Mercurial > repos > other > Puppet
changeset 124:db809398167a puppet-3.6
Swap from manual Postscreen whitelist to Postwhite generated whitelist
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Tue, 13 Sep 2016 20:27:22 +0100 |
parents | 5aaac087233c |
children | ca711ab45f17 |
files | modules/postfix/files/postscreen_access.cidr modules/postfix/templates/main.cf.erb |
diffstat | 2 files changed, 1 insertions(+), 113 deletions(-) [+] |
line wrap: on
line diff
--- a/modules/postfix/files/postscreen_access.cidr Sat Sep 03 20:31:35 2016 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,112 +0,0 @@ -# Google IPs taken from "dig TXT _netblocks.google.com" -64.18.0.0/20 permit -64.233.160.0/19 permit -66.102.0.0/20 permit -66.249.80.0/20 permit -72.14.192.0/18 permit -74.125.0.0/16 permit -108.177.8.0/21 permit -173.194.0.0/16 permit -207.126.144.0/20 permit -209.85.128.0/17 permit -216.58.192.0/19 permit -216.239.32.0/19 permit - -#Paypal IPs taken from following "dig TXT paypal.com" and recursing -108.175.18.45 permit -108.175.30.45 permit -12.130.86.238 permit -129.41.77.70 permit -157.151.208.65 permit -173.0.84.224/28 permit -173.0.94.244/30 permit -173.224.160.128/25 permit -173.224.161.128/25 permit -182.50.78.64/28 permit -193.28.178.0/25 permit -194.64.234.129 permit -198.178.234.57 permit -198.61.254.231 permit -204.13.11.48/29 permit -204.14.232.64/28 permit -204.14.234.64/28 permit -204.92.114.187 permit -206.165.246.80/29 permit -206.25.247.143 permit -206.25.247.155 permit -208.185.229.45 permit -208.201.241.163 permit -208.40.232.70 permit -208.64.132.0/22 permit -208.85.50.137 permit -209.46.117.168 permit -209.46.117.179 permit -209.67.98.46 permit -209.67.98.59 permit -216.113.160.0/24 permit -216.113.172.0/25 permit -216.113.175.0/24 permit -216.136.162.120/29 permit -216.136.162.65 permit -216.136.168.80/28 permit -54.214.39.184 permit -54.241.16.209 permit -54.244.242.0/24 permit -63.80.14.0/23 permit -64.127.115.252 permit -65.110.161.77 permit -65.212.180.36 permit -66.211.168.230/31 permit -67.221.168.65 permit -67.72.99.26 permit -74.112.67.243 permit -81.223.46.0/27 permit -8.20.114.31 permit -96.43.144.64/28 permit -96.43.148.64/28 permit -96.43.151.64/28 permit - -# Twitter IPs taken from "dig TXT twitter.com" -199.16.156.0/22 permit -199.59.148.0/22 permit -8.25.194.0/23 permit -8.25.196.0/23 permit -204.92.114.203 permit -204.92.114.204/31 permit -23.21.83.90 permit - -# Twitter IPs taken from "dig TXT _thirdparty.twitter.com" -96.43.144.64/31 permit -96.43.148.64/31 permit -182.50.78.64/28 permit -204.14.232.64/28 permit -204.14.234.64/28 permit - -# eBay IPs taken from "dig TXT ebay.co.uk" -216.113.160.244 permit -216.113.175.103 permit -216.113.172.68 permit -66.135.222.1 permit -205.201.137.229 permit -66.135.215.0/24 permit -66.211.161.0/25 permit -66.135.213.241 permit -66.211.184.0/23 permit -66.135.222.1 permit -205.201.128.0/20 permit -198.2.128.0/18 permit -67.72.99.26 permit -206.165.246.80/29 permit -64.127.115.252 permit -194.64.234.128/27 permit -65.110.161.77 permit -204.13.11.48/30 permit -72.3.237.64/28 permit -63.111.28.137 permit -208.74.204.0/22 permit -46.19.168.0/23 permit -193.28.178.0/25 permit -216.113.172.0/25 permit -216.113.160.0/24 permit -216.113.175.0/24 permit -66.211.188.138 permit \ No newline at end of file
--- a/modules/postfix/templates/main.cf.erb Sat Sep 03 20:31:35 2016 +0100 +++ b/modules/postfix/templates/main.cf.erb Tue Sep 13 20:27:22 2016 +0100 @@ -81,7 +81,7 @@ postscreen_non_smtp_command_enable = yes postscreen_non_smtp_command_action = enforce -postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr, cidr:/etc/postfix/postscreen_access_private.cidr +postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access_private.cidr, cidr:/etc/postfix/postscreen_spf_whitelist.cidr postscreen_blacklist_action = enforce content_filter = smtp-amavis:[127.0.0.1]:10024 \ No newline at end of file