summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Löthberg <johannes@kyriasis.com>2016-03-07 07:48:17 +0100
committerJohannes Löthberg <johannes@kyriasis.com>2016-03-07 07:48:17 +0100
commit2caad1713e1dd64a7f4db9a27984b4762a0694b5 (patch)
tree13c808d22c22ff546d4ba5271e597e60cb948db3
parent323969c17a5c18ab99faa104fa7570a19587683e (diff)
downloadsmtpd-conf-2caad1713e1dd64a7f4db9a27984b4762a0694b5.tar.xz
smtpd.conf: Do a masquerade on senders table
Only lets people send using their proper addresses. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
-rw-r--r--common/senders4
-rw-r--r--lucifer.kyriasis.com/smtpd.conf9
-rw-r--r--theos.kyriasis.com/smtpd.conf13
3 files changed, 16 insertions, 10 deletions
diff --git a/common/senders b/common/senders
new file mode 100644
index 0000000..79fe0ac
--- /dev/null
+++ b/common/senders
@@ -0,0 +1,4 @@
+sysbunny: @lucifer.kyriasis.com,sysbunny@kyriasis.com,erik@kyriasis.com
+grawity: grawity@theos.kyriasis.com,grawity@kyriasis.com
+halosghost: halosghost@theos.kyriasis.com,halosghost@kyriasis.com
+kyrias: @theos.kyriasis.com,@kyriasis.com
diff --git a/lucifer.kyriasis.com/smtpd.conf b/lucifer.kyriasis.com/smtpd.conf
index 0f0efc7..2db7f99 100644
--- a/lucifer.kyriasis.com/smtpd.conf
+++ b/lucifer.kyriasis.com/smtpd.conf
@@ -12,19 +12,20 @@ pki lucifer.kyriasis.com key "/etc/smtpd/certs/lucifer.kyriasis.com.key"
# If you edit the file, you have to run "smtpctl update table users"
table users file:/etc/smtpd/users
+table sendertable file:/etc/smtpd/senders
##
# Listen directives
#
-listen on eth0 port 25 tls pki lucifer.kyriasis.com auth-optional
-listen on eth0 port 587 tls-require pki lucifer.kyriasis.com auth
-listen on eth0 port 465 smtps pki lucifer.kyriasis.com auth
+listen on enp0s4 port 25 tls pki lucifer.kyriasis.com auth-optional senders <sendertable> masquerade
+listen on enp0s4 port 587 tls-require pki lucifer.kyriasis.com auth senders <sendertable> masquerade
+listen on enp0s4 port 465 smtps pki lucifer.kyriasis.com auth senders <sendertable> masquerade
listen on lo port 10029 tag DKIM-OUT
-listen on localhost
+listen on localhost senders <sendertable> masquerade
##
diff --git a/theos.kyriasis.com/smtpd.conf b/theos.kyriasis.com/smtpd.conf
index 03f1de5..7ef11dc 100644
--- a/theos.kyriasis.com/smtpd.conf
+++ b/theos.kyriasis.com/smtpd.conf
@@ -12,23 +12,24 @@ pki theos.kyriasis.com key "/etc/ssl/kyriasis-wosign/private.key"
# If you edit the file, you have to run "smtpctl update table users"
table users file:/etc/smtpd/users
+table sendertable file:/etc/smtpd/senders
##
# Listen directives
#
-listen on eth0 port 25 tls pki theos.kyriasis.com auth-optional
-listen on eth0 port 587 tls-require pki theos.kyriasis.com auth
-listen on eth0 port 465 smtps pki theos.kyriasis.com auth
+listen on ens4 port 25 tls pki theos.kyriasis.com auth-optional senders <sendertable> masquerade
+listen on ens4 port 587 tls-require pki theos.kyriasis.com auth senders <sendertable> masquerade
+listen on ens4 port 465 smtps pki theos.kyriasis.com auth senders <sendertable> masquerade
-listen on tun0 port 25 tls pki theos.kyriasis.com auth-optional
-listen on tun0 port 587 tls-require pki theos.kyriasis.com auth
+listen on cjdns port 25 tls pki theos.kyriasis.com auth-optional senders <sendertable> masquerade
+listen on cjdns port 587 tls-require pki theos.kyriasis.com auth senders <sendertable> masquerade
listen on lo port 10026 tag DKIM-IN
listen on lo port 10029 tag DKIM-OUT
-listen on localhost
+listen on localhost senders <sendertable> masquerade
##