From 891a0b64888d6c685c23cde86b19e410cf6cc6f3 Mon Sep 17 00:00:00 2001
From: "James E. Blair" <jeblair@linux.vnet.ibm.com>
Date: Wed, 20 Jan 2016 09:23:45 -0800
Subject: [PATCH] Add storyboard exim router/transports

Configure routers and transports for storyboard based on
Mailman-style VERP addressing.

Messages accepted on the localhost interface with a sender address
matching "*-bounces@" (eg, "storyboard-bounces@storyboard.openstack.org"),
will be sent out with VERP addressing (eg
"storyboard-bounces+user=example.com@storyboard.openstack.org).  This
way storyboard can perform bounce processing on messages it receives
back to that address.

Messages addressed to either "storyboard@", "storyboard-bounces@",
or "storyboard-bounces+user=example.com@" will be delivered to storyboard
by calling the '/path/to/storyboard inject $localpart' command.
Storyboard may then parse the message as appropriate.

Change-Id: I854006c19b22b233bae5017e4ad04c10a37e0adc
Depends-On: Id4f69580eb126d058ee699f4e7bfdb01cfc7409c
---
 .../openstack_project/manifests/storyboard.pp | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/modules/openstack_project/manifests/storyboard.pp b/modules/openstack_project/manifests/storyboard.pp
index 5f9069a1c9..b4dcdfaa40 100644
--- a/modules/openstack_project/manifests/storyboard.pp
+++ b/modules/openstack_project/manifests/storyboard.pp
@@ -24,6 +24,44 @@ class openstack_project::storyboard(
   class { 'openstack_project::server':
     sysadmins                 => $sysadmins,
     iptables_public_tcp_ports => [80, 443],
+    manage_exim               => false,
+  }
+
+  class { '::exim':
+    sysadmins => $sysadmins,
+    routers => [
+      {'storyboard_verp_router' => {
+        'driver'              => 'dnslookup',
+        # we only consider messages sent in through loopback
+        'condition' => '${if or{{eq{$sender_host_address}{127.0.0.1}}\
+                         {eq{$sender_host_address}{::1}}}{yes}{no}}',
+        # we do not do this for traffic going to the local machine
+        'domains'             => '!+local_domains',
+        'ignore_target_hosts' => '<; 0.0.0.0; 64.94.110.11; 127.0.0.0/8; \
+                                  ::1/128;fe80::/10;fec0::/10;ff00::/8',
+        # only the un-VERPed bounce addresses are handled
+        'senders'             => '"*-bounces@*"',
+        'transport'           => 'storyboard_verp_smtp',
+      }},
+      # Send bounces to /dev/null until storyboard supports them.
+      {'storyboard' => {
+        'driver'                     => 'redirect',
+        'local_parts'                => 'storyboard',
+        'local_part_suffix_optional' => true,
+        'local_part_suffix'          => '-bounces : -bounces+*',
+        'data'                       => ':blackhole:',
+      }}
+      ],
+    transports => [
+      {'storyboard_verp_smtp' => {
+        'driver'         => 'smtp',
+        'return_path'    => '${local_part:$return_path}+$local_part\
+                             =$domain@${domain:$return_path}',
+        'max_rcpt'       => '1',
+        'headers_remove' => 'Errors-To',
+        'headers_add'    => 'Errors-To: ${return_path}',
+      }}
+      ],
   }
 
   mysql_backup::backup_remote { 'storyboard':