X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fpostfix%2Ftemplates%2Fmain.cf-header.erb;h=093473887ba5acabe291832bc6f37849f24fc615;hb=9b3b9b27fccaa62aae90ef3713d3af0407116854;hp=6f6cbe504e92db5e4959f24b25a670104ab478cd;hpb=d0c098685b92334a611a0c596a35f538b95ead47;p=mirror%2Fdsa-puppet.git

diff --git a/modules/postfix/templates/main.cf-header.erb b/modules/postfix/templates/main.cf-header.erb
index 6f6cbe504..093473887 100644
--- a/modules/postfix/templates/main.cf-header.erb
+++ b/modules/postfix/templates/main.cf-header.erb
@@ -4,12 +4,12 @@ mydomain = debian.org
 compatibility_level = 2
 smtp_dns_support_level = dnssec
 
-<%- if scope.lookupvar('deprecated::nodeinfo')['smarthost'].empty? -%>
-smtp_tls_security_level = dane
-<%- else -%>
+<%- if @use_smarthost -%>
 smtp_tls_security_level = dane-only
 # yes, do MX lookups on the relayhost, since those have TLSA records
-relayhost = <%= scope.lookupvar('deprecated::nodeinfo')['smarthost'] %>:submission
+relayhost = <%= @smarthost %>:submission
+<%- else -%>
+smtp_tls_security_level = dane
 <%- end -%>
 
 # tls stuff