From ac7a2f152675c94ef765b5ddbc6d45141a52c87a Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Sun, 17 Jul 2016 19:34:30 +0200
Subject: [PATCH] Add role/postfwd

Config copied from nymeria.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 roles/postfwd/handlers/main.yml       |  5 +++++
 roles/postfwd/tasks/main.yml          | 14 +++++++++++++
 roles/postfwd/templates/postfwd.cf.j2 | 29 +++++++++++++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 roles/postfwd/handlers/main.yml
 create mode 100644 roles/postfwd/tasks/main.yml
 create mode 100644 roles/postfwd/templates/postfwd.cf.j2

diff --git a/roles/postfwd/handlers/main.yml b/roles/postfwd/handlers/main.yml
new file mode 100644
index 000000000..1713364b1
--- /dev/null
+++ b/roles/postfwd/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+
+- name: reload postfwd
+  service: name=postfwd state=reloaded
+
diff --git a/roles/postfwd/tasks/main.yml b/roles/postfwd/tasks/main.yml
new file mode 100644
index 000000000..fe1eb58b4
--- /dev/null
+++ b/roles/postfwd/tasks/main.yml
@@ -0,0 +1,14 @@
+---
+
+- name: install postfwd
+  pacman: name=postfwd state=present
+
+- name: install postfwd.cf
+  template: src=postfwd.cf.j2 dest=/etc/postfwd/postfwd.cf owner=root group=root mode=600
+  notify:
+    - reload postfwd
+
+- name: start and enable postfwd
+  service: name=postfwd enabled=yes state=started
+
+
diff --git a/roles/postfwd/templates/postfwd.cf.j2 b/roles/postfwd/templates/postfwd.cf.j2
new file mode 100644
index 000000000..b6b4864d8
--- /dev/null
+++ b/roles/postfwd/templates/postfwd.cf.j2
@@ -0,0 +1,29 @@
+# skip lower rate limiting for certain users
+# TODO: populate this from a variable if the feature is used
+&&SASL_WHITELIST {
+	sasl_username=devnull;
+};
+
+# skip lower rate limiting for certain users
+# sasl_username != doesn't work for whatever reason
+id=SaslWhitelist;
+	protocol_state==END-OF-MESSAGE;
+	&&SASL_WHITELIST;
+	action=rcpt(sasl_username/300/21600/REJECT You can only send to 300 recipients per 6h per user)
+
+# skip lower rate limiting for certain users
+id=SaslWhitelist2;
+	protocol_state==END-OF-MESSAGE;
+	&&SASL_WHITELIST;
+	action=dunno;
+
+# sasl_username != doesn't work for whatever reason
+id=RcptRate;
+	protocol_state==END-OF-MESSAGE;
+	sasl_username!~/^$/;
+	action=rcpt(sasl_username/100/21600/REJECT You can only send to 100 recipients per 6h per user)
+
+# this causes postfwd to log something for every mail; easier testing
+id=logging;
+	protocol_state==END-OF-MESSAGE;
+	action=dunno;
-- 
GitLab