From 649ede2f89a9fcff3e29804cddd40f4229673db3 Mon Sep 17 00:00:00 2001 From: Michal Konecny Date: Tue, 18 Jun 2024 16:07:47 +0200 Subject: [PATCH] [base/postfix] Change the Red Hat relay to mx1.redhat.com The relay changed the IP it points to, let's try this and see if that helps. Signed-off-by: Michal Konecny --- roles/base/files/postfix/bysender | 2 +- roles/base/files/postfix/main.cf/main.cf.gateway | 2 +- .../main.cf/main.cf.mailman01.stg.iad2.fedoraproject.org | 2 ++ roles/base/files/postfix/tls_policy | 2 +- roles/base/files/postfix/transports.gateway | 6 +++--- roles/opendkim/files/opendkim.conf | 2 +- 6 files changed, 9 insertions(+), 7 deletions(-) diff --git a/roles/base/files/postfix/bysender b/roles/base/files/postfix/bysender index 19fedeffab..54ee067dd9 100644 --- a/roles/base/files/postfix/bysender +++ b/roles/base/files/postfix/bysender @@ -1 +1 @@ -@redhat.com [mx2.redhat.com] +@redhat.com [mx1.redhat.com] diff --git a/roles/base/files/postfix/main.cf/main.cf.gateway b/roles/base/files/postfix/main.cf/main.cf.gateway index e30d1a3404..f7e4c77c91 100644 --- a/roles/base/files/postfix/main.cf/main.cf.gateway +++ b/roles/base/files/postfix/main.cf/main.cf.gateway @@ -744,7 +744,7 @@ smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_chain_files = /etc/pki/tls/private/gateway-chain.pem smtp_tls_security_level = may smtp_tls_connection_reuse = no -smtp_connection_cache_destinations = mx2.redhat.com,gmail.com,google.com,scrye.com,redhat.com +smtp_connection_cache_destinations = mx1.redhat.com,gmail.com,google.com,scrye.com,redhat.com smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache smtp_tls_session_cache_timeout = 3600s smtp_tls_policy_maps = hash:/etc/postfix/tls_policy diff --git a/roles/base/files/postfix/main.cf/main.cf.mailman01.stg.iad2.fedoraproject.org b/roles/base/files/postfix/main.cf/main.cf.mailman01.stg.iad2.fedoraproject.org index 24879a6844..7b9a83b90e 100644 --- a/roles/base/files/postfix/main.cf/main.cf.mailman01.stg.iad2.fedoraproject.org +++ b/roles/base/files/postfix/main.cf/main.cf.mailman01.stg.iad2.fedoraproject.org @@ -694,3 +694,5 @@ owner_request_special = no transport_maps = hash:/var/lib/mailman3/data/postfix_lmtp local_recipient_maps = hash:/var/lib/mailman3/data/postfix_lmtp relay_domains = hash:/var/lib/mailman3/data/postfix_domains + +smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination diff --git a/roles/base/files/postfix/tls_policy b/roles/base/files/postfix/tls_policy index e1b39e391c..ff5307ed37 100644 --- a/roles/base/files/postfix/tls_policy +++ b/roles/base/files/postfix/tls_policy @@ -1 +1 @@ -[mx2.redhat.com] none +[mx1.redhat.com] none diff --git a/roles/base/files/postfix/transports.gateway b/roles/base/files/postfix/transports.gateway index fe06c8f4ce..a1eea484a8 100644 --- a/roles/base/files/postfix/transports.gateway +++ b/roles/base/files/postfix/transports.gateway @@ -299,9 +299,9 @@ # TRANSPORT(5) fedora.redhat.com : -redhat.com smtp:[mx2.redhat.com] -.redhat.com smtp:[mx2.redhat.com] -ceylon-lang.org smtp:[mx2.redhat.com] +redhat.com smtp:[mx1.redhat.com] +.redhat.com smtp:[mx1.redhat.com] +ceylon-lang.org smtp:[mx1.redhat.com] lists.stg.fedoraproject.org smtp:[mailman01.stg.iad2.fedoraproject.org] lists.stg.fedorahosted.org smtp:[mailman01.stg.iad2.fedoraproject.org] lists.stg.pagure.io smtp:[mailman01.stg.iad2.fedoraproject.org] diff --git a/roles/opendkim/files/opendkim.conf b/roles/opendkim/files/opendkim.conf index 065a4b5f1e..03315f72b2 100644 --- a/roles/opendkim/files/opendkim.conf +++ b/roles/opendkim/files/opendkim.conf @@ -118,7 +118,7 @@ InternalHosts refile:/etc/opendkim/TrustedHosts ## whose mail should be neither signed nor verified by this filter. See man ## page for file format. # PeerList X.X.X.X -PeerList mx2.redhat.com +PeerList mx1.redhat.com ## Always oversign From (sign using actual From and a null From to prevent ## malicious signatures header fields (From and/or others) between the signer