X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Froles%2Fmanifests%2Fmta.pp;h=22fbb6619fb6a0082986c89e2f86c566c0cb1eb2;hb=703c296014e23beedfb75c1d45b4ad3f7a56e26a;hp=511a00b7109f0ff8aca176a2127b7a3b22f2972f;hpb=0419e52aab23ded081fc5f8e4e567ad9be84bd15;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/mta.pp b/modules/roles/manifests/mta.pp
index 511a00b71..22fbb6619 100644
--- a/modules/roles/manifests/mta.pp
+++ b/modules/roles/manifests/mta.pp
@@ -32,11 +32,7 @@ class roles::mta(
   if $mxdata and $mxdata.any |$item| { $item =~ /INCOMING-MX/ } {
     # a mail satellite.  Gets mail via the mailrelays and sends out mail via the mail relays
 
-    @@concat::fragment { "manualroute-to-${::fqdn}":
-      tag     => 'exim::manualroute::to::mailrelay',
-      target  => '/etc/exim4/manualroute',
-      content => "${::fqdn}:   ${::fqdn}::${mailport}",
-    }
+    exim::manualroute{ $::fqdn: }
 
     @@ferm::rule::simple { "submission-from-${::fqdn}":
       tag   => 'smtp::server::submission::to::mail-relay',
@@ -55,10 +51,7 @@ class roles::mta(
       fail('We are not an exim::mx (or a postfix) yet do not have set our MXs to INCOMING-MX.')
     }
 
-    ferm::rule::simple { 'dsa-smtp':
-      description => 'Allow smtp access from the world',
-      port        => '25',
-    }
+    # firewall allow is done by the exim::mx class
   }
 
   $autocertdir = hiera('paths.auto_certs_dir')