From: Ralf Jung Date: Sun, 8 Apr 2018 10:16:12 +0000 (+0200) Subject: fix postscreen and DKIM permissions X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/4763f339a2f3f37ccfd4dcc009c83614efc302cc?ds=inline;hp=5e2e9470de3933fd6560eba8ee7a4fff9568ff7c fix postscreen and DKIM permissions --- diff --git a/roles/postfix/templates/master.cf b/roles/postfix/templates/master.cf index 0e9b536..e6eeb14 100644 --- a/roles/postfix/templates/master.cf +++ b/roles/postfix/templates/master.cf @@ -11,6 +11,7 @@ # ========================================================================== {% if postfix.postscreen is defined and postfix.postscreen %} smtp inet n - y - 1 postscreen +smtpd pass - - y - - smtpd dnsblog unix - - y - 0 dnsblog tlsproxy unix - - y - 0 tlsproxy {% else %} diff --git a/roles/postfix/templates/opendkim.conf b/roles/postfix/templates/opendkim.conf index 06203ea..6e4d812 100644 --- a/roles/postfix/templates/opendkim.conf +++ b/roles/postfix/templates/opendkim.conf @@ -6,7 +6,7 @@ Syslog yes # Access control -UMask 007 +UMask 000 # postfix is "other", but the dir is protected UserID opendkim # domains and keys are in table files