diff options
| author |  Joe Banks <[email protected]> | 2024-09-01 18:17:52 +0100 |
|---|---|---|
| committer | Joe Banks <[email protected]> | 2024-09-03 19:47:58 +0100 |
| commit | 0c12eb56a127617f055308538d4a0cc10eeeb0ee (patch) | |
| tree | cb1025a45af56f4d16ed65c2d9e73963120d7cc3 /ansible/roles/postfix/tasks/main.yml | |
| parent | Appease the documentation dictator (diff) | |
Add all accepted mail domains to SRS exclude configuration
We don't want to rewrite the envelopes of mail that is from a valid
domain of our mailserver (e.g. pydis.com or int.pydis.wtf), but by
default PostSRSD will rewrite anything that is not the `mydomain`
configuration variable of Postfix (which is just set to `pydis.wtf` for
us).
This change updates the environment defaults for PostSRSD to ensure that
we don't change any envelopes that don't need to be changed, as well as
ensuring that to end mailservers the DKIM and SPF checks are made
against the actual domain (e.g. int.pydis.wtf) instead of the rewritten
envelope.
Diffstat (limited to 'ansible/roles/postfix/tasks/main.yml')
| -rw-r--r-- | ansible/roles/postfix/tasks/main.yml | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ansible/roles/postfix/tasks/main.yml b/ansible/roles/postfix/tasks/main.yml index 57293ad..5281fff 100644 --- a/ansible/roles/postfix/tasks/main.yml +++ b/ansible/roles/postfix/tasks/main.yml @@ -158,6 +158,22 @@ tags: - role::postfix +- name: Update PostSRSD rewriting config + lineinfile: + path: /etc/default/postsrsd + regexp: "^#?{{ item['key'] }}=" + line: '{{ item["key"] }}="{{ item["value"] }}"' + mode: "0444" + owner: root + group: root + loop: + - key: SRS_EXCLUDE_DOMAINS + value: "{{ postfix_destination_domains | join(',') }}" + tags: + - role::postfix + notify: + - Restart postsrsd + - name: Pass inbound mail through spamassassin content filter lineinfile: path: /etc/postfix/master.cf |