summaryrefslogtreecommitdiff
path: root/manifests
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2021-04-14 18:50:02 -0300
committerSilvio Rhatto <rhatto@riseup.net>2021-04-14 18:50:02 -0300
commit5eb3dca39ea4c01eb38a8c6f329e6d5e9c845732 (patch)
treed079e322a00d1267adb717c271cfe5910efcea91 /manifests
parentceff11a35cf0f01934e13846aab1ae79568bbd35 (diff)
downloadpuppet-mail-5eb3dca39ea4c01eb38a8c6f329e6d5e9c845732.tar.gz
puppet-mail-5eb3dca39ea4c01eb38a8c6f329e6d5e9c845732.tar.bz2
Feat: support for SPF checking
Diffstat (limited to 'manifests')
-rw-r--r--manifests/base.pp6
-rw-r--r--manifests/packages.pp2
-rw-r--r--manifests/system.pp4
3 files changed, 10 insertions, 2 deletions
diff --git a/manifests/base.pp b/manifests/base.pp
index eb84c76..4e3472e 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -22,12 +22,16 @@ class mail::base {
# Recipient restrictions
postfix::config { "smtpd_recipient_restrictions":
- value => "permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client psbl.surriel.com, check_policy_service inet:127.0.0.1:${postgrey_port}" }
+ value => "permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client psbl.surriel.com, check_policy_service unix:private/policyd-spf, check_policy_service inet:127.0.0.1:${postgrey_port}" }
postfix::hash { "/etc/postfix/virtual":
ensure => present,
}
+ postfix::config { "policy-spf_time_limit":
+ value => "3600",
+ }
+
postfix::hash { "/etc/postfix/transport":
ensure => present,
}
diff --git a/manifests/packages.pp b/manifests/packages.pp
index 45c1063..1a59c8b 100644
--- a/manifests/packages.pp
+++ b/manifests/packages.pp
@@ -1,6 +1,6 @@
class mail::packages {
# The needed packages
- package { [ 'postgrey', 'amavisd-new', 'spamassassin', 'spamc', 'pflogsumm' ]:
+ package { [ 'postgrey', 'amavisd-new', 'spamassassin', 'spamc', 'pflogsumm', 'postfix-policyd-spf-python' ]:
ensure => installed,
}
diff --git a/manifests/system.pp b/manifests/system.pp
index a4fc57b..7d9841b 100644
--- a/manifests/system.pp
+++ b/manifests/system.pp
@@ -28,6 +28,10 @@ class mail::system(
true => "yes",
default => "no",
},
+ use_spf => lookup('mail::spf', undef, undef, false) ? {
+ true => "yes",
+ default => "no",
+ },
use_submission => "yes",
use_smtps => "no",
anon_sasl => "yes",