Majic Projects
Majic Ansible Roles
Go to the previous open issue
Go to the previous issue (open or closed)
star_faded.png
Please log in to bookmark issues
icon_project.png Majic Ansible Roles / Closed Enhancement MAR-232 Drop use of resolvable names for firewall configuration in the mail forwarder role
Go to the next issue (open or closed)
Go to the next open issue
This issue has been closed with status "Closed" and resolution "RESOLVED".
Issue basics
  • Type of issue
    Enhancement
  • Category
    Security
  • Targetted for
    8.0.0
  • Status
    Closed
  • Progress
  • Priority
    Must fix before next release
User pain
  • Type of bug
    Not triaged
  • Likelihood
    Not triaged
  • Effect
    Not triaged
Affected by this issue (0)
There are no items
People involved
Times and dates
  • Posted at
  • Last updated
  • Estimated time
    2 hours
  • Time spent
    1 hour, 40 minutes
    Click here to see time logged against this issue
Issue details
  • Resolution
    RESOLVED
Attachments (0)
There is nothing attached to this issue
Duplicate issues (0)
This issue does not have any duplicates
Show / hide more details »
Description

The mail_forwarder role still depends on resolvable names in the firewall configuration when allowing incoming connections from the SMTP relay server. This is problematic since when the firewall comes up the name will most likely not be resolvable at that point (the network hasn't been fully brought up).

Instead of resolvable name, the role should instead rely on IP address only.

The following should be done:

  • Update the mail_forwarder role.
    • Resolve the SMTP relay server name to an IP address during deployment. This can be done using the getent ahostsv4/ahostsv6 command.
    • Both IPv4 and IPv6 should be covered.
  • Update role reference documentation.
  • Update usage instructions.
  • Update release notes.
Todos (0 / 0)
Options
There are no comments