From ab6ad880774f9122242755c6aa66ba2e7d42d6ff Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Tue, 13 Jun 2023 14:20:14 +0300
Subject: [PATCH] Support whitelist domain PTR

---
 defaults/main.yml             | 1 +
 templates/policyd-spf.conf.j2 | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index d508821..4da926e 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -99,6 +99,7 @@ postfix_spf_policy_mail_from_reject: 'Fail'
 # CIDR notation, 192.168.0.0/31,192.168.1.12
 postfix_spf_policy_whitelist: ''
 postfix_spf_policy_domain_whitelist: ''
+postfix_spf_policy_domain_whitelist_ptr: ''
 # Using this option, a list of domains can be defined for special processing when messages do not Pass SPF.  This can be useful for commonly spoofed domains that are not yet publishing SPF records with -all.  Specifically, if mail from a domain in this list has a Neutral/Softfail result, it will be rejected (as if it had a Fail result).  If needed, it is better to do it on a per-domain basis rather than globally. es: 'gmail.com,aol.com,hotmail.com'
 postfix_spf_policy_reject_not_pass_domains: ''
 postfix_spf_policy_lookup_time: 20
diff --git a/templates/policyd-spf.conf.j2 b/templates/policyd-spf.conf.j2
index bdcbde0..83fea38 100644
--- a/templates/policyd-spf.conf.j2
+++ b/templates/policyd-spf.conf.j2
@@ -16,6 +16,9 @@ Whitelist = {{ postfix_spf_policy_whitelist }}
 {% if postfix_spf_policy_domain_whitelist != '' %}
 Domain_Whitelist = {{ postfix_spf_policy_domain_whitelist }}
 {% endif %}
+{% if postfix_spf_policy_domain_whitelist_ptr != '' %}
+Domain_Whitelist_PTR = {{ postfix_spf_policy_domain_whitelist_ptr }}
+{% endif %}
 {% if postfix_spf_policy_reject_not_pass_domains != '' %}
 Reject_Not_Pass_Domains = {{ postfix_spf_policy_reject_not_pass_domains }}
 {% endif %}