X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fpostfix%2Ftemplates%2Fmain.cf-header.erb;h=093473887ba5acabe291832bc6f37849f24fc615;hb=9fdc450dd92b609b1d6038f495c5c4dc7d39b417;hp=4bbeba441088cfc89510ca3f8118614ed5b322e3;hpb=9b30e3a790b513ee65d8d0cb777db120dcf1560c;p=mirror%2Fdsa-puppet.git

diff --git a/modules/postfix/templates/main.cf-header.erb b/modules/postfix/templates/main.cf-header.erb
index 4bbeba441..093473887 100644
--- a/modules/postfix/templates/main.cf-header.erb
+++ b/modules/postfix/templates/main.cf-header.erb
@@ -4,12 +4,12 @@ mydomain = debian.org
 compatibility_level = 2
 smtp_dns_support_level = dnssec
 
-<%- if scope.lookupvar('site::nodeinfo')['smarthost'].empty? -%>
-smtp_tls_security_level = dane
-<%- else -%>
+<%- if @use_smarthost -%>
 smtp_tls_security_level = dane-only
 # yes, do MX lookups on the relayhost, since those have TLSA records
-relayhost = <%= scope.lookupvar('site::nodeinfo')['smarthost'] %>:submission
+relayhost = <%= @smarthost %>:submission
+<%- else -%>
+smtp_tls_security_level = dane
 <%- end -%>
 
 # tls stuff