ISTI-ansible-roles
/
ansible-role-postfix
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Support whitelist domain PTR

This commit is contained in:
Andrea Dell'Amico 2023-06-13 14:20:14 +03:00
parent e07ed5d24a
commit ab6ad88077
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
defaults/main.yml
View File

@ -99,6 +99,7 @@ postfix_spf_policy_mail_from_reject: 'Fail'
# CIDR notation, 192.168.0.0/31,192.168.1.12
postfix_spf_policy_whitelist: ''
postfix_spf_policy_domain_whitelist: ''
postfix_spf_policy_domain_whitelist_ptr: ''
# Using this option, a list of domains can be defined for special processing when messages do not Pass SPF. This can be useful for commonly spoofed domains that are not yet publishing SPF records with -all. Specifically, if mail from a domain in this list has a Neutral/Softfail result, it will be rejected (as if it had a Fail result). If needed, it is better to do it on a per-domain basis rather than globally. es: 'gmail.com,aol.com,hotmail.com'
postfix_spf_policy_reject_not_pass_domains: ''
postfix_spf_policy_lookup_time: 20

3
templates/policyd-spf.conf.j2
View File

@ -16,6 +16,9 @@ Whitelist = {{ postfix_spf_policy_whitelist }}
{% if postfix_spf_policy_domain_whitelist != '' %}
Domain_Whitelist = {{ postfix_spf_policy_domain_whitelist }}
{% endif %}
{% if postfix_spf_policy_domain_whitelist_ptr != '' %}
Domain_Whitelist_PTR = {{ postfix_spf_policy_domain_whitelist_ptr }}
{% endif %}
{% if postfix_spf_policy_reject_not_pass_domains != '' %}
Reject_Not_Pass_Domains = {{ postfix_spf_policy_reject_not_pass_domains }}
{% endif %}