = 3 diff --git a/ansible/roles/postfix/templates/ldap/ldap-uid.cf.j2 b/ansible/roles/postfix/templates/ldap/ldap-uid.cf.j2 index 072edbe..8c772ef 100644 --- a/ansible/roles/postfix/templates/ldap/ldap-uid.cf.j2 +++ b/ansible/roles/postfix/templates/ldap/ldap-uid.cf.j2 @@ -6,6 +6,7 @@ bind_dn = {{ postfix_bind_user }} bind_pw = {{ postfix_bind_password }} search_base = {{ postfix_bind_search_base }} query_filter = (mail=%u@{{ postfix_mailname }}) +domain = {{ postfix_destination_domains | join(', ') }} result_attribute = uid result_format = %s@localhost version = 3 |