fix postscreen and DKIM permissions

author Ralf Jung <post@ralfj.de>

Sun, 8 Apr 2018 10:16:12 +0000 (12:16 +0200)

committer Ralf Jung <post@ralfj.de>

Sun, 8 Apr 2018 10:16:12 +0000 (12:16 +0200)
author Ralf Jung <post@ralfj.de>
Sun, 8 Apr 2018 10:16:12 +0000 (12:16 +0200)
committer Ralf Jung <post@ralfj.de>
Sun, 8 Apr 2018 10:16:12 +0000 (12:16 +0200)
diff --git a/roles/postfix/templates/master.cf b/roles/postfix/templates/master.cf

index 0e9b5363c70d7e9d682a3496e3cb8e7b2380581f..e6eeb149766489f2c7b4e4604c54d81bb3ef78b7 100644 (file)
--- a/roles/postfix/templates/master.cf
+++ b/roles/postfix/templates/master.cf
@@ -11,6 +11,7 @@
  # ==========================================================================
  {% if postfix.postscreen is defined and postfix.postscreen %}
  smtp       inet  n       -       y       -       1       postscreen
+smtpd      pass  -       -       y       -       -       smtpd
  dnsblog    unix  -       -       y       -       0       dnsblog
  tlsproxy   unix  -       -       y       -       0       tlsproxy
  {% else %}
diff --git a/roles/postfix/templates/opendkim.conf b/roles/postfix/templates/opendkim.conf

index 06203ea3413ae731cf04270756f2c3266656d3df..6e4d8128e057f11aa65638be9e25470d6f4232bc 100644 (file)
--- a/roles/postfix/templates/opendkim.conf
+++ b/roles/postfix/templates/opendkim.conf
@@ -6,7 +6,7 @@
  Syslog                 yes
  
  # Access control
-UMask                  007
+UMask                  000 # postfix is "other", but the dir is protected
  UserID                 opendkim
  
  # domains and keys are in table files
author	Ralf Jung <post@ralfj.de>
	Sun, 8 Apr 2018 10:16:12 +0000 (12:16 +0200)
committer	Ralf Jung <post@ralfj.de>
	Sun, 8 Apr 2018 10:16:12 +0000 (12:16 +0200)
roles/postfix/templates/master.cf		patch \| blob \| history
roles/postfix/templates/opendkim.conf		patch \| blob \| history