puppet: Only match incoming gateway address on our mail domain.

79931051bd allows outgoing emails from localhost, but outgoing recipients are still subjected to virtualmaps. This caused all outgoing email from Zulip with destination addresses containing `.`, `+`, or starting with `mm`, to be redirected back through the email gateway. Bracket the virualmap addresses used for local delivery to the mail gateway with a restriction on the domain matching the `postfix.mailname` configuration, regex-escaped, so those only apply to email destined for that domain. The hostname is _not_ moved from `mydestination` to `virtual_alias_domains`, as that would preclude delivery to actually-local addresses, like `postmaster@`.
2020-11-12 21:31:31 -08:00 · 2020-11-12 21:31:31 -08:00 · a53092687e
parent 961d1d0a68
commit a53092687e
2 changed files with 3 additions and 2 deletions
--- a/puppet/zulip/manifests/postfix_localmail.pp
+++ b/puppet/zulip/manifests/postfix_localmail.pp
@ -45,7 +45,7 @@ class zulip::postfix_localmail {
    mode    => '0644',
    owner   => root,
    group   => root,
-    source  => 'puppet:///modules/zulip/postfix/virtual',
+    content => template('zulip/postfix/virtual.erb'),
    require => Package[postfix],
    notify  => Service['postfix'],
  }
--- a/puppet/zulip/templates/postfix/virtual.erb
+++ b/puppet/zulip/templates/postfix/virtual.erb
@ -1,6 +1,7 @@
+if /@<%= Regexp.escape(@postfix_mailname) %>\.?$/
 # Changes to this list require a corresponding change to `access` as
 # well.
-
 /\+.*@/  zulip@localhost
 /\..*@/  zulip@localhost
 /^mm/    zulip@localhost
+endif