Feat: support for SPF checking

author Silvio Rhatto <rhatto@riseup.net>

Wed, 14 Apr 2021 21:50:02 +0000 (18:50 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Wed, 14 Apr 2021 21:50:02 +0000 (18:50 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Wed, 14 Apr 2021 21:50:02 +0000 (18:50 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Wed, 14 Apr 2021 21:50:02 +0000 (18:50 -0300)
diff --git a/manifests/base.pp b/manifests/base.pp

index eb84c76e078d91310393b4631c8977d3d19134cd..4e3472eeec4f3bf6ed8f9efe84419097af7a801b 100644 (file)
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -22,12 +22,16 @@ class mail::base {
  
    # Recipient restrictions
    postfix::config { "smtpd_recipient_restrictions":
-    value => "permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client psbl.surriel.com, check_policy_service inet:127.0.0.1:${postgrey_port}" }
+    value => "permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client psbl.surriel.com, check_policy_service unix:private/policyd-spf, check_policy_service inet:127.0.0.1:${postgrey_port}" }
  
    postfix::hash { "/etc/postfix/virtual":
      ensure => present,
    }
  
+  postfix::config { "policy-spf_time_limit":
+    value => "3600",
+  }
+
    postfix::hash { "/etc/postfix/transport":
      ensure => present,
    }
diff --git a/manifests/packages.pp b/manifests/packages.pp

index 45c1063bbf0bb1bc42bfc58912cb1b0971ab3c0d..1a59c8bed70b53873ec616679266a2e84c3f70ed 100644 (file)
--- a/manifests/packages.pp
+++ b/manifests/packages.pp
@@ -1,6 +1,6 @@
  class mail::packages {
    # The needed packages
-  package { [ 'postgrey', 'amavisd-new', 'spamassassin', 'spamc', 'pflogsumm' ]:
+  package { [ 'postgrey', 'amavisd-new', 'spamassassin', 'spamc', 'pflogsumm', 'postfix-policyd-spf-python' ]:
      ensure => installed,
    }
  
diff --git a/manifests/system.pp b/manifests/system.pp

index a4fc57b026e49dab2a1da47e249b07dfcf63f75a..7d9841b78e799184484dc1258e5f38fa31a19d57 100644 (file)
--- a/manifests/system.pp
+++ b/manifests/system.pp
@@ -28,6 +28,10 @@ class mail::system(
        true    => "yes",
        default => "no",
      },
+    use_spf               => lookup('mail::spf', undef, undef, false) ? {
+      true    => "yes",
+      default => "no",
+    },
      use_submission          => "yes",
      use_smtps               => "no",
      anon_sasl               => "yes",
author	Silvio Rhatto <rhatto@riseup.net>
	Wed, 14 Apr 2021 21:50:02 +0000 (18:50 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Wed, 14 Apr 2021 21:50:02 +0000 (18:50 -0300)
manifests/base.pp		patch \| blob \| history
manifests/packages.pp		patch \| blob \| history
manifests/system.pp		patch \| blob \| history