diff --git a/postfix/tasks/main.yml b/postfix/tasks/main.yml
index 73ce164b753a7de6421864a29f1e1e3e28f756be..9400d43ffc410f0e60a90b232dfe7c37ebccc9ab 100644
--- a/postfix/tasks/main.yml
+++ b/postfix/tasks/main.yml
@@ -15,7 +15,6 @@
copy: src=files/{{ item }} dest=/etc/postfix/
with_items:
- login_maps.pcre
- - master.cf
- sender_login_map.hash
- postscreen_whitelist
notify:
@@ -27,6 +26,7 @@
- name: ensure templated config is present
template: src=templates/{{ item }}.j2 dest=/etc/postfix/{{ item }}
with_items:
+ - master.cf
- main.cf
- postscreen_cache
notify:
diff --git a/postfix/files/master.cf b/postfix/templates/master.cf.j2
similarity index 95%
rename from postfix/files/master.cf
rename to postfix/templates/master.cf.j2
index 82c310bd34c9f341eae7416395b7f67ceb168150..6105ccd55ecf4648da5f140ce7caee5622029c9d 100644
--- a/postfix/files/master.cf
+++ b/postfix/templates/master.cf.j2
@@ -14,6 +14,9 @@ dovecot unix - n n - - pipe
#smtp inet n - y - - smtpd
smtp inet n - y - 1 postscreen
smtpd pass - - y - - smtpd
+{% if content_filter is defined %}
+ -o content_filter={{ content_filter }}
+{% endif %}
dnsblog unix - - y - 0 dnsblog
tlsproxy unix - - y - 0 tlsproxy
submission inet n - y - - smtpd
@@ -23,6 +26,9 @@ submission inet n - y - - smtpd
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_restrictions=reject_sender_login_mismatch
-o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
+{% if content_filter is defined %}
+ -o content_filter={{ content_filter }}
+{% endif %}
-o syslog_name=postfix/submission
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
@@ -130,4 +136,7 @@ scalemail-backend unix - n n - 2 pipe
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
-
+{% if content_filter is defined %}
+{{ content_filter }} {{ content_filter_arguments }}
+{{ content_filter_command }}
+{% endif %}