# {{ ansible_managed }}

{% if postfix_smtpd_public %}
iptables -A INPUT -p tcp --dport 25 -m comment --comment "postfix-smtp" -j ACCEPT
{% elif postfix_relay %}
iptables -A internal-in -p tcp --dport 25 -m comment --comment "postfix-smtp" -j ACCEPT
{% endif %}

{% if firewall_output_default_drop %}
iptables -A OUTPUT -p tcp --dport 25 -m owner --gid-owner postfix -m comment --comment "smtp" -j ACCEPT
{% endif %}